bongdaplus.vn Open in urlscan Pro
42.117.1.227 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Submission: On August 29 via manual (August 29th 2022, 12:46:12 am UTC) from VN — Scanned from DE

Summary HTTP 644 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 108 IPs in 15 countries across 73 domains to perform 644 HTTP transactions. The main IP is 42.117.1.227, located in Ho Chi Minh City, Viet Nam and belongs to FPT-AS-AP FPT Telecom Company, VN. The main domain is bongdaplus.vn. The Cisco Umbrella rank of the primary domain is 253347.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 13th 2021. Valid for: a year.

This is the only time bongdaplus.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
87	42.117.1.227 42.117.1.227	18403 (FPT-AS-AP...) (FPT-AS-AP FPT Telecom Company)
4	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	103.151.240.2 103.151.240.2	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
2	151.139.242.29 151.139.242.29	33438 (STACKPATH) (STACKPATH)
9	2405:f980::1:13 2405:f980::1:13	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
2	205.234.175.175 205.234.175.175	23352 (SERVERCEN...) (SERVERCENTRAL)
1	2a04:4e42::645 2a04:4e42::645	54113 (FASTLY) (FASTLY)
4	138.199.37.231 138.199.37.231	60068 (CDN77 ^_^) (CDN77 ^_^)
1	89.187.169.3 89.187.169.3	60068 (CDN77 ^_^) (CDN77 ^_^)
34	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
55	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:17e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
8	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	171.244.15.69 171.244.15.69	38731 (VTDC-AS-V...) (VTDC-AS-VN Vietel - CHT Compamy Ltd)
4	123.30.139.122 123.30.139.122	7643 (VNPT-AS-V...) (VNPT-AS-VN Vietnam Posts and Telecommunications VNPT)
4	2606:4700:10:... 2606:4700:10::ac43:1755	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7c60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4a72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	45.79.126.27 45.79.126.27	63949 (LINODE-AP...) (LINODE-AP Linode)
1	185.64.190.75 185.64.190.75	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	184.51.9.34 184.51.9.34	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.255.154.87 54.255.154.87	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	141.95.98.66 141.95.98.66	16276 (OVH) (OVH)
8	192.96.200.41 192.96.200.41	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	198.47.127.22 198.47.127.22	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3 3	3.120.3.232 3.120.3.232	16509 (AMAZON-02) (AMAZON-02)
2 2	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
2	52.220.229.2 52.220.229.2	16509 (AMAZON-02) (AMAZON-02)
1 1	18.138.18.111 18.138.18.111	16509 (AMAZON-02) (AMAZON-02)
1 2	52.30.246.43 52.30.246.43	16509 (AMAZON-02) (AMAZON-02)
1	34.251.71.171 34.251.71.171	16509 (AMAZON-02) (AMAZON-02)
2	104.16.200.58 104.16.200.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2606:4700::68... 2606:4700::6810:75c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	123.30.151.88 123.30.151.88	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
4	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
41	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
21 26	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
10 20	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 15	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
6	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
6	104.96.128.226 104.96.128.226	16625 (AKAMAI-AS) (AKAMAI-AS)
37	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
17	138.201.135.164 138.201.135.164	24940 (HETZNER-AS) (HETZNER-AS)
1 4	46.4.10.49 46.4.10.49	24940 (HETZNER-AS) (HETZNER-AS)
1 4	78.46.111.106 78.46.111.106	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.84.245 138.201.84.245	24940 (HETZNER-AS) (HETZNER-AS)
1 5	138.201.63.164 138.201.63.164	24940 (HETZNER-AS) (HETZNER-AS)
1 4	178.63.52.121 178.63.52.121	24940 (HETZNER-AS) (HETZNER-AS)
6	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
3	42.112.37.35 42.112.37.35	18403 (FPT-AS-AP...) (FPT-AS-AP FPT Telecom Company)
1	14.225.10.21 14.225.10.21	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
10 10	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
5	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
4	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
4 8	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
4	167.233.14.134 167.233.14.134	24940 (HETZNER-AS) (HETZNER-AS)
4	52.56.49.215 52.56.49.215	16509 (AMAZON-02) (AMAZON-02)
2 2	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
5	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	65.9.66.42 65.9.66.42	16509 (AMAZON-02) (AMAZON-02)
4	99.86.4.53 99.86.4.53	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
5	2405:f980::1:10 2405:f980::1:10	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
6	123.30.139.73 123.30.139.73	7643 (VNPT-AS-V...) (VNPT-AS-VN Vietnam Posts and Telecommunications VNPT)
5	2606:4700:303... 2606:4700:3038::6815:eb59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	211.21.190.218 211.21.190.218	3462 (HINET Dat...) (HINET Data Communication Business Group)
9	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:20:... 2606:4700:20::681a:467	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
1	104.17.119.107 104.17.119.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	52.56.221.73 52.56.221.73	16509 (AMAZON-02) (AMAZON-02)
11	35.227.207.122 35.227.207.122	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
2	14.225.10.11 14.225.10.11	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2 7	2606:4700:10:... 2606:4700:10::ac43:2682	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	188.65.124.90 188.65.124.90	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
15	178.79.242.181 178.79.242.181	22822 (LLNW) (LLNW)
1	123.30.151.81 123.30.151.81	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
6	188.65.124.59 188.65.124.59	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	188.65.124.91 188.65.124.91	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
1	188.65.124.66 188.65.124.66	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
3	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	52.163.176.16 52.163.176.16	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	211.22.126.82 211.22.126.82	3462 (HINET Dat...) (HINET Data Communication Business Group)
2	104.215.146.81 104.215.146.81	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.98.75.180 23.98.75.180	() ()
644	108

87 42.117.1.227 (Ho Chi Minh City, Viet Nam)

ASN18403 (FPT-AS-AP FPT Telecom Company, VN)

bongdaplus.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 103.151.240.2 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)

cdn.bongdaplus.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.242.29 (United States)

ASN33438 (STACKPATH, US)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2405:f980::1:13 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)

media1.admicro.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.contineljs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.aiservice.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net

gamma.cachefly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::645 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.199.37.231 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-231.datapacket.com

cdn.unibots.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.187.169.3 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-3.cdn77.com

cdn.unibotscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:17e (United States)

ASN13335 (CLOUDFLARENET, US)

increaserev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.19.134.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 171.244.15.69 (Viet Nam)

ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN)

script.novanet.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.novanet.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 123.30.139.122 (Viet Nam)

ASN7643 (VNPT-AS-VN Vietnam Posts and Telecommunications VNPT, VN)
PTR: static.vnpt.vn

pub.lavanetwork.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pub.lavamedia.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:1755 (United States)

ASN13335 (CLOUDFLARENET, US)

tenmax-static.cacafly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7c60 (United States)

ASN13335 (CLOUDFLARENET, US)

www.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4a72 (United States)

ASN13335 (CLOUDFLARENET, US)

secureads.increaserev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.79.126.27 (Mumbai, India)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: 45-79-126-27.ip.linodeusercontent.com

api.unibots.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

sshowads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.9.34 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-34.deploy.static.akamaitechnologies.com

aktrack.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.255.154.87 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-154-87.ap-southeast-1.compute.amazonaws.com

tag.gammaplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.66 (France)

ASN16276 (OVH, FR)
PTR: ns3216537.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.96.200.41 (Ashburn, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.22 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.120.3.232 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-3-232.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.196.115 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.220.229.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com

cm.gammaplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.138.18.111 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com

cm.ambientdsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.246.43 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-246-43.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.71.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-71-171.eu-west-1.compute.amazonaws.com

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.200.58 (None, )

ASN13335 (CLOUDFLARENET, US)

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5a9c3873c33303a4ac7e0ee43d1a44d8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:75c3 (United States)

ASN13335 (CLOUDFLARENET, US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 123.30.151.88 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

lg1.logging.admicro.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 216.58.212.130 (United States) 21 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.18.19.126 (None, ) 10 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 37.252.172.250 (Frankfurt am Main, Germany) 8 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.96.128.226 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-128-226.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 138.201.135.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.4.10.49 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de

hal90001.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.111.106 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de

hal900027.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.245 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de

hal900025.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.164 (Nagold, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de

hal90006.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.63.52.121 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.121.52.63.178.clients.your-server.de

hal900020.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 42.112.37.35 (Ho Chi Minh City, Viet Nam)

ASN18403 (FPT-AS-AP FPT Telecom Company, VN)

adi.admicro.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 14.225.10.21 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)
PTR: static.vnpt.vn

adminplayer.sohatv.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 145.239.193.130 (France) 10 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a01:4f8:d0a:2321::2 (Gunzenhausen, Germany) 4 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 167.233.14.134 (Oberschleissheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-2.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.56.49.215 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-49-215.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.23.99.218 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.66.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-42.fra56.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2405:f980::1:10 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)

sspapi.admicro.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amcdn.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg.nanda.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.philacct.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.amcdn.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 123.30.139.73 (Viet Nam)

ASN7643 (VNPT-AS-VN Vietnam Posts and Telecommunications VNPT, VN)
PTR: betteabs.net

delivery.lavamedia.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3038::6815:eb59 (United States)

ASN13335 (CLOUDFLARENET, US)

player.gliacloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 211.21.190.218 (Hsinchu County, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 211-21-190-218.hinet-ip.hinet.net

ssp.tenmax.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.56.221.73 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-221-73.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 35.227.207.122 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 122.207.227.35.bc.googleusercontent.com

pixel.gliacloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 14.225.10.11 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)
PTR: static.vnpt.vn

rec.aiservice.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

bd.urekamedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::ac43:2682 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

tag.adbro.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adbro.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apis.adbro.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.65.124.90 (France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: fp.dc3.dailymotion.com

geo.dailymotion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.dailymotion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 178.79.242.181 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-181.fra.llnw.net

static1.dmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vendorlist.dmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 123.30.151.81 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

fgp.philacct.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.65.124.59 (France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ebed2.dm.gg

pebed.dm-event.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.91 (France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: st.dc3.dailymotion.com

speedtest.dailymotion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.66 (France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com

dmxleo.dailymotion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.163.176.16 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

tenmaxsgads.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 211.22.126.82 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 211-22-126-82.hinet-ip.hinet.net

ads-cdn.tenmax.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.215.146.81 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

rtb.tenmax.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.98.75.180 (None, )

ASN- ()

ads.tenmax.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
109	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 159 5a9c3873c33303a4ac7e0ee43d1a44d8.safeframe.googlesyndication.com ade.googlesyndication.com — Cisco Umbrella Rank: 285	827 KB
96	bongdaplus.vn bongdaplus.vn — Cisco Umbrella Rank: 253347 cdn.bongdaplus.vn — Cisco Umbrella Rank: 336254	3 MB
59	doubleclick.net 21 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 108 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 cm.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 303	549 KB
38	redintelligence.net 5 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 44819 hal90001.redintelligence.net — Cisco Umbrella Rank: 352849 hal900027.redintelligence.net — Cisco Umbrella Rank: 382082 hal900025.redintelligence.net — Cisco Umbrella Rank: 401162 hal90006.redintelligence.net — Cisco Umbrella Rank: 308040 hal900020.redintelligence.net — Cisco Umbrella Rank: 405374	928 KB
37	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 280	1 MB
20	casalemedia.com 10 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525	17 KB
20	admicro.vn media1.admicro.vn — Cisco Umbrella Rank: 33787 lg1.logging.admicro.vn — Cisco Umbrella Rank: 28113 adi.admicro.vn — Cisco Umbrella Rank: 43494 sspapi.admicro.vn — Cisco Umbrella Rank: 43408	190 KB
18	tenmax.io ssp.tenmax.io — Cisco Umbrella Rank: 105560 ads-cdn.tenmax.io — Cisco Umbrella Rank: 282628 rtb.tenmax.io — Cisco Umbrella Rank: 194645 ads.tenmax.io	241 KB
16	gliacloud.com player.gliacloud.com — Cisco Umbrella Rank: 60577 pixel.gliacloud.com — Cisco Umbrella Rank: 61533	189 KB
16	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54 ajax.googleapis.com — Cisco Umbrella Rank: 286 imasdk.googleapis.com — Cisco Umbrella Rank: 440	667 KB
16	adnxs.com 8 redirects ib.adnxs.com — Cisco Umbrella Rank: 230 acdn.adnxs.com — Cisco Umbrella Rank: 604	31 KB
15	dmcdn.net static1.dmcdn.net — Cisco Umbrella Rank: 9496 vendorlist.dmcdn.net — Cisco Umbrella Rank: 12670	533 KB
12	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 22849 api.webgains.io — Cisco Umbrella Rank: 57585	340 KB
12	medialead.de 12 redirects pv.medialead.de — Cisco Umbrella Rank: 47242 medialead.de — Cisco Umbrella Rank: 46815	5 KB
12	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 7117 c.mgid.com — Cisco Umbrella Rank: 5010 cdn.mgid.com — Cisco Umbrella Rank: 9229 servicer.mgid.com — Cisco Umbrella Rank: 7251 s-img.mgid.com — Cisco Umbrella Rank: 4261 cm.mgid.com — Cisco Umbrella Rank: 2193	149 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	150 KB
11	google.com www.google.com — Cisco Umbrella Rank: 9 adservice.google.com — Cisco Umbrella Rank: 88	2 KB
10	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 492 sshowads.pubmatic.com — Cisco Umbrella Rank: 14158 aktrack.pubmatic.com — Cisco Umbrella Rank: 964 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 493 image6.pubmatic.com — Cisco Umbrella Rank: 634	91 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	373 KB
8	retailads.net 4 redirects cdn.retailads.net — Cisco Umbrella Rank: 216319	22 KB
8	aralego.com hb.aralego.com — Cisco Umbrella Rank: 18883 sync.aralego.com — Cisco Umbrella Rank: 2851	2 KB
8	lavamedia.vn pub.lavamedia.vn — Cisco Umbrella Rank: 213896 delivery.lavamedia.vn — Cisco Umbrella Rank: 108862	8 KB
7	adbro.me 2 redirects tag.adbro.me — Cisco Umbrella Rank: 25828 cdn.adbro.me — Cisco Umbrella Rank: 28126 apis.adbro.me — Cisco Umbrella Rank: 34943	66 KB
6	dm-event.net pebed.dm-event.net — Cisco Umbrella Rank: 10587	1 KB
6	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1030	1 KB
6	openx.net us-u.openx.net — Cisco Umbrella Rank: 399	870 B
6	unibots.in cdn.unibots.in — Cisco Umbrella Rank: 46004 api.unibots.in — Cisco Umbrella Rank: 41197	30 KB
5	dailymotion.com geo.dailymotion.com — Cisco Umbrella Rank: 10062 www.dailymotion.com — Cisco Umbrella Rank: 10460 speedtest.dailymotion.com — Cisco Umbrella Rank: 11039 dmxleo.dailymotion.com — Cisco Umbrella Rank: 9656	35 KB
5	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 91389	375 KB
5	media01.eu pb.media01.eu — Cisco Umbrella Rank: 46022	1 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 111	339 B
4	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 67755	7 KB
4	webgains.com track.webgains.com — Cisco Umbrella Rank: 47115	7 KB
4	futalis.de futalis.de — Cisco Umbrella Rank: 256925	2 KB
4	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 271855	3 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2790	1 KB
4	cacafly.net tenmax-static.cacafly.net — Cisco Umbrella Rank: 94479	55 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6076 adservice.google.de — Cisco Umbrella Rank: 8811	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45 region1.google-analytics.com — Cisco Umbrella Rank: 3094	20 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	235 KB
3	rubiconproject.com eus.rubiconproject.com — Cisco Umbrella Rank: 582 token.rubiconproject.com — Cisco Umbrella Rank: 711	11 KB
3	aiservice.vn js.aiservice.vn — Cisco Umbrella Rank: 43772 rec.aiservice.vn — Cisco Umbrella Rank: 45491	2 KB
3	crwdcntrl.net 1 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 820 ad.crwdcntrl.net — Cisco Umbrella Rank: 6964	553 B
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	2 KB
3	gammaplatform.com tag.gammaplatform.com — Cisco Umbrella Rank: 95969 cm.gammaplatform.com — Cisco Umbrella Rank: 32949	3 KB
3	increaserev.com increaserev.com — Cisco Umbrella Rank: 76147 secureads.increaserev.com — Cisco Umbrella Rank: 93380	15 KB
2	windows.net tenmaxsgads.blob.core.windows.net — Cisco Umbrella Rank: 335340	5 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 521	1 KB
2	philacct.com static.philacct.com — Cisco Umbrella Rank: 60499 fgp.philacct.com — Cisco Umbrella Rank: 46552	15 KB
2	amcdn.vn amcdn.vn — Cisco Umbrella Rank: 32716 static.amcdn.vn — Cisco Umbrella Rank: 37936	9 KB
2	glotgrx.com pre.glotgrx.com — Cisco Umbrella Rank: 6857	438 B
2	yabidos.com pixel.yabidos.com — Cisco Umbrella Rank: 6689	25 KB
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2016	1 KB
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 508 cdn.id5-sync.com — Cisco Umbrella Rank: 1301	13 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 422	103 KB
2	lavanetwork.net pub.lavanetwork.net — Cisco Umbrella Rank: 267453	2 KB
2	novanet.vn script.novanet.vn — Cisco Umbrella Rank: 206965 ads.novanet.vn — Cisco Umbrella Rank: 195549 Failed	10 KB
2	cachefly.net gamma.cachefly.net — Cisco Umbrella Rank: 79555	8 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 13009	5 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	87 KB
1	urekamedia.com bd.urekamedia.com — Cisco Umbrella Rank: 164750	3 KB
1	brealtime.com biddr.brealtime.com — Cisco Umbrella Rank: 2946	1 KB
1	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 8473	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 882	476 B
1	nanda.vn lg.nanda.vn — Cisco Umbrella Rank: 42739	464 B
1	contineljs.com static.contineljs.com — Cisco Umbrella Rank: 41176	4 KB
1	sohatv.vn adminplayer.sohatv.vn — Cisco Umbrella Rank: 39784	10 KB
1	ambientdsp.com 1 redirects cm.ambientdsp.com — Cisco Umbrella Rank: 24110	591 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 371	265 B
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 5826	194 B
1	cloudflare.com www.cloudflare.com — Cisco Umbrella Rank: 6427	447 B
1	unibotscdn.com cdn.unibotscdn.com — Cisco Umbrella Rank: 82074	40 KB
1	anymind360.com anymind360.com — Cisco Umbrella Rank: 17845	27 KB
644	73

	Domain	Requested by
87	bongdaplus.vn	bongdaplus.vn
55	pagead2.googlesyndication.com	bongdaplus.vn 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net
41	tpc.googlesyndication.com	5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net bongdaplus.vn
37	s0.2mdn.net	bongdaplus.vn s0.2mdn.net imasdk.googleapis.com
26	cm.g.doubleclick.net	21 redirects googleads.g.doubleclick.net
20	dsum-sec.casalemedia.com	10 redirects googleads.g.doubleclick.net
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com bongdaplus.vn
17	hal9000.redintelligence.net	5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com hal900027.redintelligence.net hal90001.redintelligence.net hal900020.redintelligence.net hal900025.redintelligence.net
15	ib.adnxs.com	8 redirects googleads.g.doubleclick.net acdn.adnxs.com
14	static1.dmcdn.net	geo.dailymotion.com static1.dmcdn.net
11	pixel.gliacloud.com	bongdaplus.vn
10	pv.medialead.de	10 redirects
9	ads-cdn.tenmax.io	tenmax-static.cacafly.net ads-cdn.tenmax.io
9	fonts.gstatic.com	fonts.googleapis.com
9	lg1.logging.admicro.vn	bongdaplus.vn media1.admicro.vn
9	5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
9	www.googletagservices.com	cdn.unibots.in 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
9	cdn.bongdaplus.vn	bongdaplus.vn tag.adbro.me
8	api.webgains.io	analytics.webgains.io
8	fonts.googleapis.com	hal900027.redintelligence.net hal90001.redintelligence.net hal900020.redintelligence.net hal900025.redintelligence.net player.gliacloud.com
8	cdn.retailads.net	4 redirects futalis.de
8	www.google.com	bongdaplus.vn 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com tpc.googlesyndication.com
7	hb.aralego.com	cdn.jsdelivr.net
7	securepubads.g.doubleclick.net	bongdaplus.vn securepubads.g.doubleclick.net bd.urekamedia.com
7	media1.admicro.vn	bongdaplus.vn tag.gammaplatform.com media1.admicro.vn
6	pebed.dm-event.net	geo.dailymotion.com static1.dmcdn.net
6	ssp.tenmax.io	tenmax-static.cacafly.net
6	delivery.lavamedia.vn	pub.lavamedia.vn delivery.lavamedia.vn bongdaplus.vn
6	googleads4.g.doubleclick.net	bongdaplus.vn
6	sync.teads.tv	googleads.g.doubleclick.net
6	us-u.openx.net	googleads.g.doubleclick.net
5	player.gliacloud.com	bongdaplus.vn player.gliacloud.com
5	ad-server.eu	5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com hal90006.redintelligence.net
5	pb.media01.eu	hal900027.redintelligence.net hal90001.redintelligence.net hal90006.redintelligence.net hal900020.redintelligence.net hal900025.redintelligence.net
5	hal90006.redintelligence.net	1 redirects 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com hal90006.redintelligence.net
5	ads.pubmatic.com	bongdaplus.vn jsc.mgid.com cdn.jsdelivr.net
5	www.facebook.com	bongdaplus.vn connect.facebook.net
4	tag.adbro.me	2 redirects bongdaplus.vn
4	imasdk.googleapis.com	player.gliacloud.com geo.dailymotion.com static1.dmcdn.net imasdk.googleapis.com
4	ajax.googleapis.com	hal90006.redintelligence.net s0.2mdn.net
4	cdn.track.production.webgains.team	5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com track.webgains.com
4	analytics.webgains.io	track.webgains.com
4	track.webgains.com	bongdaplus.vn
4	futalis.de	hal900027.redintelligence.net hal90001.redintelligence.net hal900020.redintelligence.net hal900025.redintelligence.net
4	adv.office-partner.de	hal900027.redintelligence.net hal90001.redintelligence.net hal900020.redintelligence.net hal900025.redintelligence.net
4	hal900020.redintelligence.net	1 redirects 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com hal900020.redintelligence.net
4	hal900025.redintelligence.net	1 redirects 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com hal900025.redintelligence.net
4	hal900027.redintelligence.net	1 redirects 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com hal900027.redintelligence.net
4	hal90001.redintelligence.net	1 redirects 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com hal90001.redintelligence.net
4	s-img.mgid.com	bongdaplus.vn
4	tenmax-static.cacafly.net	bongdaplus.vn tenmax-static.cacafly.net
4	cdn.unibots.in	bongdaplus.vn cdn.unibots.in
4	www.googletagmanager.com	bongdaplus.vn cdn.unibots.in www.googletagmanager.com player.gliacloud.com
3	ade.googlesyndication.com
3	adi.admicro.vn	media1.admicro.vn
3	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	x.bidswitch.net	3 redirects
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	rtb.tenmax.io	tenmax-static.cacafly.net
2	tenmaxsgads.blob.core.windows.net	tenmax-static.cacafly.net
2	www.gstatic.com	static1.dmcdn.net www.gstatic.com
2	geo.dailymotion.com	player.gliacloud.com geo.dailymotion.com
2	cdn.adbro.me	bongdaplus.vn
2	rec.aiservice.vn	bongdaplus.vn
2	sync.search.spotxchange.com	1 redirects bongdaplus.vn
2	eus.rubiconproject.com	cdn.jsdelivr.net eus.rubiconproject.com
2	medialead.de	2 redirects
2	mug.criteo.com	bongdaplus.vn
2	gum.criteo.com	1 redirects
2	cm.mgid.com	jsc.mgid.com
2	cdn.mgid.com	bongdaplus.vn
2	pre.glotgrx.com	bongdaplus.vn
2	image6.pubmatic.com	ads.pubmatic.com
2	pixel.yabidos.com	tag.gammaplatform.com pixel.yabidos.com
2	bcp.crwdcntrl.net	1 redirects bongdaplus.vn
2	cm.gammaplatform.com	bongdaplus.vn
2	ads.betweendigital.com	2 redirects
2	cdn.jsdelivr.net	cdn.unibots.in player.gliacloud.com
2	api.unibots.in	cdn.unibots.in cdn.jsdelivr.net
2	secureads.increaserev.com	increaserev.com
2	pub.lavamedia.vn	bongdaplus.vn tag.adbro.me
2	pub.lavanetwork.net	bongdaplus.vn ads.novanet.vn
2	jsc.mgid.com	bongdaplus.vn jsc.mgid.com
2	gamma.cachefly.net	bongdaplus.vn ads.pubmatic.com
2	images.dmca.com	bongdaplus.vn
2	stats.g.doubleclick.net	www.google-analytics.com
2	connect.facebook.net	bongdaplus.vn connect.facebook.net
1	ads.tenmax.io
1	apis.adbro.me	tag.adbro.me
1	dmxleo.dailymotion.com	static1.dmcdn.net
1	speedtest.dailymotion.com	static1.dmcdn.net
1	vendorlist.dmcdn.net	static1.dmcdn.net
1	www.dailymotion.com	geo.dailymotion.com
1	fgp.philacct.com	bongdaplus.vn
1	5a9c3873c33303a4ac7e0ee43d1a44d8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	bd.urekamedia.com	adi.admicro.vn
1	token.rubiconproject.com	eus.rubiconproject.com
1	sync.aralego.com	cdn.aralego.net
1	biddr.brealtime.com	cdn.jsdelivr.net
1	acdn.adnxs.com	cdn.jsdelivr.net
1	cdn.aralego.net	cdn.jsdelivr.net
1	static.amcdn.vn	lg1.logging.admicro.vn
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.philacct.com	media1.admicro.vn
1	lg.nanda.vn	bongdaplus.vn
1	amcdn.vn	bongdaplus.vn
1	js.aiservice.vn	media1.admicro.vn
1	static.contineljs.com	media1.admicro.vn
1	sspapi.admicro.vn	media1.admicro.vn
1	ads.novanet.vn	script.novanet.vn bongdaplus.vn
1	adminplayer.sohatv.vn	media1.admicro.vn
1	cdn.id5-sync.com	jsc.mgid.com
1	servicer.mgid.com	jsc.mgid.com
1	c.mgid.com	jsc.mgid.com
1	ad.crwdcntrl.net	tag.gammaplatform.com
1	cm.ambientdsp.com	1 redirects
1	match.adsrvr.org	tag.gammaplatform.com
1	hbopenbid.pubmatic.com	cdn.jsdelivr.net
1	id5-sync.com	cdn.jsdelivr.net
1	region1.google-analytics.com	www.googletagmanager.com
1	pro.ip-api.com	cdn.unibots.in
1	tag.gammaplatform.com	gamma.cachefly.net
1	aktrack.pubmatic.com	ads.pubmatic.com
1	sshowads.pubmatic.com	ads.pubmatic.com
1	www.cloudflare.com	increaserev.com
1	script.novanet.vn	bongdaplus.vn
1	increaserev.com	bongdaplus.vn
1	www.google.de	bongdaplus.vn
1	cdn.unibotscdn.com	bongdaplus.vn
1	anymind360.com	bongdaplus.vn
644	131

This site contains links to these domains. Also see Links.

Domain
bongdaphui.net
facebook.com
www.youtube.com
member.bongdaplus.vn
www.dmca.com

Subject Issuer	Validity	Valid
*.bongdaplus.vn Sectigo RSA Domain Validation Secure Server CA	`2021-09-13` - `2022-09-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-07` - `2022-09-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
images.dmca.com Go Daddy Secure Certificate Authority - G2	`2022-03-11` - `2023-03-29`	a year	crt.sh
*.admicro.vn Sectigo RSA Domain Validation Secure Server CA	`2021-11-25` - `2022-11-02`	a year	crt.sh
*.cachefly.net GlobalSign RSA OV SSL CA 2018	`2021-10-18` - `2022-11-19`	a year	crt.sh
anymind360.com R3	`2022-07-02` - `2022-09-30`	3 months	crt.sh
cdn.unibots.in R3	`2022-07-31` - `2022-10-29`	3 months	crt.sh
cdn.unibotscdn.com R3	`2022-07-30` - `2022-10-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-25` - `2023-04-25`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.novanet.vn Sectigo RSA Domain Validation Secure Server CA	`2021-11-03` - `2022-11-03`	a year	crt.sh
pub.lavanetwork.net R3	`2022-07-08` - `2022-10-06`	3 months	crt.sh
pub.lavamedia.vn R3	`2022-08-19` - `2022-11-17`	3 months	crt.sh
www.cloudflare.com Cloudflare Inc ECC CA-3	`2022-08-18` - `2023-08-18`	a year	crt.sh
api.unibots.in R3	`2022-07-15` - `2022-10-13`	3 months	crt.sh
*.gammaplatform.com Go Daddy Secure Certificate Authority - G2	`2022-06-15` - `2023-07-17`	a year	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-21` - `2022-11-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.logging.admicro.vn Sectigo RSA Domain Validation Secure Server CA	`2022-06-17` - `2023-07-18`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
redintelligence.net R3	`2022-08-02` - `2022-10-31`	3 months	crt.sh
*.sohatv.vn Sectigo RSA Domain Validation Secure Server CA	`2021-10-29` - `2022-10-09`	a year	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-20` - `2023-05-21`	a year	crt.sh
adv.office-partner.de R3	`2022-07-05` - `2022-10-03`	3 months	crt.sh
*.futalis.de R3	`2022-08-20` - `2022-11-18`	3 months	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-08-08` - `2023-09-06`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G1	`2022-06-17` - `2023-06-18`	a year	crt.sh
delivery.lavamedia.vn R3	`2022-06-07` - `2022-09-05`	3 months	crt.sh
gliacloud.com Cloudflare Inc ECC CA-3	`2022-07-04` - `2023-07-04`	a year	crt.sh
*.contineljs.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-10-24`	a year	crt.sh
*.aiservice.vn Sectigo RSA Domain Validation Secure Server CA	`2021-12-08` - `2023-01-08`	a year	crt.sh
*.amcdn.vn Sectigo RSA Domain Validation Secure Server CA	`2021-12-08` - `2023-01-08`	a year	crt.sh
*.nanda.vn Sectigo RSA Domain Validation Secure Server CA	`2022-05-28` - `2023-06-28`	a year	crt.sh
*.tenmax.io Gandi Standard SSL CA 2	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.philacct.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-10-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2022-01-21` - `2023-02-22`	a year	crt.sh
pixel.gliacloud.com GTS CA 1D4	`2022-08-19` - `2022-11-17`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
www.dailymotion.com ZeroSSL RSA Domain Secure Site CA	`2022-08-12` - `2022-11-10`	3 months	crt.sh
*.dmcdn.net ZeroSSL RSA Domain Secure Site CA	`2022-07-12` - `2022-10-10`	3 months	crt.sh
*.dm-event.net ZeroSSL RSA Domain Secure Site CA	`2022-08-16` - `2022-11-14`	3 months	crt.sh
speedtest.dailymotion.com ZeroSSL RSA Domain Secure Site CA	`2022-08-27` - `2022-11-25`	3 months	crt.sh
dmxleo.dailymotion.com ZeroSSL RSA Domain Secure Site CA	`2022-06-26` - `2022-09-24`	3 months	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2022-08-17` - `2023-08-17`	a year	crt.sh

This page contains 76 frames:

Primary Page: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Frame ID: 816FA8EE05FAEDDF3F40F364D1747F21
Requests: 280 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html
Frame ID: 4047D97FE61D02DFA4CB006FF92496C9
Requests: 1 HTTP requests in this frame

Frame: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3D710DDAE11F70F813CB6A2874103AF8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D
Frame ID: 2FF4902B102E7785766487622EA33D0C
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=166173396067546113891
Frame ID: F3B84915182D6E4A8D82DE3E232EA7C6
Requests: 1 HTTP requests in this frame

Frame: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 98681AE2D8FBAF75E60CF0A4625DF2CD
Requests: 12 HTTP requests in this frame

Frame: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9A6A13F1127732E155A9AF38A9630A40
Requests: 17 HTTP requests in this frame

Frame: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 312FE22895B07E9493A457D3291C097B
Requests: 17 HTTP requests in this frame

Frame: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EB3E5DD22EA54D1E56718563D5726B68
Requests: 17 HTTP requests in this frame

Frame: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7C7C01E5575877A4918E42AFD8872B64
Requests: 16 HTTP requests in this frame

Frame: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D6524E9A0CAE9B34B50C84DDE97D12A6
Requests: 16 HTTP requests in this frame

Frame: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DB4CECC68C8F344AF98E3E3F77A598C7
Requests: 17 HTTP requests in this frame

Frame: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 387CDC25C630BDBC6A03BF6057E45754
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNUHoWjr9RTX--kViCq93ut7ha-nk6Ki98SCo_5ND4QZInMM1tZtbnNwTtcADRqNHPBCidtrprmDaJ0VhVlQU9_-6G7PQuRg8eyqnF7JyS3YGXfNUnsyQXFS32PKSlL2gpD9d1bdK9izMYusU2rtjxNSBus3fVoZaSWXmLdE605bxMK6ip4
Frame ID: 0C474B37F61F5C45266DC95A27EE437A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY9P6pXTAB&v=APEucNXI5vf6I873N3WrWtVVxVKzT-1AdZzJEEnAUzL_ufkdNVqIteYX48QKWKA8t_8AJgTYtk8sMjRicCY3zIIlbS7a_Sll2FSkEAlpSkMfR4X-rjEgw632BWUfKgNvUXal92oXd1fhbeiE9C_8S0JkOQSLHFFoi1u2gi2MF1zqFoVdLV-48Nk
Frame ID: 09191C0625E3C242A75C0AC77E2EFEA6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY9P6pXTAB&v=APEucNUOcMZ5aD1M_qfELpKDIoZnB9daIsZvynv6WLsfzGsb1BhokrX5_rXHy2GklSEp-N8qO-PNARH8OGGp9NmSsK2E_R6Cr6FvDkkmPxU3q7PlIRNVLDwYrOBBz53dlWws2IZWE65ZRZPpLc9j4A2QhDKonzri9DMXAQCiUZZ14Zr_lNmbCuk
Frame ID: 49346B6CE3D002DBD9CD3122137DA87C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY9P6pXTAB&v=APEucNX4dOi9DkhKK1tLxeiQRbbrdKMJ4xzYYrbsNW2TB-pOB_L3gjID_xbdMRVWxKZEtDmAil_9EWFyNtkDQf1DbyXUFKpMCkhgSwWdTs0aAeFru9R1AayyAxj251zCoExS2GRk92hjfZNC0_VOUWtkaEv7fqej5_J5EQhu0wpLEHS6TTIat2c
Frame ID: 6F1CE8FD4D298582D448E6040E4A735C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY9P6pXTAB&v=APEucNUx-2SOWXScd0j3lLSLrYUFwtrzRjWsKnQWLFKhsnbA8irSBe8M3JlPFMbe3Ai8p4wGYaLFPNnQk9eI6qW79iEppQdbbASfaBmfUOz9Ism2yBqLHSv0hHbUdoVytraJIxrvROmLXp5GQASy1VxNEctdi8wXp4j4aOxw3cBiD6-Y9za81SM
Frame ID: E521EC643F09930789B0CEAD60C9782E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYoef4xgEwAQ&v=APEucNWpIi-0e-81QGfsWRUI2VTTh5xx7Yo9MtiGHAFAHaZjmz2kA7OcFfrbMKv8Cu807psKucqMeQJsbvw18nqLi8ODIAISKmtDaHUaxjfm0R-olnqdfoFRcyrJdF4C-HQ_EyVBvTytlG7c_vBALo9HcEWc0HMlBmhyNcdVyIJpOCY-c-UIfdI
Frame ID: FD0042CCF85966082845A031893E179C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYoef4xgEwAQ&v=APEucNWQpUkyI9ZblLbQ94CBHkaQCfP28g-ow_iHh52JueOEwFqzS2vCLMIJWtXhH2vRom2UFcZyAEoA9XbT63RERWk5ipfE_XqQciqqb_m4Mo6ojEbi7_U36jJANfnBGZLNwgslYJ4C0KMWWcnoQ41RWIFRRWW8opw1KsSJtIAveaIl4Zdo5eY
Frame ID: 01A02895827BA6F49F3D04E02F8290DC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY5eL4xgEwAQ&v=APEucNX1lUnf2mKKe9AvNhCwXWzTT__hPVyYtvPIHWXvwvO_-HOfMX7nKlKeWe3qZJWXQ6owTpU0YF79yzSV2uGJL3kYxuTkiaT7-tCwF6_kCfo2vm6vk_bNJpX2SmFlN_ShkKcu0rZivNe-7QIACbw-0z09ryKw1Qxkvs6-n1ohcUbBRtBWQjI
Frame ID: F245068762584A12359AA6F272A732FC
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B0E13EBF071D4A38BFBA1E20940C8162
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 69C50FBB15C39ABC77CBC7F881C56545
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 245DF453C1FCE6B3950E089F757DBF6D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4AEAB2211E972FAB1777B8FB8EBE9B20
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0A3B2FB22DB73893B9CBE054314B650B
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=wd7gSRgWtS&t=1&renderingType=2&ev=01_247
Frame ID: 86F09AC11181B3C3128F829EAE1851A8
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=TRmbYZI7qA&t=1&renderingType=2&ev=01_247
Frame ID: 67ED6D9068316721366CA029658358BC
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0506D4C12E7A846AD4A0A25F50D44FEF
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=6jueUSBsAc&t=1&renderingType=2&ev=01_247
Frame ID: 5ED0D807419CF5B40EB8056DB5C3C4D2
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1043F8BF69217F8CEEF9356C4BEBF77D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 12519C01BC9B3F0BBC712371D0CF8CE2
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=53753900006868500757597012066027&actionid=981741&produktid=&dt_url=
Frame ID: AD8136D0485D36EE6C63585E31B44AB2
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 91359DC32319784AC185E9643FC7E62A
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844595
Frame ID: 76FF4138AA310BAD943085EA86221A1E
Requests: 2 HTTP requests in this frame

Frame: https://hal900027.redintelligence.net/request_content.php?s=53753900006868500757597012066027&a=f9b479f9
Frame ID: D07832AE4CF7C3D9AB9178D5F4BBA3BF
Requests: 8 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95808200007473000757597012066001&actionid=981741&produktid=&dt_url=
Frame ID: 82D9C2A4A6D64BA595DB10B5050C243F
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: CA41D08BF530BB3C1556268915A2CD3B
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844596
Frame ID: 682D78434D8AFFBB0D1DF1B20B129D3A
Requests: 2 HTTP requests in this frame

Frame: https://hal90001.redintelligence.net/request_content.php?s=95808200007473000757597012066001&a=02bc593f
Frame ID: C995EE4AFAAC42DA09E1CFE8B555D547
Requests: 8 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78214100005187700757589012066006&actionid=981741&produktid=&dt_url=
Frame ID: 0B69E3590C87AA081398AAAF33713B1D
Requests: 1 HTTP requests in this frame

Frame: https://hal90006.redintelligence.net/request_content.php?s=78214100005187700757589012066006&a=583bdfce
Frame ID: 0BD7AC3596F996762FF7098AE34F4B78
Requests: 6 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=59070900006437100757597012066020&actionid=981741&produktid=&dt_url=
Frame ID: 6A347FF957490B608E533C91691C2E58
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: A234F43D406473B11DEAF5731142EF47
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844597
Frame ID: 630EE030FD147D523FF1E15BA1513AD9
Requests: 2 HTTP requests in this frame

Frame: https://hal900020.redintelligence.net/request_content.php?s=59070900006437100757597012066020&a=ee12f33f
Frame ID: 43B80F332AC10BABD8D86FAA71EB33CE
Requests: 8 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=88680000006069900757597012066025&actionid=981741&produktid=&dt_url=
Frame ID: B639A447E9E440CD250291A2E25B937C
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 1694AE0D13FDFC138ECFA5D4CD8F20C1
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844598
Frame ID: 35B88B31C9015E07794C1620317E9F03
Requests: 2 HTTP requests in this frame

Frame: https://hal900025.redintelligence.net/request_content.php?s=88680000006069900757597012066025&a=df55a675
Frame ID: CB7F34D3A407F554D91BFC0BFE736AD2
Requests: 8 HTTP requests in this frame

Frame: https://ads.novanet.vn/Ad?ssl=true&v=1661733961923&ssl=true&zone=10484&url=https%3A%2F%2Fbongdaplus%2Evn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208%2Ehtml&host=bongdaplus%2Evn&ref=&hl=2&br=3&brver=104&osname=1&osver=0&width=300&height=250&time=923&h5e=true&nnc=null&cenable=true&newnnc=false
Frame ID: A51D89F7B4A5A05AD7A6B1CBDAFBF45F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v5.0/plugins/like.php?action=like&app_id=322171506365362&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1061b56305a7%26domain%3Dbongdaplus.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbongdaplus.vn%252Ff4c62d8fc218%26relation%3Dparent.parent&container_width=104&href=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=
Frame ID: 984B96A81885FAE687AF8A9B7A3BC486
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v5.0/plugins/like.php?action=like&app_id=322171506365362&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df364d48c5f4c944%26domain%3Dbongdaplus.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbongdaplus.vn%252Ff4c62d8fc218%26relation%3Dparent.parent&container_width=480&href=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&size=small&width=
Frame ID: 884E0BE332E692E99E8DFA0A6184994D
Requests: 1 HTTP requests in this frame

Frame: https://lg1.logging.admicro.vn/_tracking1.gif?dg=b7ba1c1e4c54b4a41c44986e6dd206e7&fl=-1.-1.&je=0&sr=1600x1200&sc=24&hn=bongdaplus.vn&cat=&g=0&i=s%3B1661733961229%3B0%3B0%3B1%3B0%3B0%3B1600x1200%3B0%3B1%3Bb7ba1c1e4c54b4a41c44986e6dd206e7%3Bb7ba1c1e4c54b4a41c44986e6dd206e7%3BGA1.1.1419012330.1661733957%3B-1661733956173%3B244%3B465%3B355%3B230%3B0%3B-1661733956173%3B-1661733956173&rdm=0.750710073728313&p=%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&r=&ce=1&lc=&cr=&ui=
Frame ID: 39674316E406A90CC2CA168B5CC7F34D
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D
Frame ID: 4384AEF42C657060AA09770D318437AC
Requests: 2 HTTP requests in this frame

Frame: https://ads.novanet.vn/Ad?ssl=true&v=1661733961923&ssl=true&zone=10484&url=https%3A%2F%2Fbongdaplus%2Evn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208%2Ehtml&host=bongdaplus%2Evn&ref=&hl=2&br=3&brver=104&osname=1&osver=0&width=300&height=250&time=923&h5e=true&nnc=null&cenable=true&newnnc=false
Frame ID: E8FFF3E0C0EFB4417A3B7AB41554503E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5230701648443988&output=html&adk=1812271804&adf=3025194257&lmt=1661733962&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661733962099&bpp=1&bdt=4859&idt=372&shv=r20220822&mjsv=m202208220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dea40787c55c69d63-225cb19e0ace006b%3AT%3D1661733960%3AS%3DALNI_Ma2-t7MnWOjS1c_Rg1UIYlq5cUN9w&nras=1&correlator=8594868465618&frm=20&pv=2&ga_vid=1419012330.1661733957&ga_sid=1661733960&ga_hid=1119592781&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44768832%2C31069108%2C21065724%2C31064018&oid=2&pvsid=1105031247096242&tmod=399087720&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=10&uci=a!a&fsb=1&dtd=389
Frame ID: 44FEE145F02091377E6894F400BA9AA0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Frame ID: F67BC5ECF9DCB9E8F785DFA2C4F922B5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Frame ID: 3341E8A97F01C779345F497BB4ACB8DC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Frame ID: 9018DE4610D82AB3019365754EA3F8C8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A8851104D09E558FB2297AF9C4E796BC
Requests: 3 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: EE2630FF26F63574E133597FAA4C6766
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159448
Frame ID: 62C775290A1C9496BA9765F975A3811B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 453CB0A42EE91CB21671361D07BA65B9
Requests: 3 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 27A7E4646415C930D0E22EEC7726A848
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 6233069DA835A322E13CE65240563180
Requests: 8 HTTP requests in this frame

Frame: https://5a9c3873c33303a4ac7e0ee43d1a44d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: B831BA87B936DF7D85182783EFCC8F03
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3FBEF1D221549D16386DD2DDB93A2B95
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 62F154DCE8C8ECF069DDDA9F14A2DA7D
Requests: 2 HTTP requests in this frame

Frame: https://geo.dailymotion.com/player/x9u8j.html?video=k3Cf2C0ElSydrLyfsP6&mute=true&scaleMode=fit&syndication=1140577&GK_PV5_PHOTON=1
Frame ID: F0DCDDD883629CB3C149B4A44D81948A
Requests: 24 HTTP requests in this frame

Frame: https://fgp.philacct.com/genuuidpc
Frame ID: 7358F10565DCB61298AE1817DCB414D5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D56D1BCEB7AE69DE572F9E8AEC2D871D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F70C7C63E31A3625C4766AC45CDE2FC4
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 586D66365BA94453D4F90CF7D20DB5FD
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.527.0_en.html
Frame ID: 2DE41EDB1AB82A48DB351A9117A4A71C
Requests: 1 HTTP requests in this frame

Frame: https://tenmaxsgads.blob.core.windows.net/template-v2/domainMapping.js
Frame ID: 62F6B8BB00A5D13F5A9BA89539245A1E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Viettel & Bình Định cùng thắng: Nhà giàu vượt khó

Detected technologies

Chart.js (JavaScript Graphics) Expand

Overall confidence: 75%
Detected patterns

/Chart(?:\.bundle)?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

644
Requests

92 %
HTTPS

33 %
IPv6

73
Domains

131
Subdomains

108
IPs

15
Countries

11072 kB
Transfer

21632 kB
Size

75
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://bongdaphui.net/
Title: Bóng đá phủi

Search URL Search Domain Scan URL

URL: https://facebook.com/Baobongda

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCmn1v6lrIDZghUfbxXaorUw

Search URL Search Domain Scan URL

URL: https://member.bongdaplus.vn/
Title: Đăng nhập

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=9753a5d8-c1fa-42e2-876e-3a12383d7ae0&refurl=https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101

https://x.bidswitch.net/sync?ssp=ambient HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=ambient HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dambient%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dambient%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=642d30f7-1fcb-52f1-8a46-e862e94ae42a&ssp=ambient&expires=30&user_group=1&gdpr=&gdpr_consent= HTTP 302
https://cm.gammaplatform.com/adx/recv?pid=7&uid=ae01ed06-a198-4672-80df-01a8109778cc

Request Chain 102

https://cm.ambientdsp.com/cm/send?vc=gaj HTTP 301
https://cm.gammaplatform.com/adx/recv?pid=31&uid=wuoznpkz565

Request Chain 103

https://bcp.crwdcntrl.net/5/c=13633/tp=GMMA/tpid=8n7tp79ixfrj HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=13633/tp=GMMA/tpid=8n7tp79ixfrj

Request Chain 141

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbongdaplus.vn%2F&domain=bongdaplus.vn&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=xJc8fXx0M2UyTVJJVnZ3c1l0T1pPcm4za0NJL1JWTFpZQXk4ckM3bzlacTFiN1ZPSEZ0YTlpbG9CQ1o1WC9VSGlqTHJ2dVZVQXV1amdTNGRSdFJOaHNIVlMyODVnSzRydkxLeG96VDVEVHVrd3NZMHZzL09Eb0hXSnhtbUJiY3prN1ZFMnBXa0I2bitJaG15Y0hRTlFEMGtmNXlKU2xJbkNJVkk4bHBSUlllR1JCMFVGQXZHVytodkxHd3NxcmxuckNBdC9tUXZBK2NrL0R6U2dOdFpIVUpEcmxGRFI1Rkw5RGVXYm5peDNUdFRnZzVFPXw&cppv=2

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM7U3fIxu3gkoKtW1PiHxjI&google_cver=1

Request Chain 196

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwwMSCZBkDYtJjyTecgg4gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1

Request Chain 197

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBFnY1XRVd0ABf86ZImaHy0&google_cver=1

Request Chain 198

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NjU5MTgzMzY0ODMzNjQ2Mg%3D%3D

Request Chain 199

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMaFWdm8VC2BBjxKGLAxMZc&google_cver=1

Request Chain 200

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwwMSCZBkDYtJjyTecgg4gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1

Request Chain 201

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHwOXzAJvcOkJtGzywuCqd8&google_cver=1

Request Chain 202

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NjU5MTgzMzY0ODMzNjQ2Mg%3D%3D

Request Chain 203

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMaFWdm8VC2BBjxKGLAxMZc&google_cver=1

Request Chain 204

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwwMSCZBkDYtJjyTecgg4gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1

Request Chain 205

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHwOXzAJvcOkJtGzywuCqd8&google_cver=1

Request Chain 206

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NjU5MTgzMzY0ODMzNjQ2Mg%3D%3D

Request Chain 207

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1

Request Chain 208

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwwMSCZBkDYtJjyTecgg4gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1

Request Chain 209

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHwOXzAJvcOkJtGzywuCqd8&google_cver=1

Request Chain 210

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NjU5MTgzMzY0ODMzNjQ2Mg%3D%3D

Request Chain 213

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1

Request Chain 214

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwwMSCZBkDYtJjyTecgg4gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1

Request Chain 215

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHwOXzAJvcOkJtGzywuCqd8&google_cver=1

Request Chain 216

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NjU5MTgzMzY0ODMzNjQ2Mg%3D%3D

Request Chain 219

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH9cNgUjDYUgS4GwFRSEV0M&google_cver=1

Request Chain 221

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEOhpbEvRW1yrw6BRjlBcqYA&google_cver=1

Request Chain 223

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH9cNgUjDYUgS4GwFRSEV0M&google_cver=1

Request Chain 225

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEOhpbEvRW1yrw6BRjlBcqYA&google_cver=1

Request Chain 227

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH9cNgUjDYUgS4GwFRSEV0M&google_cver=1

Request Chain 229

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEOhpbEvRW1yrw6BRjlBcqYA&google_cver=1

Request Chain 263

https://hal90001.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=40f69bddc3&subid=&uid=ddbf13a54f2064e6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCg6vSSAwMY67nGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0LM3By6d4TEn4zHgTgiHutc6lH7jnb0HIU8njCRSarxtVY0A2Oaf7p70KnYK3xuBTOY2QpN3lPVfogSBnmS7bUR-Z8SKdDAA5E0BxsMul0M8fUeZ6j_27FQWzjL2p0tKNaYpyQORJ64yYsVLsx_SWjwzC0QVw8zr3PxadfpGR_tf5qKUVSoWBot6tq466l_HPJAuyJK7g5PlQVBL7dGlxYMKB4wV79Qy4nc17YCStB13vp1a2uh7MN4aZEhxTgQJCtI66Fmxk_s2Iie7tAZwo73HCoP7ClIcTbkiU1Aht2CB7dvzez5wyYMIwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoPfgJu7pv9GueH7MhuEvoKPGkqSyaVq2098pEOb2xS7cbSxG_2xM%26sig%3DAOD64_0G3iSeJ8n4QjhgFGktUMQHUe4G8A%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-A5I5TSCCXPOFOPIddZUe_rF-0vwyPDql3uKTofhpUwfl9NmhxI_MCupMifmlb2ApZvOA2tTw_f4xsJLhxwYksPLWLW2g3iB5LA5C1mrrQrYO6vPYoN_HbAs_aO7T0f6EHWqZpWQkFp8FkItCAuJWCG-PaGYQ%26cry%3D1%26dbm_d%3DAKAmf-CoEPLvxiJZBBRgKS_q45bgh8qjk4_JAHICJHyyc3KAUmtUzpOv3BxJ9oIGpQkIyDzd64WGAu444sOLVBhyzrwE0Sh0GX4hQdUBbW6wZOcnySOMo6UdHIDKwGZ3qRg-JTeJV74wLAtReauYHPbHFjJTxNTZVPFHVsxn6w13Pk5cdEfMGF_aWpXwiBNJqUvZfPkCgjaXWbL0244mgZqoCp4FsQcaVc-B-G60ctKWt4YSzlIBpu4Crat86t1VzeGG7MgAOJWEfuqlnhPX0Ib3TRCGZQkBKEZ5YQY5oXy68-hADZl7qfbo4XCRMzivj4uFpRkdEF7aSvOEqdzogSob5p7VTICGVNzMkzsO1WR7EaB1NJibMfnFpIKUQSzRYvN2Q8hNeQYsAFukKPxNUx3p-MbjNMDOhAVJJMNz-vjS1MgsQ9PuiBhP3-hY-3AnW4te-TS-CLvYMmPjE7LcepYx5CP1pghDQz6KQfQHj0zpFNg7fvJRKIz9xDzeBAffi2UBvGAe_8l48OfW8hnYAGnw3A0gPyv3zQ8ch47fVukLG27pmsy-CNnwxu7PqLx_n0e08PuHpnpX%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=8333485531652&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal90001.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=40f69bddc3&subid=&uid=ddbf13a54f2064e6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCg6vSSAwMY67nGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0LM3By6d4TEn4zHgTgiHutc6lH7jnb0HIU8njCRSarxtVY0A2Oaf7p70KnYK3xuBTOY2QpN3lPVfogSBnmS7bUR-Z8SKdDAA5E0BxsMul0M8fUeZ6j_27FQWzjL2p0tKNaYpyQORJ64yYsVLsx_SWjwzC0QVw8zr3PxadfpGR_tf5qKUVSoWBot6tq466l_HPJAuyJK7g5PlQVBL7dGlxYMKB4wV79Qy4nc17YCStB13vp1a2uh7MN4aZEhxTgQJCtI66Fmxk_s2Iie7tAZwo73HCoP7ClIcTbkiU1Aht2CB7dvzez5wyYMIwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoPfgJu7pv9GueH7MhuEvoKPGkqSyaVq2098pEOb2xS7cbSxG_2xM%26sig%3DAOD64_0G3iSeJ8n4QjhgFGktUMQHUe4G8A%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-A5I5TSCCXPOFOPIddZUe_rF-0vwyPDql3uKTofhpUwfl9NmhxI_MCupMifmlb2ApZvOA2tTw_f4xsJLhxwYksPLWLW2g3iB5LA5C1mrrQrYO6vPYoN_HbAs_aO7T0f6EHWqZpWQkFp8FkItCAuJWCG-PaGYQ%26cry%3D1%26dbm_d%3DAKAmf-CoEPLvxiJZBBRgKS_q45bgh8qjk4_JAHICJHyyc3KAUmtUzpOv3BxJ9oIGpQkIyDzd64WGAu444sOLVBhyzrwE0Sh0GX4hQdUBbW6wZOcnySOMo6UdHIDKwGZ3qRg-JTeJV74wLAtReauYHPbHFjJTxNTZVPFHVsxn6w13Pk5cdEfMGF_aWpXwiBNJqUvZfPkCgjaXWbL0244mgZqoCp4FsQcaVc-B-G60ctKWt4YSzlIBpu4Crat86t1VzeGG7MgAOJWEfuqlnhPX0Ib3TRCGZQkBKEZ5YQY5oXy68-hADZl7qfbo4XCRMzivj4uFpRkdEF7aSvOEqdzogSob5p7VTICGVNzMkzsO1WR7EaB1NJibMfnFpIKUQSzRYvN2Q8hNeQYsAFukKPxNUx3p-MbjNMDOhAVJJMNz-vjS1MgsQ9PuiBhP3-hY-3AnW4te-TS-CLvYMmPjE7LcepYx5CP1pghDQz6KQfQHj0zpFNg7fvJRKIz9xDzeBAffi2UBvGAe_8l48OfW8hnYAGnw3A0gPyv3zQ8ch47fVukLG27pmsy-CNnwxu7PqLx_n0e08PuHpnpX%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=8333485531652&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 264

https://hal900027.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=bc5b9da015&subid=&uid=503e1ae1638a110f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEMRdSAwMY7HnGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0Nnim2VANp8UR3sUoOM6m9aba0g2Wjq3Jk8URL-nbrJ6vz98hb1xR-Qo2ei2UskXxuR_WWA8dR9A4iG1KSnzQs7rxAyaNK-LJySPbUOlpDRPgiBJQQYcA1Pqg9GF6hCxfT9bxORl9ZZSo5kuJy1wSqzNRBgbAnOk6jPmh2Wrh6hYzJXLiyueiij51M1D2U0JGTuOQzkQiyosDdD2HZZjkjiC6Vxgd1HZ9pZPRcd8hQ7c1HKqw3nEwZ2CEWZ44Yq83PpO7hjlnAb-HfvLSH5m-vYuLf6BsQVG2As80qCGipUCFqRe3UyIVHCEwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoEDcKPyI5Sl8AqxUCzDgPJnMzL1oZBAnYuv4R-plGrTTr34zFmDk%26sig%3DAOD64_27gH6hY81Qs24LBJ_dbnsT6AQxSA%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-An0e7CPGuQGBVc8uyHXpwcvdXeSQY6moF7PvpP-0USDc_iPp97TbwGUM8DBVDKf5erX9Loll4sCt9hCNigtTiFKfZuDCI4CH6M3JBt6e0_UaeLuUJqW_0m3m-R5Ns11h0J9hFoNSJJkLVyZkk2P62q6pdW2g%26cry%3D1%26dbm_d%3DAKAmf-DVcrhS5R_rfQ2DFGSpdFAa0t1qsYUi6GQp9eOnbr0yxZoGUX6GlCSXcO-8hQlPzyrq1s8p6fkodeAaXXtAhHKyWjsET1RRUqFVXx5rZQO08fQON5BOah1Nq_gaucYMcOaHOtsbmMwddcmHBnx3MoBIH58zRiLSWRaI38lRBDhIFJJsuie9iXJTAwUW9VFVvGd_fhD_XZAyJEmvOLLHn2CEr5jK2L4QCKQmuh9za2ci-pRjW0bE9gQeTQ9t6CgjE8kdEPcmLwAA7FTCaQzdkwhlZN2EwDdIJ86NjfKlRy8i8jDfIUBy9dOiBTpvcNAIFLkXrhXLdAfmMkCDVbkhInzPCuaBo8zrs73_To8OaXb1a-x8ZtZ8Q7DRcpLiitqqhSU3WBAbHU4oQrwmkYPuw5pPk_0An2oRvADQ4Og8rYfFCN5GjOSZYzU2tGpu8zIs2QUP_W8a7piUIYVbDbSP4tPXqLlsc7W90JoXQkqp66gT-8QxXlf18NmqcS2nUcGtRkvHbjEJpBEzAcBiseAHajvvurs6mvzwP7z1uvxeUQYcjUNzQ0Zwp0VLjO1gKeJEzIlBQUOs%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=3129183823265&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900027.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=bc5b9da015&subid=&uid=503e1ae1638a110f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEMRdSAwMY7HnGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0Nnim2VANp8UR3sUoOM6m9aba0g2Wjq3Jk8URL-nbrJ6vz98hb1xR-Qo2ei2UskXxuR_WWA8dR9A4iG1KSnzQs7rxAyaNK-LJySPbUOlpDRPgiBJQQYcA1Pqg9GF6hCxfT9bxORl9ZZSo5kuJy1wSqzNRBgbAnOk6jPmh2Wrh6hYzJXLiyueiij51M1D2U0JGTuOQzkQiyosDdD2HZZjkjiC6Vxgd1HZ9pZPRcd8hQ7c1HKqw3nEwZ2CEWZ44Yq83PpO7hjlnAb-HfvLSH5m-vYuLf6BsQVG2As80qCGipUCFqRe3UyIVHCEwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoEDcKPyI5Sl8AqxUCzDgPJnMzL1oZBAnYuv4R-plGrTTr34zFmDk%26sig%3DAOD64_27gH6hY81Qs24LBJ_dbnsT6AQxSA%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-An0e7CPGuQGBVc8uyHXpwcvdXeSQY6moF7PvpP-0USDc_iPp97TbwGUM8DBVDKf5erX9Loll4sCt9hCNigtTiFKfZuDCI4CH6M3JBt6e0_UaeLuUJqW_0m3m-R5Ns11h0J9hFoNSJJkLVyZkk2P62q6pdW2g%26cry%3D1%26dbm_d%3DAKAmf-DVcrhS5R_rfQ2DFGSpdFAa0t1qsYUi6GQp9eOnbr0yxZoGUX6GlCSXcO-8hQlPzyrq1s8p6fkodeAaXXtAhHKyWjsET1RRUqFVXx5rZQO08fQON5BOah1Nq_gaucYMcOaHOtsbmMwddcmHBnx3MoBIH58zRiLSWRaI38lRBDhIFJJsuie9iXJTAwUW9VFVvGd_fhD_XZAyJEmvOLLHn2CEr5jK2L4QCKQmuh9za2ci-pRjW0bE9gQeTQ9t6CgjE8kdEPcmLwAA7FTCaQzdkwhlZN2EwDdIJ86NjfKlRy8i8jDfIUBy9dOiBTpvcNAIFLkXrhXLdAfmMkCDVbkhInzPCuaBo8zrs73_To8OaXb1a-x8ZtZ8Q7DRcpLiitqqhSU3WBAbHU4oQrwmkYPuw5pPk_0An2oRvADQ4Og8rYfFCN5GjOSZYzU2tGpu8zIs2QUP_W8a7piUIYVbDbSP4tPXqLlsc7W90JoXQkqp66gT-8QxXlf18NmqcS2nUcGtRkvHbjEJpBEzAcBiseAHajvvurs6mvzwP7z1uvxeUQYcjUNzQ0Zwp0VLjO1gKeJEzIlBQUOs%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=3129183823265&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 265

https://hal900025.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=7d1a822ce8&subid=&uid=1d863a38a793666f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC14ovSAwMY6_nGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0FMNAUcpFMgxLicROmeAQcvju-x83Uv6Wm78nFNbC5srTgFVYOwyCbAUytfXpt_QchtL-0XtS3WA9sNNgl9SoNI4ci5euk8ZjK5imkiX4t3WxFjpbfbtb9rMxjmh7cfVtAlpJz7Tnj-z1tRw3vRFl0_aWJ1nn1qnRo8v1BL-777D3BOVXYHktqJ8cpsSZE1m5TLdldf52lSgZVBONydPrLfSV_z4-XNBLejlZXmDr4spljQ6UWKMgw-waUUXTlce7RgUcQaAjDLU1fRkQSX8Wc5kGNYsk9P8bPP1vj72SbIjKqbU8pRJSF6EwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoRLwXll7zDPGXA4HnhbTsyaqgZrcrB4sqOHchWh-kLIxKncuCZW0%26sig%3DAOD64_0M4d9nE6YTpLeFEiBJFWq1ukyzaQ%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-Aqu8Cy16bNNnIqrApL4CseCVqFdYvjZRAYmBwseir2I6cTwJnUvN-pFq5XBrXyCtxeRmQEema02HM_5KimcA-8btc_lox_sjzLvwebJomHvGNqeBO8u_3fmm3nDZ0T11-0EPVFI2YfnnT4tb807P_9m2KY-w%26cry%3D1%26dbm_d%3DAKAmf-BBuhDCsHqRZZhp-N_hszybgctr8KBbrOt24pzMzcuYG40COJ-3POUp7sGm2W-uvGz5K_NrxLrg7mpxc-aQ5ig1QRYXOY6mdmIIReMVfQSwOu3nKJF_aeKQU_P50WgkT_WoKDryV71npP59_G1cVmTAqQ9sQ5SFxJGyCMm30i4H0e9VAxsD9HYmK7ZfqWHQgtpdei-wuigBbEPpjYO2BOCUxWEcqeEsnXGEbpetIN0_UdOJZ0anrzgQ_GG5pJ0P4JFSuqraqEHm1AgDhX2ZRgXZK-futpb-ftdC1INV4eTW_1XSheiDFnV8WPtw65s-TCwxFcVa0l5bKj15yxIDdYz20kGvdn4h4nme1Liar6dBzOHCnAIDyxh299WbX3oLaqOr_58l_rcPPO-6uc24EGBrcL2jvcBN6Im4k07FHlTyu9I9QzU6K_RQTqycoYQo1xKsZ_94WvJgAj5rbbCPrrkIontjBS6jpPqlr9ObzEIey_a2n487mcwxay8Hthk2LOkgLyFxF2u_qiGhgCNNDxui5wKyPX8rzuo1zsl9svcI5AG2VUqGqmA8HVRQW-OpE0j2HjIk%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=9725977669492&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal900025.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=7d1a822ce8&subid=&uid=1d863a38a793666f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC14ovSAwMY6_nGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0FMNAUcpFMgxLicROmeAQcvju-x83Uv6Wm78nFNbC5srTgFVYOwyCbAUytfXpt_QchtL-0XtS3WA9sNNgl9SoNI4ci5euk8ZjK5imkiX4t3WxFjpbfbtb9rMxjmh7cfVtAlpJz7Tnj-z1tRw3vRFl0_aWJ1nn1qnRo8v1BL-777D3BOVXYHktqJ8cpsSZE1m5TLdldf52lSgZVBONydPrLfSV_z4-XNBLejlZXmDr4spljQ6UWKMgw-waUUXTlce7RgUcQaAjDLU1fRkQSX8Wc5kGNYsk9P8bPP1vj72SbIjKqbU8pRJSF6EwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoRLwXll7zDPGXA4HnhbTsyaqgZrcrB4sqOHchWh-kLIxKncuCZW0%26sig%3DAOD64_0M4d9nE6YTpLeFEiBJFWq1ukyzaQ%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-Aqu8Cy16bNNnIqrApL4CseCVqFdYvjZRAYmBwseir2I6cTwJnUvN-pFq5XBrXyCtxeRmQEema02HM_5KimcA-8btc_lox_sjzLvwebJomHvGNqeBO8u_3fmm3nDZ0T11-0EPVFI2YfnnT4tb807P_9m2KY-w%26cry%3D1%26dbm_d%3DAKAmf-BBuhDCsHqRZZhp-N_hszybgctr8KBbrOt24pzMzcuYG40COJ-3POUp7sGm2W-uvGz5K_NrxLrg7mpxc-aQ5ig1QRYXOY6mdmIIReMVfQSwOu3nKJF_aeKQU_P50WgkT_WoKDryV71npP59_G1cVmTAqQ9sQ5SFxJGyCMm30i4H0e9VAxsD9HYmK7ZfqWHQgtpdei-wuigBbEPpjYO2BOCUxWEcqeEsnXGEbpetIN0_UdOJZ0anrzgQ_GG5pJ0P4JFSuqraqEHm1AgDhX2ZRgXZK-futpb-ftdC1INV4eTW_1XSheiDFnV8WPtw65s-TCwxFcVa0l5bKj15yxIDdYz20kGvdn4h4nme1Liar6dBzOHCnAIDyxh299WbX3oLaqOr_58l_rcPPO-6uc24EGBrcL2jvcBN6Im4k07FHlTyu9I9QzU6K_RQTqycoYQo1xKsZ_94WvJgAj5rbbCPrrkIontjBS6jpPqlr9ObzEIey_a2n487mcwxay8Hthk2LOkgLyFxF2u_qiGhgCNNDxui5wKyPX8rzuo1zsl9svcI5AG2VUqGqmA8HVRQW-OpE0j2HjIk%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=9725977669492&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 266

https://hal90006.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=f8849963f7&subid=&uid=bd4a8fb040da1e2e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGtPPSAwMY63nGKqMx_AP7Oe8oAfdreioYLuP39SICvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0ALJTodBb37jEVHmjv1bYeJ6ul1304zTfkKze7-_7MwDAUKbSY5yaYaZ6hz2jvlyXYA60IQwEDTraWKuxk1U_s-WZ83bngqCfgHclKwuLIK4e44Q73obxCFj2AcIWnQuDrR3z0fUClbdqM_CSY5g81AxEigd56yaaFoSchZT69vU-2x7qHw0pmOQ4QCYn69vHUtbn_Xm4PH86rOtjOGG6rPmCYqMZKKyMWXj3v5ycgD8Uxtz0f8lNH6pEa_DolNIwefb2nhLEDVyM69kwsukNyAiXnFx0pzUKjq3d8t2bN8CWb1Bq8NNYQrfwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoJHFtfBuo6-xWww-GF8BaNl4Wsoh13394ptNzu7madzvzbOI6ZO0%26sig%3DAOD64_0cO9GpfH7BUl0qkSZdyrZnFWGH5A%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-D1izvSUkycX95t2dV0kVm38FOKQj0iF_tXNH6cyvhhZLJ-dYeDG-2OokiZrzp63AWUdMMyJ6NXlwYm2FoSht-7SQdX6mtv6n7ecNeyfIHJiA_9x8qvGTp2DBrnduPjsTBRpOVLTQm7z_Z5xcMqxJoi_XnTEg%26cry%3D1%26dbm_d%3DAKAmf-BhzE2vtN40GRsk7GqU6kQmBqaYj7qNQv4jEua_Z1i3UrdSeYpoIT29EZ8wqNyKAQzfgHrAlEOHQuMb0rr9n4ZtD3n3GocBxIhY54I-GxexJmSUr9wDwsAk82th6fY8OEkyi0anLHuj5WUHuadmuzIV-TzzUid0rwtGjL11PKu54T0lPHjW_mSVcizeRlqwt0qUbY32MAD2nyacrC8upJotVeHo9_t61Er_gjVROkoOogggcIMCu8oEVNy5mlCvctOE9w407nsBhcLdhbX74SRF9-X6ZfGhiLLAfYBH28zGBUDtB7sxZ4_DpoBmg0XMgn2Dz0H96V5Udo49ZPEgmMIYs1p4vbme3fPacQ5V69HoJTgnpL-DdjXP9DBk3cKLFAdIHHzL-IE0G4ZCYaxibXRfEOvUphpRjURZGpPm8xqpgdRuHAl9hTAfw1xdIgI92W5DF9OnGqF-lP_PsK_Fc_7jwgD59TYif1ogLbnigRhc45AnI5piKn0Ugv7u0DpPaMR7Wg1UE37HMEYCC6tM8mDRiqn0G7Zq98Zp0DwdGpHnx5KmGofaBBAr7LwXViAOW4gvnm2J%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=8990420258023&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal90006.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=f8849963f7&subid=&uid=bd4a8fb040da1e2e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGtPPSAwMY63nGKqMx_AP7Oe8oAfdreioYLuP39SICvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0ALJTodBb37jEVHmjv1bYeJ6ul1304zTfkKze7-_7MwDAUKbSY5yaYaZ6hz2jvlyXYA60IQwEDTraWKuxk1U_s-WZ83bngqCfgHclKwuLIK4e44Q73obxCFj2AcIWnQuDrR3z0fUClbdqM_CSY5g81AxEigd56yaaFoSchZT69vU-2x7qHw0pmOQ4QCYn69vHUtbn_Xm4PH86rOtjOGG6rPmCYqMZKKyMWXj3v5ycgD8Uxtz0f8lNH6pEa_DolNIwefb2nhLEDVyM69kwsukNyAiXnFx0pzUKjq3d8t2bN8CWb1Bq8NNYQrfwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoJHFtfBuo6-xWww-GF8BaNl4Wsoh13394ptNzu7madzvzbOI6ZO0%26sig%3DAOD64_0cO9GpfH7BUl0qkSZdyrZnFWGH5A%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-D1izvSUkycX95t2dV0kVm38FOKQj0iF_tXNH6cyvhhZLJ-dYeDG-2OokiZrzp63AWUdMMyJ6NXlwYm2FoSht-7SQdX6mtv6n7ecNeyfIHJiA_9x8qvGTp2DBrnduPjsTBRpOVLTQm7z_Z5xcMqxJoi_XnTEg%26cry%3D1%26dbm_d%3DAKAmf-BhzE2vtN40GRsk7GqU6kQmBqaYj7qNQv4jEua_Z1i3UrdSeYpoIT29EZ8wqNyKAQzfgHrAlEOHQuMb0rr9n4ZtD3n3GocBxIhY54I-GxexJmSUr9wDwsAk82th6fY8OEkyi0anLHuj5WUHuadmuzIV-TzzUid0rwtGjL11PKu54T0lPHjW_mSVcizeRlqwt0qUbY32MAD2nyacrC8upJotVeHo9_t61Er_gjVROkoOogggcIMCu8oEVNy5mlCvctOE9w407nsBhcLdhbX74SRF9-X6ZfGhiLLAfYBH28zGBUDtB7sxZ4_DpoBmg0XMgn2Dz0H96V5Udo49ZPEgmMIYs1p4vbme3fPacQ5V69HoJTgnpL-DdjXP9DBk3cKLFAdIHHzL-IE0G4ZCYaxibXRfEOvUphpRjURZGpPm8xqpgdRuHAl9hTAfw1xdIgI92W5DF9OnGqF-lP_PsK_Fc_7jwgD59TYif1ogLbnigRhc45AnI5piKn0Ugv7u0DpPaMR7Wg1UE37HMEYCC6tM8mDRiqn0G7Zq98Zp0DwdGpHnx5KmGofaBBAr7LwXViAOW4gvnm2J%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=8990420258023&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 267

https://hal900020.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=82410ddfad&subid=&uid=cb0be608643a9e36&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbBjYSAwMY7DnGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0KxOMzwxg7rT45ySZpmjMkRtGJPxaeKTM01NJCOfrGk97iK8P5rNgxoC36bbvDOjUDhIoGJlCa-RS8yb_WgNfyGhOOQFGxyprjx-Rrr9bmbE0rabhIDq8MOwi96XcjyE4-DYWorTV132DZsVWq5sCXgvtTp1cEFZh9Fr--FJgskzTMZp-R6lS-Ee2BUkK1q6OBxbNp4-hWpGSupI967R-mPLuGBKnhmklllWyYFWEoP9ejFRd-jVFJAhIIct_ANzddvVxIYJp6iI07NKC8CESD4O5ehAS3d1Z8AI9fAz6xmyYXK2-1SL3OEywATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoEZW3D38_eWV20ioVVCOtoB7AM0dea2_H01GIAx3bfIwOEs9sTBA%26sig%3DAOD64_1j9vWMT3mOWUWYNKOVt-D4rNSCVQ%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-CSZRo2D66z62r2T7wfBbFHD5sULTdUMjvz8xKdhFZ770KKjAt3wCoJER5E1A3VNVcp-pHOKkkXS3CDtiXUbRnIV31FtwksnlIzZr5i8men6mHb6S5MaTdwojzBO1fevvy2twkK-pSkELM9wdftdE4mp6oguA%26cry%3D1%26dbm_d%3DAKAmf-CXIvbegyP--JYG5DfU09-os1ffZET-nukrMpskPcue-xO8fTpqT_VwtYuEdWcIIE9usEAbxCiRXVXc1pPBp-4unQ7ZN20LdrOcoaxEa97My5bFNx1uwoiR7ejfhH4NRD1Xuni1f0z4dgw-9RACpSnxw-SNwvBCQ8WQ7Us7RmEnIip5mgotv9UTPGxcomsJjDdcGby4LpMhN9pTZiAqXmXFHezWyI6Wy2VML-XIXxmsyYSH1vReTzdp87eN1tCSeAD3gW--7PtVSK6a_sdVPhZS8ceinAeyJrxgNQ442DbeJ60ZSUZOIZnzZ__LcUO6p8rwrMa6vWI7fVplAqu1v0PO-OmPaOcjYrnEtfZomaBZihiH9RvQmsyOTLwuz_se3-ZhrYiCH29TEBNC-uh3yFfm3BsQMqW4mXnlWD9G6Jhamc-2qrUxk7EsCzfx69feeqNwNSDT58XS9XIJ6E7elUVvqdYKJJXps_KJ3nN7tzC1XpfVHv88lsydDsblLi29soY0YNdeCr7j8PrxolJHDceT-7fj7I-7aOsPEzx32IpSqYHp-t3WhstpQXdu4OuCjE_NxW06%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=1982185133108&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal900020.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=82410ddfad&subid=&uid=cb0be608643a9e36&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbBjYSAwMY7DnGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0KxOMzwxg7rT45ySZpmjMkRtGJPxaeKTM01NJCOfrGk97iK8P5rNgxoC36bbvDOjUDhIoGJlCa-RS8yb_WgNfyGhOOQFGxyprjx-Rrr9bmbE0rabhIDq8MOwi96XcjyE4-DYWorTV132DZsVWq5sCXgvtTp1cEFZh9Fr--FJgskzTMZp-R6lS-Ee2BUkK1q6OBxbNp4-hWpGSupI967R-mPLuGBKnhmklllWyYFWEoP9ejFRd-jVFJAhIIct_ANzddvVxIYJp6iI07NKC8CESD4O5ehAS3d1Z8AI9fAz6xmyYXK2-1SL3OEywATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoEZW3D38_eWV20ioVVCOtoB7AM0dea2_H01GIAx3bfIwOEs9sTBA%26sig%3DAOD64_1j9vWMT3mOWUWYNKOVt-D4rNSCVQ%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-CSZRo2D66z62r2T7wfBbFHD5sULTdUMjvz8xKdhFZ770KKjAt3wCoJER5E1A3VNVcp-pHOKkkXS3CDtiXUbRnIV31FtwksnlIzZr5i8men6mHb6S5MaTdwojzBO1fevvy2twkK-pSkELM9wdftdE4mp6oguA%26cry%3D1%26dbm_d%3DAKAmf-CXIvbegyP--JYG5DfU09-os1ffZET-nukrMpskPcue-xO8fTpqT_VwtYuEdWcIIE9usEAbxCiRXVXc1pPBp-4unQ7ZN20LdrOcoaxEa97My5bFNx1uwoiR7ejfhH4NRD1Xuni1f0z4dgw-9RACpSnxw-SNwvBCQ8WQ7Us7RmEnIip5mgotv9UTPGxcomsJjDdcGby4LpMhN9pTZiAqXmXFHezWyI6Wy2VML-XIXxmsyYSH1vReTzdp87eN1tCSeAD3gW--7PtVSK6a_sdVPhZS8ceinAeyJrxgNQ442DbeJ60ZSUZOIZnzZ__LcUO6p8rwrMa6vWI7fVplAqu1v0PO-OmPaOcjYrnEtfZomaBZihiH9RvQmsyOTLwuz_se3-ZhrYiCH29TEBNC-uh3yFfm3BsQMqW4mXnlWD9G6Jhamc-2qrUxk7EsCzfx69feeqNwNSDT58XS9XIJ6E7elUVvqdYKJJXps_KJ3nN7tzC1XpfVHv88lsydDsblLi29soY0YNdeCr7j8PrxolJHDceT-7fj7I-7aOsPEzx32IpSqYHp-t3WhstpQXdu4OuCjE_NxW06%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=1982185133108&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 297

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=53753900006868500757597012066027&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=53753900006868500757597012066027&actionid=981741&produktid=&dt_url=

Request Chain 299

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=53753900006868500757597012066027&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844595

Request Chain 302

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=53753900006868500757597012066027 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=53753900006868500757597012066027 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 307

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=95808200007473000757597012066001&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95808200007473000757597012066001&actionid=981741&produktid=&dt_url=

Request Chain 309

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=95808200007473000757597012066001&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844596

Request Chain 312

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=95808200007473000757597012066001 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 321

https://pv.medialead.de/trck/epv/e99aace94e6e5873b94a5452a6696367?subid=78214100005187700757589012066006&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78214100005187700757589012066006&actionid=981741&produktid=&dt_url=

Request Chain 323

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=59070900006437100757597012066020&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=59070900006437100757597012066020&actionid=981741&produktid=&dt_url=

Request Chain 325

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=59070900006437100757597012066020&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844597

Request Chain 328

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=59070900006437100757597012066020 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=59070900006437100757597012066020 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 333

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=88680000006069900757597012066025&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=88680000006069900757597012066025&actionid=981741&produktid=&dt_url=

Request Chain 335

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=88680000006069900757597012066025&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844598

Request Chain 338

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=88680000006069900757597012066025 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 346

https://pv.medialead.de/trck/eview/e99aace94e6e5873c65e55b1331dd3d1?subid=78214100005187700757589012066006 HTTP 302
https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_300x250.jpg

Request Chain 517

https://sync.search.spotxchange.com/partner?source=283156&sync_limit=7 HTTP 302
https://sync.search.spotxchange.com/partner?source=283156&sync_limit=7&__user_check__=1&sync_id=f5bcb2ce-2733-11ed-9fdc-1365eaaf0206

Request Chain 562

https://tag.adbro.me/tags/ptag.js HTTP 302
https://cdn.adbro.me/ptag.js

Request Chain 641

https://tag.adbro.me/tags/ptag.js HTTP 302
https://cdn.adbro.me/ptag.js

644 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html Show response
bongdaplus.vn/v-league/ 171 KB
40 KB 1065ms
355ms Document
text/html 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a05abfa9ba902a9800f3a0a167ef489c66dbe7a072c4143146b69ade3038e321

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-length: 40553
content-type: text/html; charset=utf-8
date: Mon, 29 Aug 2022 00:45:57 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 107 KB
42 KB 44ms
21ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-20374657-1

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d99d75a84d928b19c3a8a725a2fc4285412f96242e11af976306a10d51a26eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42103
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Aug 2022 00:45:57 GMT

GET
H2 200 css
bongdaplus.vn/Content/ 331 KB
95 KB 454ms
454ms Stylesheet
text/css 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c4da19491323d8d60c03e8853f7ee48a90b310f2b77401549e1ea38c92279dc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:57 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 00:45:58 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public
expires: Tue, 29 Aug 2023 00:45:58 GMT

GET
H2 200 seag.css
bongdaplus.vn/Content/ 19 KB
4 KB 231ms
231ms Stylesheet
text/css 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/Content/seag.css?new=574632
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 927cacfdc833169c7198028d74935bb628fa945bea160684d92ac24a2513c0be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:57 GMT
content-encoding: gzip
etag: "80a1bc26468d81:0"
last-modified: Sun, 15 May 2022 14:04:57 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 4099

GET
H2 200 chart.css
bongdaplus.vn/Content/ 522 B
408 B 232ms
231ms Stylesheet
text/css 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/Content/chart.css?new=732532
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3f810ee2331d0485b52bcd7ff5ba1c55e32372dd56fe363b9d266aa85a10738e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:57 GMT
content-encoding: gzip
etag: "65bbe13dfa6d71:0"
last-modified: Sat, 11 Sep 2021 07:31:20 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 327

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 34ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b74c67c147f5f4f1c65d8c4a2f58b361dc149bce292b83c074f6462cd9ecde3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://bongdaplus.vn/
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: fk0m5XFUn81D66z5kjRh/A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: Xcm2PazGN6aQY+Fw6DUcdZy9ni59Pse+L9L+UUTB/363zZ8t4e+DmiEds0ry8h9tn+uaRejMX/0w+kbbXKPVJg==
x-fb-trip-id: 686109401
x-fb-content-md5: 7d488293c48c463e98857db698a93bc4
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 29 Aug 2022 00:45:57 GMT
vary: Accept-Encoding
x-content-cdn-origin-ts: 1661732808081
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "a1569fe57ba9c207d6ad0110b120805a"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 29 Aug 2022 00:46:48 GMT

GET
H2 200 VIETTEL.jpg
cdn.bongdaplus.vn/Assets/Media/2022/08/29/26/ 28 KB
28 KB 834ms
265ms Image
image/jpeg 103.151.240.2
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bongdaplus.vn/Assets/Media/2022/08/29/26/VIETTEL.jpg
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.2 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 33121a190fe341b5d3cca5eca2ee110ff13db5022f49cdb95396e55a8b50db61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:57 GMT
last-modified: Sun, 28 Aug 2022 23:47:08 GMT
server: Microsoft-IIS/10.0
age: 2047
x-powered-by: ASP.NET
etag: "c493c7c38bbd81:0"
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
content-length: 28636

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 298 KB
85 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=a9d5aa629f2ec5743b97feb8a9678338

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

794a517d4fa302a47ad3df8f7566986ee333d2e02ff70a1f265668645574f690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://bongdaplus.vn/
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: KI4zcsLChAa2yU47HlOFWQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86514
x-fb-rlafr: 0
x-fb-debug: sgLcH1R97oaS65ihvZlfb08HYMom+xFky1rDvUK8Tq7Il2H+CiCNxCO1oWtY3NlNkRQTchWTItkzkCgC2MVkUQ==
x-fb-trip-id: 686109401
x-fb-content-md5: d49e8cc4f4a9d8026c1d6aac82fa599b
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 29 Aug 2022 00:45:57 GMT
vary: Accept-Encoding
x-content-cdn-origin-ts: 1661728367189
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "9ef6bbe3f84204b1b4f9f94ceda759ab"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 28 Aug 2023 23:12:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-20374657-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6237
date: Sun, 28 Aug 2022 23:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 29 Aug 2022 01:02:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 38ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=322171506365362&ev=fb_page_view&dl=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&rl=&if=false&ts=1661733957341&sw=1600&sh=1200&at=

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 29 Aug 2022 00:45:57 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
14ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1119592781&t=pageview&_s=1&dl=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&ul=en-us&de=UTF-8&dt=Viettel%20%26%20B%C3%ACnh%20%C4%90%E1%BB%8Bnh%20c%C3%B9ng%20th%E1%BA%AFng%3A%20Nh%C3%A0%20gi%C3%A0u%20v%C6%B0%E1%BB%A3t%20kh%C3%B3&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=387823822&gjid=310146704&cid=1419012330.1661733957&tid=UA-20374657-1&_gid=818252612.1661733957&_r=1&gtm=2ou8o0&z=1201169870

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bongdaplus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:45:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bongdaplus.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 72ms
19ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-20374657-1&cid=1419012330.1661733957&jid=387823822&gjid=310146704&_gid=818252612.1661733957&_u=YEBAAUAAAAAAAC~&z=1621470667

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bongdaplus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 29 Aug 2022 00:45:57 GMT
content-type: text/plain
access-control-allow-origin: https://bongdaplus.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 1
bongdaplus.vn/imgthumbnail/375216/0/ 0
83 B 454ms
454ms Image
text/plain 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/imgthumbnail/375216/0/1
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:57 GMT
cache-control: private
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 0

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
5 KB 150ms
26ms Image
image/png 151.139.242.29
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=9753a5d8-c1fa-42e2-876e-3a12383d7ae0
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:57 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: nginx
x-powered-by: ASP.NET
etag: "0abbdbd420cc1:0"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <http://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_4.png>; rel="canonical"
content-length: 4535
expires: Wed, 28 Sep 2022 00:45:52 GMT

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
633 B 149ms
25ms Script
application/javascript 151.139.242.29
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:57 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: nginx
x-powered-by: ASP.NET
etag: "26b181f16d28d51:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <http://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 280
expires: Wed, 28 Sep 2022 00:45:42 GMT

GET
H2 200 Arf.min.js Show response
media1.admicro.vn/cms/ 280 KB
88 KB 1241ms
313ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/cms/Arf.min.js
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: 6cffceab84a467166c18ba248a9e6ad6dd700294d65f96284dd7ce09c2f76b3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 07:50:24 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Mon, 29 Aug 2022 00:55:58 GMT

GET
H2 200 gaxpt.min.js Show response
gamma.cachefly.net/js/ 14 KB
5 KB 77ms
17ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gamma.cachefly.net/js/gaxpt.min.js
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 327ab5ac2c2450c2cc55f53076dc4e427e4318ac9c846f4a192dcbe38e711d56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:57 GMT
content-encoding: gzip
x-cf3: H
cf4ttl: 604800.000
x-cf1: 16114:fB.cdg1:co:1625650228:cacheB.cdg1-01:H
gamma-cdn: srv_178
x-cf-reqid: 74a815dce6cf2d47fe305cf89077c0fc
content-length: 4901
x-cf-tsc: 1655329449
x-cf2: H
last-modified: Wed, 07 Jul 2021 09:27:38 GMT
server: CFS 0215
x-cff: B
etag: W/"60e5738a-3873"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf4age: 175514
accept-ranges: bytes
expires: Tue, 30 Aug 2022 00:45:57 GMT

GET
H2 200 ats.js Show response
anymind360.com/js/4124/ 107 KB
27 KB 32ms
7ms Script
application/javascript 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/4124/ats.js

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e1b49fbe9260523c078550f035d23d8bab2f0a1b5450873965eead957ff0a841

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:57 GMT
content-encoding: gzip
age: 60164
x-guploader-uploadid: ADPycdv7VlbjR3niOFOoTTD-6E8PApCOe4KrQh_yXpO0bSka-e_X_YbvrO9ITGzMIFKgFCSWbDzl53L73EESsCWRVr-vLQ
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
strict-transport-security: max-age=300
content-length: 27345
x-served-by: cache-tyo11930-TYO, cache-hhn4041-HHN
access-control-allow-origin: *
expires: Sun, 28 Aug 2022 08:03:12 GMT
last-modified: Mon, 22 Aug 2022 08:01:35 GMT
server: UploadServer
x-timer: S1661733958.505382,VS0,VE1
etag: "5daed48139aa546201c3b5da1a9c4701"
vary: Accept-Encoding
x-goog-hash: crc32c=ufOXCg==, md5=Xa7UgTmqVGIBw7XaGpxHAQ==
x-goog-generation: 1661155295116045
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: max-age=1200
x-goog-stored-content-length: 27345
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 3, 1

GET
H2 200 hb.js Show response
cdn.unibots.in/headerbidding/common/ 51 KB
21 KB 52ms
7ms Script
application/javascript 138.199.37.231
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibots.in/headerbidding/common/hb.js
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.231 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-231.datapacket.com
Software: BunnyCDN-DE-863 /
Resource Hash: 5b03c373534630af1227f80129af67967bf2bf92c714b0f950a0afab0ab9aebb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:57 GMT
content-encoding: br
cdn-edgestorageid: 755
cdn-fileserver: 311
cdn-storageserver: DE-168
cdn-cachedat: 08/25/2022 08:03:45
cdn-pullzone: 483488
server: BunnyCDN-DE-863
last-modified: Thu, 25 Aug 2022 08:01:47 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"63072c6b-caf2"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: f95dda8cfe4b12898be53557762eaeb7
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 player.js Show response
cdn.unibotscdn.com/ubplayer/ 102 KB
40 KB 42ms
7ms Script
application/javascript 89.187.169.3
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/player.js
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-3.cdn77.com
Software: BunnyCDN-DE-752 /
Resource Hash: 3e199b8019a5af588b1c8697ddba67c9caf56cdcfaf27bb992ee0cba2f970dae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:57 GMT
content-encoding: br
cdn-edgestorageid: 601
cdn-fileserver: 336
cdn-storageserver: DE-199
cdn-cachedat: 08/26/2022 14:12:46
cdn-pullzone: 873945
server: BunnyCDN-DE-752
last-modified: Fri, 26 Aug 2022 14:11:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"6308d4aa-198e2"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=2592000
cdn-requestid: c500d118cb7b910e883b64d880d16bea
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 54ms
15ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

0e89279483fb861861b57327cdda662db2b12537f759b1200006307c6f7f708d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28509
x-xss-protection: 0
server: sffe
etag: "1317 / 273 of 1000 / last-modified: 1661552013"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 29 Aug 2022 00:45:57 GMT

GET
H2 200 jquery Show response
bongdaplus.vn/bundles/ 137 KB
58 KB 451ms
449ms Script
text/javascript 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/bundles/jquery?v=2svGaZRvs0AaMYTOAHSweCa27ehCpILIM0fY4jeMdDs1
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 15ae807677dd96a011e165275f01da048de00640adfa0f134a97e2632917fdfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:57 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 00:45:58 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public
content-length: 58929
expires: Tue, 29 Aug 2023 00:45:58 GMT

GET
H2 200 seag-fixture.js Show response
bongdaplus.vn/scripts/ 8 KB
1 KB 450ms
448ms Script
application/javascript 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/scripts/seag-fixture.js?new=637973559579045844
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7bb50942bdac8ffe07d9ea86743f871425484d5f67a31b108d4cf1f79e1fdfee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:57 GMT
content-encoding: gzip
etag: "80d05bcd386ed81:0"
last-modified: Mon, 23 May 2022 00:05:25 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 1082

GET
H2 200 seag.js Show response
bongdaplus.vn/scripts/ 10 KB
3 KB 448ms
446ms Script
application/javascript 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/scripts/seag.js?new=34fd23r
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1c777efde8537597a0ec5901c95f48843206990d489bcfa35bdefe2e2e49d50a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:57 GMT
content-encoding: gzip
etag: "80a9f652b66d81:0"
last-modified: Thu, 12 May 2022 14:19:43 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 2602

GET
H2 200 chart.min.js Show response
bongdaplus.vn/scripts/ 56 KB
13 KB 449ms
447ms Script
application/javascript 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/scripts/chart.min.js
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b53c2627dfab90adf4c1390e721a4f4ff030ce216a10f064cf4fea4f17c1a95e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:57 GMT
content-encoding: gzip
etag: "01eb3f86a2d61:0"
last-modified: Wed, 14 Oct 2020 08:49:48 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 12984

GET
H2 200 widget2chart.js Show response
bongdaplus.vn/scripts/ 2 KB
1 KB 450ms
448ms Script
application/javascript 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/scripts/widget2chart.js
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c37df288752e6f220cadbb1c1c9a14f987f62316a6987029df22e03e02c192f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:57 GMT
content-encoding: gzip
etag: "087bac1128d61:0"
last-modified: Tue, 12 May 2020 03:59:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 1055

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 40ms
18ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-20374657-1&cid=1419012330.1661733957&jid=387823822&_u=YEBAAUAAAAAAAC~&z=1491730260

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:45:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 44ms
19ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-20374657-1&cid=1419012330.1661733957&jid=387823822&_u=YEBAAUAAAAAAAC~&z=1491730260

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:45:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo-tap-chi.png
bongdaplus.vn/img/ 11 KB
12 KB 224ms
224ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/logo-tap-chi.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 008a492f856df45e774e16d26f6a912594c09cad03768e2923463ed500e85955

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Sat, 17 Oct 2020 03:36:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "372d95c036a4d61:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 11707

GET
DATA 200
OK truncated
/ 574 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0f1d94bb70ffce78152b14fff0708c81d1c3e493f3b9dc0c93fd4e2076a2992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ga6Iaw1J5X9T9RW6j9bNfFcWaDq8fMU.woff2
bongdaplus.vn/HtmlFiles/fonts/ 13 KB
13 KB 224ms
224ms Font
application/font-woff2 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/HtmlFiles/fonts/ga6Iaw1J5X9T9RW6j9bNfFcWaDq8fMU.woff2
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e7be357ddd89fe4f85dd3a2f16929f2344148d0ede966e9bf92febe1b998cc9b

Request headers

Referer: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Thu, 31 Oct 2019 03:12:58 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "bf1cb18998fd51:0"
content-type: application/font-woff2
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 13192

GET
H2 200 7Au_p_0qiz-adYnjOCX2z24PMFk.woff2
bongdaplus.vn/HtmlFiles/fonts/ 11 KB
11 KB 224ms
224ms Font
application/font-woff2 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/HtmlFiles/fonts/7Au_p_0qiz-adYnjOCX2z24PMFk.woff2
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ecdc1a24a0a56f42da0ee128d4c2e35235ef86acfbf98aab933aeb9cc5813bed

Request headers

Referer: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Thu, 31 Oct 2019 03:13:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "f1e85d1b998fd51:0"
content-type: application/font-woff2
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 11596

GET
H2 200 7Au_p_0qiz-adZnkOCX2z24PMFk.woff2
bongdaplus.vn/HtmlFiles/fonts/ 11 KB
11 KB 224ms
224ms Font
application/font-woff2 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/HtmlFiles/fonts/7Au_p_0qiz-adZnkOCX2z24PMFk.woff2
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c9efd7fc7c05338def25dbdf68063a4efe9d34dd3bc854fae26cff90fbeef9e0

Request headers

Referer: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Thu, 31 Oct 2019 03:13:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "7ccec11b998fd51:0"
content-type: application/font-woff2
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 11484

GET
H2 200 ga6Law1J5X9T9RW6j9bNdOwzfReece9LOoc.woff2
bongdaplus.vn/HtmlFiles/fonts/ 13 KB
13 KB 225ms
225ms Font
application/font-woff2 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/HtmlFiles/fonts/ga6Law1J5X9T9RW6j9bNdOwzfReece9LOoc.woff2
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0877239101cbff856743513b4ea69fbaf9c580c8ae526e0a8d2ef1b770414094

Request headers

Referer: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Thu, 31 Oct 2019 03:12:59 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "c831d19998fd51:0"
content-type: application/font-woff2
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 13660

GET
DATA 200
OK truncated
/ 386 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5350e40136d62c57afd4f1b060be9f53a79f9e7b45890edb22153936e65c31b0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 680 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38bbcaec5cb774e2f991f236a69b7952424ae9dec3a6a788b1eda617683974a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 7Au_p_0qiz-adbHhOCv2z24PMFk-0g.woff2
bongdaplus.vn/HtmlFiles/fonts/ 10 KB
10 KB 225ms
225ms Font
application/font-woff2 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/HtmlFiles/fonts/7Au_p_0qiz-adbHhOCv2z24PMFk-0g.woff2
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1ec8f932a53abf5237047528c8d541ce7970c5f187e8e34a3980757240f7cd34

Request headers

Referer: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Thu, 31 Oct 2019 03:13:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "9c70161b998fd51:0"
content-type: application/font-woff2
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 10624

GET
H2 200 7Auwp_0qiz-afTLGLQjUwkQ.woff2
bongdaplus.vn/HtmlFiles/fonts/ 11 KB
11 KB 225ms
225ms Font
application/font-woff2 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/HtmlFiles/fonts/7Auwp_0qiz-afTLGLQjUwkQ.woff2
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 559a79dfc55855934e68eae72c755fb1e381e5628cbf2928354ccb871e79beb9

Request headers

Referer: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Thu, 31 Oct 2019 03:12:59 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "f9a74219998fd51:0"
content-type: application/font-woff2
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 11528

GET
H2 200 7Au_p_0qiz-ade3iOCX2z24PMFk.woff2
bongdaplus.vn/HtmlFiles/fonts/ 11 KB
11 KB 225ms
225ms Font
application/font-woff2 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/HtmlFiles/fonts/7Au_p_0qiz-ade3iOCX2z24PMFk.woff2
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bbf725af901c16b2cae1d7975ef1d333a8ccccf2bea304aa738ff26640b42d30

Request headers

Referer: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Thu, 31 Oct 2019 03:12:58 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "4515e018998fd51:0"
content-type: application/font-woff2
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 11552

GET
H2 200 7Au_p_0qiz-adZnkOCv2z24PMFk-0g.woff2
bongdaplus.vn/HtmlFiles/fonts/ 10 KB
10 KB 227ms
226ms Font
application/font-woff2 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/HtmlFiles/fonts/7Au_p_0qiz-adZnkOCv2z24PMFk-0g.woff2
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fb58471848f71c62b2d36d8c3c495acf62109dd480bc0a0bb013f078655cb9ff

Request headers

Referer: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Thu, 31 Oct 2019 03:13:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8091681c998fd51:0"
content-type: application/font-woff2
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 10620

GET
H2 200 7Auwp_0qiz-afTzGLQjUwkQ1OQ.woff2
bongdaplus.vn/HtmlFiles/fonts/ 10 KB
10 KB 226ms
226ms Font
application/font-woff2 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/HtmlFiles/fonts/7Auwp_0qiz-afTzGLQjUwkQ1OQ.woff2
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eadd8fd658f956e748d413915e11e7ec4d0b481f32be1b76483d61cb8a343316

Request headers

Referer: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Thu, 31 Oct 2019 03:13:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "647e8b1a998fd51:0"
content-type: application/font-woff2
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 10560

GET
H2 200 7Au_p_0qiz-ade3iOCv2z24PMFk-0g.woff2
bongdaplus.vn/HtmlFiles/fonts/ 10 KB
11 KB 226ms
225ms Font
application/font-woff2 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/HtmlFiles/fonts/7Au_p_0qiz-ade3iOCv2z24PMFk-0g.woff2
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ed063a25eca9287d2f15a3b03460fe21d96da08d395832d368c8bfc61ef11f26

Request headers

Referer: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Thu, 31 Oct 2019 03:13:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8257b819998fd51:0"
content-type: application/font-woff2
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 10640

GET
H2 200 7Au_p_0qiz-adYnjOCv2z24PMFk-0g.woff2
bongdaplus.vn/HtmlFiles/fonts/ 10 KB
10 KB 224ms
223ms Font
application/font-woff2 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/HtmlFiles/fonts/7Au_p_0qiz-adYnjOCv2z24PMFk-0g.woff2
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6e469edd8bb85aa15616b181c9b0fffc73c3aebeb63a0f6119201a930f1748c4

Request headers

Referer: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Thu, 31 Oct 2019 03:13:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "267f31a998fd51:0"
content-type: application/font-woff2
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 10592

GET
H2 200 ga6Iaw1J5X9T9RW6j9bNfFkWaDq8fMVxMw.woff2
bongdaplus.vn/HtmlFiles/fonts/ 23 KB
23 KB 225ms
225ms Font
application/font-woff2 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/HtmlFiles/fonts/ga6Iaw1J5X9T9RW6j9bNfFkWaDq8fMVxMw.woff2
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 351c1d6655444d1cea92df7ec6baebe01a0c03f2c3cb9be76e4ac7a7f61f9a6d

Request headers

Referer: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Thu, 31 Oct 2019 03:13:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "83c11f1c998fd51:0"
content-type: application/font-woff2
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 23748

GET
H2 200 ga6Law1J5X9T9RW6j9bNdOwzfRmece9LOocoDg.woff2
bongdaplus.vn/HtmlFiles/fonts/ 24 KB
24 KB 411ms
411ms Font
application/font-woff2 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/HtmlFiles/fonts/ga6Law1J5X9T9RW6j9bNdOwzfRmece9LOocoDg.woff2
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3f7ec7d03c22fa7ad6aded46122d2ea4c81a4c11f13ac1990a1e40f0703aa147

Request headers

Referer: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Thu, 31 Oct 2019 03:13:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "e91c4e1a998fd51:0"
content-type: application/font-woff2
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 24420

GET
H2 200 7Au_p_0qiz-adbHhOCX2z24PMFk.woff2
bongdaplus.vn/HtmlFiles/fonts/ 11 KB
11 KB 397ms
397ms Font
application/font-woff2 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/HtmlFiles/fonts/7Au_p_0qiz-adbHhOCX2z24PMFk.woff2
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e6600dc3d4a01ea1e1f10f82d3046b4995142fa6c8d5e8564b0c3674f02fd85b

Request headers

Referer: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Thu, 31 Oct 2019 03:13:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "2fc43c1b998fd51:0"
content-type: application/font-woff2
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 11644

GET
H2 200 common.js Show response
bongdaplus.vn/adscripts/web/ 2 KB
951 B 323ms
322ms Script
application/javascript 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/adscripts/web/common.js?new=1661733958071
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/bundles/jquery?v=2svGaZRvs0AaMYTOAHSweCa27ehCpILIM0fY4jeMdDs1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9b5a6af364cf3c48620c91908f0538b82cd6bd475f59bec5476e4b65e30780d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
content-encoding: gzip
etag: "944301b26fed71:0"
last-modified: Fri, 31 Dec 2021 09:09:24 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 854

GET
H2 200 news.js Show response
bongdaplus.vn/adscripts/web/ 19 KB
4 KB 323ms
323ms Script
application/javascript 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/adscripts/web/news.js?new=1661733958074
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/bundles/jquery?v=2svGaZRvs0AaMYTOAHSweCa27ehCpILIM0fY4jeMdDs1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: af12c096e170df6f4065048948d920207f7a9810fcf07896f1744d8dac9e6885

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
content-encoding: gzip
etag: "807372a552b8d81:0"
last-modified: Thu, 25 Aug 2022 07:16:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 4057

GET
H3 200 pubads_impl_2022082501.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 26ms
9ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js?cb=31069174

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

aad48e612efa9d7364a3ad0e06aaa0d46320b7a57cc13697a8997ee9ef7c9101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 20:56:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132254
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 08:41:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 28 Aug 2023 20:56:00 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
352 B 34ms
17ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bongdaplus.vn

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e85305c861f4d07b53fddbab9bd7a23ccd27f205e2eb088a4d99e2aca5cdab96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Aug 2022 00:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Mon, 29 Aug 2022 00:45:58 GMT

GET
H2 200 lee-nguyen-1.jpg
cdn.bongdaplus.vn/Assets/Media/2022/08/28/56/ 29 KB
30 KB 422ms
419ms Image
image/jpeg 103.151.240.2
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bongdaplus.vn/Assets/Media/2022/08/28/56/lee-nguyen-1.jpg
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.2 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 49558eb59906b76fdfdffe1a0fa6fce151a97c5557c2b123356cdd9f9e22e963

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Sun, 28 Aug 2022 04:09:00 GMT
server: Microsoft-IIS/10.0
age: 73713
x-powered-by: ASP.NET
etag: "b914c9e693bad81:0"
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
content-length: 30124

GET
H2 200 BARCA_e.jpg
cdn.bongdaplus.vn/Assets/Media/2022/08/29/66/ 37 KB
37 KB 572ms
569ms Image
image/jpeg 103.151.240.2
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bongdaplus.vn/Assets/Media/2022/08/29/66/BARCA_e.jpg
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.2 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c43915049054d340f1c86af6977b96f8c79291c698bb33228a41a80649e0e653

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Sun, 28 Aug 2022 23:10:42 GMT
server: Microsoft-IIS/10.0
age: 5078
x-powered-by: ASP.NET
etag: "a6843b6533bbd81:0"
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
content-length: 37733

GET
H2 200 Espanyol-vs-real-1-3.jpg
cdn.bongdaplus.vn/Assets/Media/2022/08/29/17/ 38 KB
38 KB 573ms
570ms Image
image/jpeg 103.151.240.2
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bongdaplus.vn/Assets/Media/2022/08/29/17/Espanyol-vs-real-1-3.jpg
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.2 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 09501fbc70b3df5c2f53290a57c61ab50e9517204048f9815ddb1bd1a0501484

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Sun, 28 Aug 2022 22:06:44 GMT
server: Microsoft-IIS/10.0
age: 4918
x-powered-by: ASP.NET
etag: "1837bc752abbd81:0"
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
content-length: 38406

GET
H2 200 barcelona-vs-Valladolid-4-0_c.jpg
cdn.bongdaplus.vn/Assets/Media/2022/08/29/17/ 20 KB
20 KB 572ms
570ms Image
image/jpeg 103.151.240.2
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bongdaplus.vn/Assets/Media/2022/08/29/17/barcelona-vs-Valladolid-4-0_c.jpg
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.2 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bd15182f08b6edd3c141ee2d23237e5103788415ca8267b5d8dc539fbd33d323

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Sun, 28 Aug 2022 21:43:37 GMT
server: Microsoft-IIS/10.0
age: 10807
x-powered-by: ASP.NET
etag: "9171b23a27bbd81:0"
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
content-length: 20331

GET
H2 200 psg-vs-monaco-1-1_c.jpg
cdn.bongdaplus.vn/Assets/Media/2022/08/29/17/ 16 KB
16 KB 572ms
569ms Image
image/jpeg 103.151.240.2
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bongdaplus.vn/Assets/Media/2022/08/29/17/psg-vs-monaco-1-1_c.jpg
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.2 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 60de5b6c89b1798dd63733cef509ea36f0a21475ff8c7ed6d007eb5d7200ec42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Sun, 28 Aug 2022 21:23:46 GMT
server: Microsoft-IIS/10.0
age: 11740
x-powered-by: ASP.NET
etag: "d19afb7424bbd81:0"
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
content-length: 16484

GET
H2 200 Lewandowski-danh-got-ghi-ban_c.jpg
cdn.bongdaplus.vn/Assets/Media/2022/08/29/17/ 17 KB
17 KB 572ms
570ms Image
image/jpeg 103.151.240.2
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bongdaplus.vn/Assets/Media/2022/08/29/17/Lewandowski-danh-got-ghi-ban_c.jpg
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.2 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fa76424920e150778194ca1b8ed906ee70bd35b17ac01aa25f2293249c108777

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Sun, 28 Aug 2022 21:52:12 GMT
server: Microsoft-IIS/10.0
age: 10210
x-powered-by: ASP.NET
etag: "73a2e46d28bbd81:0"
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
content-length: 17378

GET
H2 200 viettel-vs-thanh-hoa-3-1_c.jpg
cdn.bongdaplus.vn/Assets/Media/2022/08/28/17/ 17 KB
18 KB 572ms
570ms Image
image/jpeg 103.151.240.2
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bongdaplus.vn/Assets/Media/2022/08/28/17/viettel-vs-thanh-hoa-3-1_c.jpg
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.2 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e13e09fa3c8e7e9dc2c852a608e50cdf97e74a06d28557b0bff8cc5392612155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Sun, 28 Aug 2022 15:04:46 GMT
server: Microsoft-IIS/10.0
age: 33038
x-powered-by: ASP.NET
etag: "e3cadb82efbad81:0"
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
content-length: 17783

GET
H2 200 7Au_p_0qiz-adZnkOCr2z24PMFk-0g.woff2
bongdaplus.vn/HtmlFiles/fonts/ 4 KB
4 KB 231ms
231ms Font
application/font-woff2 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/HtmlFiles/fonts/7Au_p_0qiz-adZnkOCr2z24PMFk-0g.woff2
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f72f79730eb9cbad4fbf513eb950c1b52aa4f7e7013566ee70f29f1696dfae9a

Request headers

Referer: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Thu, 31 Oct 2019 03:13:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "d5639f1b998fd51:0"
content-type: application/font-woff2
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 3684

GET
H2 200 7Au_p_0qiz-ade3iOCr2z24PMFk-0g.woff2
bongdaplus.vn/HtmlFiles/fonts/ 4 KB
4 KB 230ms
230ms Font
application/font-woff2 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/HtmlFiles/fonts/7Au_p_0qiz-ade3iOCr2z24PMFk-0g.woff2
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f627c263ea8004adc0ce483b25204b1b39437b0c437f8a820b62d1323707c67b

Request headers

Referer: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Thu, 31 Oct 2019 03:12:58 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "e280f918998fd51:0"
content-type: application/font-woff2
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 3700

GET
H2 200 7Au_p_0qiz-adYnjOCr2z24PMFk-0g.woff2
bongdaplus.vn/HtmlFiles/fonts/ 4 KB
4 KB 230ms
230ms Font
application/font-woff2 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/HtmlFiles/fonts/7Au_p_0qiz-adYnjOCr2z24PMFk-0g.woff2
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e100b9ec450ea7453713cc233893a533529d0a76803f3b35d922da3cff301968

Request headers

Referer: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Thu, 31 Oct 2019 03:13:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "79e3851a998fd51:0"
content-type: application/font-woff2
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 3756

GET
H2 200 7Auwp_0qiz-afT3GLQjUwkQ1OQ.woff2
bongdaplus.vn/HtmlFiles/fonts/ 4 KB
4 KB 231ms
230ms Font
application/font-woff2 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/HtmlFiles/fonts/7Auwp_0qiz-afT3GLQjUwkQ1OQ.woff2
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 55bfb9ad47894ed6dfcbf8ca87cfe17eafcdc83263c92ed650c60c641e1cc6a4

Request headers

Referer: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Thu, 31 Oct 2019 03:13:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "177691a998fd51:0"
content-type: application/font-woff2
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 3644

GET
H2 200 ga6Iaw1J5X9T9RW6j9bNfFgWaDq8fMVxMw.woff2
bongdaplus.vn/HtmlFiles/fonts/ 4 KB
4 KB 525ms
525ms Font
application/font-woff2 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/HtmlFiles/fonts/ga6Iaw1J5X9T9RW6j9bNfFgWaDq8fMVxMw.woff2
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 13c01c355d6b1471efbdcb9b2f0d4e855bf657bf66f0a30a881a2d93b105e75d

Request headers

Referer: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Thu, 31 Oct 2019 03:12:59 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "3a255e19998fd51:0"
content-type: application/font-woff2
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 4108

GET
H2 200 7Au_p_0qiz-adbHhOCr2z24PMFk-0g.woff2
bongdaplus.vn/HtmlFiles/fonts/ 4 KB
4 KB 516ms
516ms Font
application/font-woff2 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/HtmlFiles/fonts/7Au_p_0qiz-adbHhOCr2z24PMFk-0g.woff2
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d4928b122a9d092dc5d7c6ef44f4d66b1eff39a58ee33547dddbc1cb44400ffa

Request headers

Referer: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Thu, 31 Oct 2019 03:13:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "841a1a1b998fd51:0"
content-type: application/font-woff2
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 3672

GET
H2 200 ga6Law1J5X9T9RW6j9bNdOwzfRiece9LOocoDg.woff2
bongdaplus.vn/HtmlFiles/fonts/ 4 KB
4 KB 368ms
368ms Font
application/font-woff2 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://bongdaplus.vn/HtmlFiles/fonts/ga6Law1J5X9T9RW6j9bNdOwzfRiece9LOocoDg.woff2
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a32d926f7bb8fa275b1d9eda555b8e20534b38afe4e6918f6931b5934f8dd1eb

Request headers

Referer: https://bongdaplus.vn/Content/css?v=dC-8Ancf0UwUot16e8s4WfkqkYB7XuauNWi3kAxL8681
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
last-modified: Thu, 31 Oct 2019 03:13:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "586f21a998fd51:0"
content-type: application/font-woff2
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 4164

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
57 KB 80ms
43ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/bundles/jquery?v=2svGaZRvs0AaMYTOAHSweCa27ehCpILIM0fY4jeMdDs1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c29d05994ebf8816d5b84993a6001884d5902dc37478ded7dfc7a0ed46e31c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57913
x-xss-protection: 0
server: cafe
etag: 15336981053466894282
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 00:45:58 GMT

GET
H2 200 secureads.js Show response
increaserev.com/ads/taga/ 161 KB
13 KB 47ms
15ms Script
application/javascript 2606:4700:20::681a:17e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://increaserev.com/ads/taga/secureads.js
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/bundles/jquery?v=2svGaZRvs0AaMYTOAHSweCa27ehCpILIM0fY4jeMdDs1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:17e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5052c040fca127da60adcfc024f12ebaebed1e580475d9477fa22effa488b84d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7052
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 01 Dec 2021 10:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4M8ZQoacYUJE3W%2B4zBNd9Qmwxot%2B93o08X5JDoQcgpuwMkFabXCiG8wv7FlLyfEMCXW5IQkRngx10q569cGhjdF%2Bp3NaIwq9JUpn1QTqijAKU7hmTYdLnYlnIYtfphIu5Ty81USN9%2BqWZQr%2BZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 742144585b979295-FRA
access-control-allow-headers: origin, x-requested-with, content-type

GET
H2 200 mshowad.js Show response
ads.pubmatic.com/AdServer/js/ 13 KB
5 KB 388ms
7ms Script
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/mshowad.js
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/bundles/jquery?v=2svGaZRvs0AaMYTOAHSweCa27ehCpILIM0fY4jeMdDs1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f242962ab816cec971ddfa32f4108054205e7a60fc4216c511a7dc4885d9ca13

Request headers

Referer: https://bongdaplus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

unused62: 8096267
date: Mon, 29 Aug 2022 00:45:58 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 18:58:14 GMT
server: Apache
etag: "1300003-3418-5b232edf8808d"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=172439
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 4882
expires: Wed, 31 Aug 2022 00:39:57 GMT

GET
H2 200 bongdaplus.vn.1339465.js Show response
jsc.mgid.com/b/o/ 2 KB
2 KB 48ms
16ms Script
text/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/o/bongdaplus.vn.1339465.js?234
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/bundles/jquery?v=2svGaZRvs0AaMYTOAHSweCa27ehCpILIM0fY4jeMdDs1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98eeae7da9f01d54069ef3d56197ce881d448c5694776e10727746f2246870c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 4571
cf-polished: origSize=2320
last-modified: Wed, 17 Aug 2022 06:38:15 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FA16P2MGPZJRBJ8X
x-amz-id-2: vxIUf0DBS11PhsVydbusVlzANjxiIzduGVSTrhUuDG1y/UPXAD6r5f14sUcYBbZ2E8Uq+Le3XEA=
cf-bgj: minify
server: cloudflare
etag: W/"992eb5f3af818c451b1d09e81a80da78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
x-amz-version-id: 5PiW7dK6spyD7x58fdRNiCd8px8bY2OB
cf-ray: 742144587e0c9b2b-FRA
expires: Mon, 29 Aug 2022 03:45:58 GMT

GET
H/1.1 200
OK embed.js Show response
script.novanet.vn/ 42 KB
10 KB 3220ms
214ms Script
application/javascript 171.244.15.69
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL

https://script.novanet.vn/embed.js

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/bundles/jquery?v=2svGaZRvs0AaMYTOAHSweCa27ehCpILIM0fY4jeMdDs1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

171.244.15.69 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

2a3da78f51ae44047a04da9343f3c9585bd4f05e171247f2b13f778927e6938f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bongdaplus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 29 Aug 2022 00:45:59 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 07:34:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "803c2a6f79b0d81:0"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9423

GET
H2 200 bongdaplus_KIB_inpage_300x250.js Show response
pub.lavanetwork.net/sites/bongdaplus_KIB/ 1 KB
605 B 1104ms
281ms Script
application/javascript 123.30.139.122
VNPT-AS-VN Vietna...

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.lavanetwork.net/sites/bongdaplus_KIB/bongdaplus_KIB_inpage_300x250.js
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/bundles/jquery?v=2svGaZRvs0AaMYTOAHSweCa27ehCpILIM0fY4jeMdDs1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 123.30.139.122 , Viet Nam, ASN7643 (VNPT-AS-VN Vietnam Posts and Telecommunications VNPT, VN),
Reverse DNS: static.vnpt.vn
Software: nginx /
Resource Hash: a73f1e987c5c4ba6c6a44858165373f19de25e2a76279fa4074d951df8d152a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:59 GMT
content-encoding: gzip
last-modified: Fri, 29 Apr 2022 21:40:50 GMT
server: nginx
etag: W/"626c5b62-442"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bongdaplus.vn_nativeinimage.js Show response
pub.lavamedia.vn/sites/bongdaplus.vn_Zmedia/ 954 B
613 B 1306ms
282ms Script
application/javascript 123.30.139.122
VNPT-AS-VN Vietna...

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.lavamedia.vn/sites/bongdaplus.vn_Zmedia/bongdaplus.vn_nativeinimage.js
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/bundles/jquery?v=2svGaZRvs0AaMYTOAHSweCa27ehCpILIM0fY4jeMdDs1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 123.30.139.122 , Viet Nam, ASN7643 (VNPT-AS-VN Vietnam Posts and Telecommunications VNPT, VN),
Reverse DNS: static.vnpt.vn
Software: nginx /
Resource Hash: 440f0166e1519de9d0205385287c352e44d91198b2578bfd7138ce5146e1b1af

Request headers

Referer: https://bongdaplus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 29 Aug 2022 00:45:59 GMT
content-encoding: gzip
last-modified: Fri, 27 May 2022 02:14:00 GMT
server: nginx
etag: W/"629033e8-3ba"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loader.js Show response
tenmax-static.cacafly.net/ssp/loader/prod/ 31 KB
13 KB 40ms
12ms Script
application/javascript 2606:4700:10::ac43:1755
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tenmax-static.cacafly.net/ssp/loader/prod/loader.js
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/bundles/jquery?v=2svGaZRvs0AaMYTOAHSweCa27ehCpILIM0fY4jeMdDs1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 289e8bcac0574f4fc69e3c5d043055675e89bdf2e20197364cae75d63a3ab0f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Aug 2022 00:45:58 GMT
content-encoding: gzip
cf-cache-status: HIT
x-azure-ref-originshield: 0HLvoYgAAAADnBlYnIQ1NRreZ1EbGpYYuQU1TMDRFREdFMTkyMgBiMTIxZTIxYy03YzI4LTQwOGItYmQwZi05M2NiNGU3ZGZlZGU=
content-md5: abVfaWJmJse3YSEPVSzVgg==
age: 3107
x-cache: TCP_MISS
x-azure-ref: 0HLvoYgAAAADUsT3rorhcQJO6hsQgPVOlQlJVMzBFREdFMDQwNwBiMTIxZTIxYy03YzI4LTQwOGItYmQwZi05M2NiNGU3ZGZlZGU=
x-ms-lease-status: unlocked
last-modified: Tue, 02 Aug 2022 05:45:55 GMT
server: cloudflare
etag: 0x8DA744A448D692E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: fed77a1a-801e-0074-2333-a664b1000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=1800
x-ms-version: 2009-09-19
cf-ray: 742144587f3e91f3-FRA

GET
H2 200 trace Show response
www.cloudflare.com/cdn-cgi/ 306 B
447 B 41ms
10ms XHR
text/plain 2606:4700::6810:7c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cloudflare.com/cdn-cgi/trace?format=json

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/taga/secureads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f931e18adcb0bf3d3762cb95dfe343bfc60d108abf06f1ca86c3889c9882184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 74214458ac61bbeb-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 getcookietime.php Show response
secureads.increaserev.com/InvalidAds/ 366 B
812 B 59ms
27ms XHR
text/html 2606:4700:20::ac43:4a72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secureads.increaserev.com/InvalidAds/getcookietime.php?domain=bongdaplus.vn

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/taga/secureads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::ac43:4a72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3ba0e62f56eda713cffebaef2120dba4f5d372c07b6e8fa276e269b336f4090

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish: 748658526 745152035
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FUGV6PnDHSBn2ln1asVb7E%2BUav5UBuvrja2ffNhD%2BVoR3rKjIJtOF%2B7C%2FlQr949yD6ZtIAGcjM1bBLePmhZ3H7%2BmbEL6qxlxOxpT6ITj7oFmJPxUQwxYYjppoI27SiSTmeHfnsv4B6LDpUKURmGiKGTdVjh45A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests;
cf-ray: 74214458beb09a03-FRA
x-cache-hits: 1

GET
H2 200 checkblock.php Show response
secureads.increaserev.com/InvalidAds/ 32 B
353 B 59ms
59ms XHR
text/html 2606:4700:20::ac43:4a72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secureads.increaserev.com/InvalidAds/checkblock.php?ip=2a01:4a0:2b::8&domain=bongdaplus.vn

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/taga/secureads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::ac43:4a72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37dbd9c8838bf7334757a235906507a14287f9a2a676ca05b557d28939ef6c17

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish: 739289052
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6i%2BJaQKu5Myhvy9vAPTONt03bysGnQ7Cw3aaBOs0c8cthTzsWFklWL5zBrrv1O%2BA1kXVyYvRJcziQ3kLeET9GSyk3W9tOCxaaEhApuOEEfDXAH75afV%2B9eOS9nXFJxxBcoA9mPpgEicCiFN8oaNj54dUqWmJqoM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests;
cf-ray: 74214458cebd9a03-FRA

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/ Frame 4047 10 KB
5 KB 8ms
7ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 19:35:31 GMT
etag: 8616628553774171045
expires: Sun, 11 Sep 2022 19:35:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bongdaplus.json Show response
cdn.unibots.in/headerbidding/ 21 KB
3 KB 23ms
8ms Fetch
application/json 138.199.37.231
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibots.in/headerbidding/bongdaplus.json
Requested by: Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/hb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.231 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-231.datapacket.com
Software: BunnyCDN-DE-863 /
Resource Hash: c73804db3104d48cd1b2ff8cdab51e3069f74bd8906915de56b36132850943ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:58 GMT
content-encoding: gzip
cdn-edgestorageid: 632
cdn-fileserver: 258
cdn-storageserver: DE-168
cdn-cachedat: 08/25/2022 08:07:48
cdn-pullzone: 483488
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE-863
access-control-allow-origin: *
last-modified: Thu, 25 Aug 2022 08:06:57 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
vary: Accept-Encoding
content-type: application/json
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid: c84dbde00c62885fbf8ae35486574c97
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK block Show response
api.unibots.in/ 45 B
288 B 779ms
142ms Fetch
application/json 45.79.126.27
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://api.unibots.in/block?client=Bongdaplus&page=bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Requested by: Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/hb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.126.27 Mumbai, India, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: 45-79-126-27.ip.linodeusercontent.com
Software: / Express
Resource Hash: 7079c4a270a27cec5738869ff1c650bcb431e7427aa282e507005fbdd4102b4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 29 Aug 2022 00:45:59 GMT
X-Powered-By: Express
ETag: W/"2d-u7Q5CwGaa1ObtHaIkSK9AjhXyhU"
Content-Length: 45
Keep-Alive: timeout=5
Content-Type: application/json; charset=utf-8

GET
H2 200 AdServerServlet Show response
sshowads.pubmatic.com/AdServer/ 2 KB
1 KB 461ms
66ms Script
application/json 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?operId=201&rs=2&pubId=161363&siteId=965675&adId=4509732&kadwidth=970&kadheight=250&sec=1&rid=254008038&pageURL=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&ranreq=0.39771948631528087&inIframe=0&screenResolution=1600x1200&adVisibility=2&adPosition=5026.59375x0&timezone=0&kltstamp=2022-8-29%200%3A45%3A58&ms=1&js=1&pmUniAdId=1&kadpageurl=https%3A%2F%2Fbongdaplus.vn%2F&schain=1.0%2C1!pubmatic.com%2C161363%2C1%2C%2C%2C
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/mshowad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 18f1aced49f996cd2d6abe2e47aa4b928ac2885eba1658f6b44041b27af1287a

Request headers

Referer: https://bongdaplus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 29 Aug 2022 00:45:59 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: application/json; charset=utf-8

GET
H2 200 ad-exchange.js Show response
gamma.cachefly.net/js/ 8 KB
3 KB 17ms
17ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gamma.cachefly.net/js/ad-exchange.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/mshowad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 44bcd125e1b0a68234a78029da1dd530aaef5313dfff43a5f1d67f473e4ebee0

Request headers

Referer: https://bongdaplus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 29 Aug 2022 00:45:59 GMT
content-encoding: gzip
x-cf3: H
cf4ttl: 604800.000
x-cf1: 16114:fB.cdg1:co:1654570307:cacheB.cdg1-01:H
gamma-cdn: srv_178
x-cf-reqid: 1e3f36cbcccf1729827034d65e685f24
content-length: 2681
x-cf-tsc: 1654570332
x-cf2: H
last-modified: Tue, 07 Jun 2022 02:50:30 GMT
server: CFS 0215
x-cff: B
etag: W/"629ebcf6-2140"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf4age: 21
accept-ranges: bytes
expires: Tue, 30 Aug 2022 00:45:59 GMT

GET
H2 200 AdDisplayTrackerServlet Show response
aktrack.pubmatic.com/AdServer/ 0
61 B 409ms
16ms Script
text/html 184.51.9.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=161363&siteId=965675&adId=4509732&adType=3&adServerId=165&kefact=0.000000&kaxefact=0.000000&kadNetFrequecy=0&kadwidth=970&kadheight=250&kadsizeid=0&kltstamp=1661733959&indirectAdId=2720318&adServerOptimizerId=1&ranreq=0.39771948631528087&kpbmtpfact=0.000000&dcId=3&tldId=0&passback=3&svr=ADS23004&adsver=_3013135110&adsabzcid=0&cls=ADS&ekefact=RwwMY61GBAD7y52PUhALQimgCgMasJ3ilUiohF7PoScLcHXF&ekaxefact=RwwMY79GBAAGl2c6WULU9MaaCRQBIaRP7oKUwgqtFX5RpGyp&ekpbmtpfact=RwwMY85GBABR3-AM7SMpPUOZMIzm8wCPPXZMmF-2gPuc2yw6&pfi=1&domId=8447038278070297979&dc=lhr19&crID=0&campaignId=0&isRTB=0&cksum=FE00999AFF59BB4&ver=4&dateHr=2022082900&imprId=79B38E25-1CE6-4DBE-A272-96BFB0C74F76&oid=79B38E25-1CE6-4DBE-A272-96BFB0C74F76&cntryId=58&domain=bongdaplus.vn&sec=1&pmc=0&pAuSt=2&wops=0&sURL=bongdaplus.vn&BrID=5
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/mshowad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-34.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bongdaplus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 29 Aug 2022 00:45:59 GMT
content-length: 0
content-type: text/html

GET
H/1.1 200
OK / Show response
tag.gammaplatform.com/adx/request/ 2 KB
2 KB 764ms
245ms Script
application/x-javascript 54.255.154.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.gammaplatform.com/adx/request/?wid=1488783994&zid=1488784986&content_page_url=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&urf=&zt=&cb=775805/

Requested by

Host: gamma.cachefly.net
URL: https://gamma.cachefly.net/js/ad-exchange.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.154.87 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-154-87.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

d28a3f7833fdc781f6d80b1354bb20bcf1aa50355525cc092fe0e10e00aff7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://bongdaplus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 29 Aug 2022 00:45:59 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/x-javascript
server-time: 0.1(DD).1(B).1(W).1(CB).1
x-server: AdEx-App121
strict-transport-security: max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
transfer-encoding: chunked

GET
H2 200 bongdaplus.css
cdn.unibots.in/headerbidding/css/ 3 KB
2 KB 7ms
7ms Stylesheet
text/css 138.199.37.231
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibots.in/headerbidding/css/bongdaplus.css
Requested by: Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/hb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.231 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-231.datapacket.com
Software: BunnyCDN-DE-863 /
Resource Hash: e40c74232db01d5bf33bab74b26cc3c3bc02c04a70cb539e62bda8391a306a51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:59 GMT
content-encoding: br
cdn-edgestorageid: 874
cdn-fileserver: 287
cdn-storageserver: DE-197
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 08/25/2022 08:07:49
cdn-pullzone: 483488
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE-863
access-control-allow-origin: *
last-modified: Thu, 25 Aug 2022 08:06:56 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"63072da0-b2b"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 475a116262c1ac2e5c822e26c052c9ad
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bongdaplus.js Show response
cdn.unibots.in/headerbidding/js/ 8 KB
3 KB 13ms
13ms Script
application/javascript 138.199.37.231
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibots.in/headerbidding/js/bongdaplus.js
Requested by: Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/hb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.231 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-231.datapacket.com
Software: BunnyCDN-DE-863 /
Resource Hash: 21d061724eea7ba70207488a7904f094724449cced745b73deacfe2c23b841c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:59 GMT
content-encoding: br
cdn-edgestorageid: 755
cdn-fileserver: 298
cdn-storageserver: DE-168
cdn-cachedat: 08/25/2022 20:30:15
cdn-pullzone: 483488
server: BunnyCDN-DE-863
last-modified: Thu, 25 Aug 2022 08:06:56 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"63072da0-206e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: fd0e8f2a53b79d03bfe751db07d1bbbf
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 31ms
16ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/hb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

0deb1fcf565517dfc11ad1cd47c3cca89162c046c2ebe174dd3c692e10a5ef6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28646
x-xss-protection: 0
server: sffe
etag: "1317 / 314 of 1000 / last-modified: 1661551853"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 29 Aug 2022 00:45:59 GMT

GET
H2 200 adScript.js Show response
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/ 349 KB
101 KB 49ms
22ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js

Requested by

Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/hb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

981921c1fc5f74a7486afe18f42a342c0caf6b4de02476647a4ebc9be8a81e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 920
x-jsd-version: 2.3.42
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19149-FRA, cache-itm18834-ITM
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"57493-+6p+9xnfZAtCI/IzcgjIsVHUDZI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulZaZNf%2B01p2vjSCT0cNjG8vtjO%2B7mBBpE8Mrp7kFfzbomWlcmDr29YCvCECSyol2FWEeRSZMBlrWdzkz1nF5Nu%2F7XcbjT4RMF3qHWUrAolprqubB7FUEBD3go1H7G0UYxT4b5en%2BguWagvQipw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 7421445e9ebe9b4b-FRA
access-control-expose-headers: *

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 39 B
194 B 58ms
12ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?fields=status,message,countryCode&key=LWKtz4EzQwMJRyQ
Requested by: Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/hb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: 6c6489a7d04f10c1a0342b15616350774cb7fbe16e98341d13bde9ff539b7c51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 29 Aug 2022 00:45:59 GMT
Content-Length: 39
Content-Type: application/json; charset=utf-8

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
71 KB 39ms
23ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P2DCN3SNWK

Requested by

Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/hb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d3935f754364c1fecb1bf02736ae62d2bec6ff5f16134d9c164e7e9ac829a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72848
x-xss-protection: 0
expires: Mon, 29 Aug 2022 00:45:59 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
71 KB 42ms
27ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P2DCN3SNWK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-20374657-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b90a610d7d016e93aa26ae47494e12495cb06fc887c2f1208c7d2bdd28a567d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72881
x-xss-protection: 0
expires: Mon, 29 Aug 2022 00:45:59 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 56ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P2DCN3SNWK&gtm=2oe8o0&_p=1119592781&cid=1419012330.1661733957&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661733959&sct=1&seg=0&dl=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&dt=Viettel%20%26%20B%C3%ACnh%20%C4%90%E1%BB%8Bnh%20c%C3%B9ng%20th%E1%BA%AFng%3A%20Nh%C3%A0%20gi%C3%A0u%20v%C6%B0%E1%BB%A3t%20kh%C3%B3&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P2DCN3SNWK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:45:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bongdaplus.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 438.json Show response
id5-sync.com/g/v2/ 216 B
623 B 38ms
8ms XHR
application/json 141.95.98.66
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/438.json

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.66 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216537.ip-141-95-98.eu

Software

Resource Hash

aace4c9b060146b9f61eed19bb66274f80496c05abd2bb05b838c75e0ed6e9f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://bongdaplus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bongdaplus.vn
date: Mon, 29 Aug 2022 00:45:58 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
175 B 399ms
91ms XHR
text/plain 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-8A29D8A84EBB4B96F9D6E63644E367E&tdid=&schain=1.0%2C1!unibots.in%2C117%2C1%2C%2C%2C&eids=&id5id_uid=0&u=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&host=bongdaplus.vn&xr=0&w=300&h=250
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bongdaplus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://bongdaplus.vn
Date: Mon, 29 Aug 2022 00:45:59 GMT
Access-Control-Allow-Credentials: true
Connection: close

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
175 B 401ms
93ms XHR
text/plain 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-2736B878DBD63D92C82678A3D363B72A&tdid=&schain=1.0%2C1!unibots.in%2C117%2C1%2C%2C%2C&eids=&id5id_uid=0&u=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&host=bongdaplus.vn&xr=0&w=300&h=250
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bongdaplus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://bongdaplus.vn
Date: Mon, 29 Aug 2022 00:45:59 GMT
Access-Control-Allow-Credentials: true
Connection: close

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
175 B 400ms
91ms XHR
text/plain 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A297DADBDA829A2F49E88B3AAAB6E62&tdid=&schain=1.0%2C1!unibots.in%2C117%2C1%2C%2C%2C&eids=&id5id_uid=0&u=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&host=bongdaplus.vn&xr=0&w=300&h=600
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bongdaplus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://bongdaplus.vn
Date: Mon, 29 Aug 2022 00:45:59 GMT
Access-Control-Allow-Credentials: true
Connection: close

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
175 B 405ms
97ms XHR
text/plain 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-AA7B29A9364D679808346728AE47B4DB&tdid=&schain=1.0%2C1!unibots.in%2C117%2C1%2C%2C%2C&eids=&id5id_uid=0&u=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&host=bongdaplus.vn&xr=0&w=300&h=600
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bongdaplus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://bongdaplus.vn
Date: Mon, 29 Aug 2022 00:45:59 GMT
Access-Control-Allow-Credentials: true
Connection: close

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
175 B 399ms
92ms XHR
text/plain 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-2736B878D24E7BAB0936948368E83B8&tdid=&schain=1.0%2C1!unibots.in%2C117%2C1%2C%2C%2C&eids=&id5id_uid=0&u=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&host=bongdaplus.vn&xr=0&w=300&h=600
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bongdaplus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://bongdaplus.vn
Date: Mon, 29 Aug 2022 00:45:59 GMT
Access-Control-Allow-Credentials: true
Connection: close

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
175 B 400ms
92ms XHR
text/plain 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-2736B878DE329DE7FD3B82D74D9A222&tdid=&schain=1.0%2C1!unibots.in%2C117%2C1%2C%2C%2C&eids=&id5id_uid=0&u=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&host=bongdaplus.vn&xr=0&w=120&h=600
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bongdaplus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://bongdaplus.vn
Date: Mon, 29 Aug 2022 00:45:59 GMT
Access-Control-Allow-Credentials: true
Connection: close

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
175 B 670ms
91ms XHR
text/plain 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B46E7E8B6E828BC6B79737DD93783&tdid=&schain=1.0%2C1!unibots.in%2C117%2C1%2C%2C%2C&eids=&id5id_uid=0&u=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&host=bongdaplus.vn&xr=0&w=120&h=600
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bongdaplus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://bongdaplus.vn
Date: Mon, 29 Aug 2022 00:45:59 GMT
Access-Control-Allow-Credentials: true
Connection: close

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 102ms
44ms XHR
text/plain 198.47.127.22
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bongdaplus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bongdaplus.vn
date: Mon, 29 Aug 2022 00:45:58 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arf-ka3ek337.min.js Show response
media1.admicro.vn/cms/ 5 KB
2 KB 313ms
311ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/cms/arf-ka3ek337.min.js
Requested by: Host: tag.gammaplatform.com
URL: https://tag.gammaplatform.com/adx/request/?wid=1488783994&zid=1488784986&content_page_url=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&urf=&zt=&cb=775805/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: 73c69e61faf618b084ee16f0f85c9f67c916b26f38957a37b3769df366f26008

Request headers

Referer: https://bongdaplus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 00:32:05 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Mon, 29 Aug 2022 00:56:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
265 B 151ms
51ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ambient-digital&ttd_tpi=1
Requested by: Host: tag.gammaplatform.com
URL: https://tag.gammaplatform.com/adx/request/?wid=1488783994&zid=1488784986&content_page_url=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&urf=&zt=&cb=775805/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

recv
cm.gammaplatform.com/adx/
Redirect Chain

https://x.bidswitch.net/sync?ssp=ambient
https://x.bidswitch.net/ul_cb/sync?ssp=ambient
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dambient%26expires%3D30%26us...
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dambient%26expires%3D30%26us...
https://x.bidswitch.net/sync?dsp_id=429&user_id=642d30f7-1fcb-52f1-8a46-e862e94ae42a&ssp=ambient&expires=30&user_group=1&gdpr=&gdpr_consent=
https://cm.gammaplatform.com/adx/recv?pid=7&uid=ae01ed06-a198-4672-80df-01a8109778cc

43 B
285 B

760ms
242ms

Image
image/gif

52.220.229.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.gammaplatform.com/adx/recv?pid=7&uid=ae01ed06-a198-4672-80df-01a8109778cc

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

HTTP/1.1

Server

52.220.229.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

lws: 90
date: Mon, 29 Aug 2022 00:46:01 GMT
content-encoding: gzip
time-ms: 0
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-encoding: utf-8
content-length: 51

Redirect headers

Location: //cm.gammaplatform.com/adx/recv?pid=7&uid=ae01ed06-a198-4672-80df-01a8109778cc
Date: Mon, 29 Aug 2022 00:46:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

recv
cm.gammaplatform.com/adx/
Redirect Chain

https://cm.ambientdsp.com/cm/send?vc=gaj
https://cm.gammaplatform.com/adx/recv?pid=31&uid=wuoznpkz565

43 B
285 B

638ms
242ms

Image
image/gif

52.220.229.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.gammaplatform.com/adx/recv?pid=31&uid=wuoznpkz565

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

HTTP/1.1

Server

52.220.229.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

lws: 35
date: Mon, 29 Aug 2022 00:46:01 GMT
content-encoding: gzip
time-ms: 0
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-encoding: utf-8
content-length: 51

Redirect headers

lws: 127.0.0.1
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 1
date: Mon, 29 Aug 2022 00:46:00 GMT
location: https://cm.gammaplatform.com/adx/recv?pid=31&uid=wuoznpkz565
cache-control: no-store
accept-encoding: utf-8
content-length: 0

GET
H2

200

tpid=8n7tp79ixfrj
bcp.crwdcntrl.net/5/ct=y/c=13633/tp=GMMA/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=13633/tp=GMMA/tpid=8n7tp79ixfrj
https://bcp.crwdcntrl.net/5/ct=y/c=13633/tp=GMMA/tpid=8n7tp79ixfrj

49 B
279 B

48ms
47ms

Image
image/gif

52.30.246.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=13633/tp=GMMA/tpid=8n7tp79ixfrj
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Server: 52.30.246.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-246-43.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
expires: 0
cache-control: no-cache
x-server: 10.45.24.158
content-type: image/gif
content-length: 49
x-consent: absent

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=13633/tp=GMMA/tpid=8n7tp79ixfrj
cache-control: no-cache
x-server: 10.45.19.43
content-length: 0
expires: 0

GET
H2 200 pe=y
ad.crwdcntrl.net/5/c=13633/ 0
0 104ms
29ms Image
application/json 34.251.71.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.crwdcntrl.net/5/c=13633/pe=y?https%3A%2F%2Fd.gammaplatform.com%2Fltm%2Fsync%3Fsegs%3D%24%7Baud_ids%7D
Requested by: Host: tag.gammaplatform.com
URL: https://tag.gammaplatform.com/adx/request/?wid=1488783994&zid=1488784986&content_page_url=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&urf=&zt=&cb=775805/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.71.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-71-171.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ 2 KB
1 KB 47ms
16ms Script
application/javascript 104.16.200.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=83432313f553532313f5435393&cid=954&p=1488783944&s=bongdaplus.vn&x=gammassp&nci=&adtg=1488784986&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=1488783994&di=&mm=&os=&ua=&lat=&lon=
Requested by: Host: tag.gammaplatform.com
URL: https://tag.gammaplatform.com/adx/request/?wid=1488783994&zid=1488784986&content_page_url=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&urf=&zt=&cb=775805/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 26 Aug 2022 17:37:48 GMT
server: cloudflare
age: 3001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 74214462cb695c9e-FRA
content-length: 1168
expires: Mon, 29 Aug 2022 02:46:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 69ms
18ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bongdaplus.vn

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js?cb=31069174

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 53ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bongdaplus.vn

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js?cb=31069174

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 127 KB
37 KB 332ms
332ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1105031247096242&correlator=7805161342853&eid=31068457%2C31069174%2C44761478%2C21065724%2C31064018&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fifs&iu_parts=22684551543%2Cbongdaplus.vn_pc_R1_300x250%2Cbongdaplus.vn_pc_R2_300x250%2Cbongdaplus.vn_pc_R3_300x600%2Cbongdaplus.vn_pc_R4_300x600%2Cbongdaplus.vn_pc_R5_300x600%2Cbongdaplus.vn_pc_fl_120x600%2Cbongdaplus.vn_pc_fr_120x600%2Cbongdaplus_skyscraper_160x600&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=300x250%7C300x250%2C300x250%7C300x600%2C300x600%7C300x250%2C300x600%7C300x250%2C300x600%7C300x250%2C120x600%2C120x600%2C160x600&ifi=1&adks=3551364529%2C3569235479%2C594771041%2C4192230001%2C3644728281%2C3219569482%2C3565502267%2C3584610493&sfv=1-0-38&fsapi=false&eri=1&cust_params=url%3D%252Fv-league%252Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1661733960348&lmt=1661733960&dlt=1661733957241&idt=908&adxs=-12245933%2C-12245933%2C-12245933%2C-12245933%2C1010%2C0%2C1480%2C300&adys=-12245933%2C-12245933%2C-12245933%2C-12245933%2C1976%2C120%2C120%2C1778&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C1%7C0%7C0%7C2&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&frm=20&vis=1&psz=300x0%7C300x0%7C300x0%7C300x0%7C300x600%7C1600x4404%7C1600x4404%7C180x88&msz=300x250%7C300x250%7C300x0%7C300x600%7C300x600%7C120x-1%7C120x-1%7C160x0&fws=132%2C132%2C132%2C132%2C4%2C516%2C516%2C4&ohw=300%2C300%2C300%2C300%2C300%2C1600%2C1600%2C1600&ga_vid=1419012330.1661733957&ga_sid=1661733960&ga_hid=1119592781&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js?cb=31069174

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

7caed03b9ff5f829ff920fccb6142aa4a45944e2bc7b16051060cfce1f36a45c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37532
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bongdaplus.vn
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3D71 6 KB
4 KB 115ms
15ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js?cb=31069174

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:00 GMT
expires: Tue, 29 Aug 2023 00:46:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2FF4 15 KB
6 KB 8ms
7ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=103534
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 29 Aug 2022 00:46:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 30 Aug 2022 05:31:34 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H3 200 bongdaplus.vn.1339465.es6.js Show response
jsc.mgid.com/b/o/ 265 KB
76 KB 38ms
26ms Script
text/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/o/bongdaplus.vn.1339465.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/bongdaplus.vn.1339465.js?234
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfbf85349e010714e5e86b712ac7dcae4d17f48e9cbff4157d6a995e74a5ac49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 4573
cf-polished: origSize=271313
last-modified: Wed, 24 Aug 2022 10:28:56 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AAH8GQEHBWAKC0AT
x-amz-id-2: VFVDhDR59+WmklQod1YT3Y9h+q0RntSMe3iJDLRbKbcWVHFMKpEhKVMzwdF4ZstNEveEkGnPlUc=
cf-bgj: minify
server: cloudflare
etag: W/"cf9677b75056fb00ea739b1eebaff1dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
x-amz-version-id: XWG21wF7BSvwi_GefAOGU0UlJDTlgLdi
cf-ray: 74214464ae2568eb-FRA
expires: Mon, 29 Aug 2022 03:46:00 GMT

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ 31 KB
24 KB 13ms
12ms Script
application/javascript 104.16.200.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1661733960408&ver1=2.2.3&qid=83432313f553532313f5435393&rnd=vsdutm7ei9ni&cid=954
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=83432313f553532313f5435393&cid=954&p=1488783944&s=bongdaplus.vn&x=gammassp&nci=&adtg=1488784986&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=1488783994&di=&mm=&os=&ua=&lat=&lon=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 26 Aug 2022 17:37:48 GMT
server: cloudflare
age: 2225
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 742144649cc35c9e-FRA
content-length: 24217
expires: Mon, 29 Aug 2022 02:46:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 2FF4 0
42 B 97ms
14ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45547243&p=158212&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:59 GMT
content-length: 0

GET
H2 200 nflrc.gif
pre.glotgrx.com/ 26 B
304 B 53ms
18ms Image
image/gif 2606:4700::6810:75c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1661733960456109&ver=1.2r81&qid=83432313f553532313f5435393&p=1488783944&s=bongdaplus.vn&x=gammassp&cid=954&od1=&od2=&adtg=1488784986&nci=&nai=&si=&ai=1488783994&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=vsdutm7ei9ni&impid=&idl=&ttduid=&id5=&emh=&tps=56&ver1=2.2.3&lon=&lat=&ua=&os=&mm=&di=&ip=&ci=&pp=&bp=&w=&h=&pn=&1=a52bd1e3445b36ca85f82c2ad2bc6d52&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=1600x1200&atf=&dbgcid=954&ifm=0&penv=b&pt=&ptbp=&tw=1&ldp=0&icpl=97&icp=https%253A//bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-26-p-fl-10-s-fl-13-x-fl-8-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-10-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-10-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-lon-fl-0-lat-fl-0-ua-fl-0-os-fl-0-mm-fl-0-di-fl-0-ip-fl-0-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-0-h-fl-0-pn-fl-0-&spfp=0&spfnp=0&sp1=Chromefl_andWindows&sp2=Chromefl_andWindows&adv=0&det=0&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1600x1200&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=34
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:75c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
cf-cache-status: HIT
last-modified: Fri, 26 Aug 2022 17:37:39 GMT
server: cloudflare
age: 1846
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 742144654cd49a18-FRA
content-length: 26
expires: Mon, 29 Aug 2022 02:46:00 GMT

GET
BLOB 200
OK cca882eb-8f24-4d82-8a64-dfcd97052494
https://bongdaplus.vn/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bongdaplus.vn/cca882eb-8f24-4d82-8a64-dfcd97052494
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 44fa0e90-d4ed-47de-8c95-0aa458882364
https://bongdaplus.vn/ 245 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bongdaplus.vn/44fa0e90-d4ed-47de-8c95-0aa458882364
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 245
Content-Type: text/javascript

GET
H2 200 admcorearf.js Show response
media1.admicro.vn/core/ 231 KB
64 KB 311ms
311ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/core/admcorearf.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/cms/Arf.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: aa2cb5be32f08b6785703cde0c424fc80377a73d0c5518a5ac618adacc6c41e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 04:55:53 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Mon, 29 Aug 2022 00:56:00 GMT

GET
H2 200 advbcms
lg1.logging.admicro.vn/ 35 B
518 B 1258ms
289ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/advbcms?dmn=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&zid=ka3ek337&pgid=1661733959664277231&uid=1661733959664277231
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
36 B 121ms
108ms Script
text/plain 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1661733960545740582814&uniqId=14c99&lct=1661299200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&lu=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&sessionId=630c0c49-027eb&pageView=1&pvid=182e70ffb61a7aff548&site=627750&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/bongdaplus.vn.1339465.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74214465891a9b2b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
BLOB 206
Partial Content 1a01d8fc-a89e-44d8-a8ec-53e54e978979
https://bongdaplus.vn/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bongdaplus.vn/1a01d8fc-a89e-44d8-a8ec-53e54e978979
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 28ms
14ms Image
image/svg+xml 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 3028
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 31SG1V0WFRNKXC6R
x-amz-id-2: 2ywp9fgknp8c4HO0Z1cJ5C+4aMUUPCMjGdBA1cI/wAWAxrlaPAi52xxpkj8rcWWqMPvoQLnyl6w=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 74214465993b9b2b-FRA
expires: Tue, 30 Aug 2022 00:46:00 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
813 B 30ms
17ms Image
image/svg+xml 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 1408
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 31SYWNNYNESPJ6F1
x-amz-id-2: 3myD4nXSsv4qiYMx2Hi56efn2ys0sdKXq9O5ZJG39ML6YXsxmNdK6iip2d5CSfCah3Py/VE8AbU=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 74214465993d9b2b-FRA
expires: Tue, 30 Aug 2022 00:46:00 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1339465/ 4 KB
2 KB 39ms
25ms Script
application/x-javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1339465/1?pv=5&cbuster=166173396061141143086&uniqId=14c99&lct=1661299200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=0&h=1001&maxw_3=90&maxh_3=200&cols=1&ref=&cxurl=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&lu=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&sessionId=630c0c49-027eb&pageView=1&pvid=182e70ffb61a7aff548&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/bongdaplus.vn.1339465.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b29149c7b0f754d9475a99bf20c9fb483a3decfec2ca36b7793bdb627cc11700

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 74214465e97b9b2b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvM2NmYjc4OTBmMjc1N2UwO...
s-img.mgid.com/g/11739845/492x277/-/ 19 KB
19 KB 48ms
14ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739845/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvM2NmYjc4OTBmMjc1N2UwOWZhYTcwZGQzODQxZTliMTQucG5n.webp?v=1661733960-y_aNZCFy1lDKBe8K3vd-DCzBToYHM9BvaZoKA2uoqAM
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aab9e2e7c2f73090b47d4bfd4c17c79b9cfbf629e28d86a15bd79c414d7e2ec4

Request headers

Referer: https://bongdaplus.vn/
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 12:46:05 GMT
x-mg-request-uuid: 8e98166d-6f6d-4e24-b6ac-c29276319252
age: 9562741
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7421446658d16973-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19212
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzA1LHlfMjQ2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA2L...
s-img.mgid.com/g/13405205/492x277/-/ 13 KB
14 KB 49ms
15ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/13405205/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzA1LHlfMjQ2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA2LzEwMTkyNC8xYmE4YWQ3YmFhNWM3NzY4M2VmMDRjOWEyNjljNWU2Yy5qcGc.webp?v=1661733960-ON4dsR90fEBB345UWrdGZI5_B_UQAhx7cdwvKdY5XXo
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0c668ea42e25726dc5dc1244101d01455e26ac3c7b2da2b7ae9415ea48e4aac

Request headers

Referer: https://bongdaplus.vn/
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Jul 2022 07:50:55 GMT
x-mg-request-uuid: dfc0b5c5-ff9a-4c91-9f90-f3f70174b4b0
age: 5071733
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7421446658d26973-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13540
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzAwLHlfMzAwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA2L...
s-img.mgid.com/g/13405202/492x277/-/ 7 KB
7 KB 48ms
14ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/13405202/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzAwLHlfMzAwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA2LzEwMTkyNC84Mjk3NDA2NDFiZGQ1NjNlNWM1ZWM3ODA2NjM2NDM0NC5qcGc.webp?v=1661733960-pTO89yf9ai_OapOoZj0rTQDYyBT9OlS7ZbOxlRsvf04
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 044e94ddabc59a5834b4765c291ac1ec385e76c0d2b7da1c856b945a357ae179

Request headers

Referer: https://bongdaplus.vn/
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Jul 2022 07:51:45 GMT
x-mg-request-uuid: 233523a7-86f2-4cd4-9593-88c6b3a1655c
age: 5072054
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7421446658d36973-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7296
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMS8xMDE5MjQvMDIzOTI4MmQ5ZTY4NzlhY...
s-img.mgid.com/g/12581123/492x277/-/ 27 KB
27 KB 49ms
16ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12581123/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMS8xMDE5MjQvMDIzOTI4MmQ5ZTY4NzlhYjU5Y2ExNWEwZGNhOGRhNjEuanBn.webp?v=1661733960-dWR46cZ2Egs2awxPPd6ZXs1ilkJh5WB0Ibcp2Lm-bh8
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 469988d3c8c01780d601f947a6071de43a286f88cb325bcca9f510e9493ba4bd

Request headers

Referer: https://bongdaplus.vn/
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 09:36:16 GMT
x-mg-request-uuid: b50c8f6f-a30a-4d11-9d21-9d41edb34f62
age: 9562748
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7421446658d56973-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27162
server: cloudflare

GET
H2 200 i.js Show response
cm.mgid.com/ 0
102 B 118ms
110ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1661733960670444999514
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/bongdaplus.vn.1339465.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7421446649d89b2b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame F3B8 0
38 B 114ms
111ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=166173396067546113891
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/bongdaplus.vn.1339465.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7421446649db9b2b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 209 KB
67 KB 9ms
8ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/bongdaplus.vn.1339465.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8c9bbe742162fa5293b477b57ff3dee85206b67553d0a448a672ca207edf3760

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: gzip
last-modified: Thu, 11 Aug 2022 07:25:33 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=82098
accept-ranges: bytes
content-type: application/javascript
content-length: 67841
expires: Mon, 29 Aug 2022 23:34:18 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 43 KB
13 KB 52ms
16ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/bongdaplus.vn.1339465.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49907fa8e3c67675f143d2d13940ac5ebe29522c5feb70c570aab1e0c1fba2e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 427
x-amz-server-side-encryption: AES256
x-amz-request-id: 40E08SH297EM3S1K
x-amz-id-2: TPWBtstVHz39cgFbQHQ8rjBbDJzz/TPtrVqkthtW/KnY9ag/z7YMJ+kGk067sEFWjYNYWmkeaGB1xEjAo+TmRg==
last-modified: Tue, 23 Aug 2022 08:57:12 GMT
server: cloudflare
etag: W/"bc3c521f89b11aa48366adef8a4f24e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 742144667e9a9073-FRA

GET
H3 200 container.html Show response
5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9868 6 KB
3 KB 33ms
16ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js?cb=31069174

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:00 GMT
expires: Tue, 29 Aug 2023 00:46:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9A6A 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js?cb=31069174

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:00 GMT
expires: Tue, 29 Aug 2023 00:46:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 312F 6 KB
3 KB 13ms
13ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js?cb=31069174

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:00 GMT
expires: Tue, 29 Aug 2023 00:46:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EB3E 6 KB
3 KB 12ms
11ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js?cb=31069174

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:00 GMT
expires: Tue, 29 Aug 2023 00:46:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7C7C 6 KB
3 KB 10ms
10ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js?cb=31069174

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:00 GMT
expires: Tue, 29 Aug 2023 00:46:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D652 6 KB
3 KB 9ms
8ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js?cb=31069174

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:00 GMT
expires: Tue, 29 Aug 2023 00:46:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DB4C 6 KB
3 KB 13ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js?cb=31069174

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:00 GMT
expires: Tue, 29 Aug 2023 00:46:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 387C 6 KB
3 KB 10ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js?cb=31069174

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:00 GMT
expires: Tue, 29 Aug 2023 00:46:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 94ms
18ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbongdaplus.vn%2F&domain=bongdaplus.vn&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bongdaplus.vn
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://bongdaplus.vn
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 29 Aug 2022 00:46:00 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1142
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbongdaplus.vn%2F&domain=bongdaplus.vn&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=xJc8fXx0M2UyTVJJVnZ3c1l0T1pPcm4za0NJL1JWTFpZQXk4ckM3bzlacTFiN1ZPSEZ0YTlpbG9CQ1o1WC9VSGlqTHJ2dVZVQXV1amdTNGRSdFJOaHNIVlMyODVnSzRydkxLeG96VDVEVHVrd3NZMHZzL09Eb0hXSnhtbU...

344 B
612 B

50ms
19ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=xJc8fXx0M2UyTVJJVnZ3c1l0T1pPcm4za0NJL1JWTFpZQXk4ckM3bzlacTFiN1ZPSEZ0YTlpbG9CQ1o1WC9VSGlqTHJ2dVZVQXV1amdTNGRSdFJOaHNIVlMyODVnSzRydkxLeG96VDVEVHVrd3NZMHZzL09Eb0hXSnhtbUJiY3prN1ZFMnBXa0I2bitJaG15Y0hRTlFEMGtmNXlKU2xJbkNJVkk4bHBSUlllR1JCMFVGQXZHVytodkxHd3NxcmxuckNBdC9tUXZBK2NrL0R6U2dOdFpIVUpEcmxGRFI1Rkw5RGVXYm5peDNUdFRnZzVFPXw&cppv=2

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

34c2783955889deac2aa7c2924c1e0f4acc3e1e7fa7756bdcb2fb71a145fd9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3318
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
location: https://mug.criteo.com/sid?cpp=xJc8fXx0M2UyTVJJVnZ3c1l0T1pPcm4za0NJL1JWTFpZQXk4ckM3bzlacTFiN1ZPSEZ0YTlpbG9CQ1o1WC9VSGlqTHJ2dVZVQXV1amdTNGRSdFJOaHNIVlMyODVnSzRydkxLeG96VDVEVHVrd3NZMHZzL09Eb0hXSnhtbUJiY3prN1ZFMnBXa0I2bitJaG15Y0hRTlFEMGtmNXlKU2xJbkNJVkk4bHBSUlllR1JCMFVGQXZHVytodkxHd3NxcmxuckNBdC9tUXZBK2NrL0R6U2dOdFpIVUpEcmxGRFI1Rkw5RGVXYm5peDNUdFRnZzVFPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bongdaplus.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1688
content-length: 482
expires: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0C47 624 B
300 B 19ms
18ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNUHoWjr9RTX--kViCq93ut7ha-nk6Ki98SCo_5ND4QZInMM1tZtbnNwTtcADRqNHPBCidtrprmDaJ0VhVlQU9_-6G7PQuRg8eyqnF7JyS3YGXfNUnsyQXFS32PKSlL2gpD9d1bdK9izMYusU2rtjxNSBus3fVoZaSWXmLdE605bxMK6ip4

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:00 GMT
expires: Mon, 29 Aug 2022 00:46:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9868 27 KB
17 KB 53ms
52ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-FbCeICz5b3j4XrWUH1y3dtBkJHpgi4GzaftQhBbmShGs3I44JBoGYnMaHIBoB0RjtOBMrB4cIF_gs5888rFBjsUHJpto3FlTmKXUroMMZ6daYmOtVrZk3KwVyCZ73LdzlUpr-SHuD-L_E_W3kPbTF7K68A&cry=1&dbm_d=AKAmf-BJc0FYaGNlCbWM13au6SxBIfTwp1fOQl8Yut9-D3lPQ62t6XY8eQwWOA-RjGmK460-jP3aNNWpUcdeXgxt5WZWC7JBt1Gf3YXJBMmGP_zzBcu2DxNO2zJ6r9ScGvHkVfq2oxIcYM-gQvTBFFdupXzBDj_XRKxkHbDgwbCVuBxC5yFEb0tZkObHxp26HV3glj4sMuOYJpPhYlEfgN_MFgCYL8aCqnTBxE3_FLIyio8rWsrRgoMN0S54baKMkLXPoLQl_qD1hBk0cMocaMvvTAKJVtSvpZUNIhpCDLvjybWnkND-sW50eWLnNJI1H34A3CBXlI5t8ZAjWH65-ErgthrwZJ__V3qmwfc3QZC9Qkh8IfVDKGkqKFSGt3TEsXAQwPfSjx6U37FWiXTyyLyJuv0qf8Flg5JWvq5eBFX973_Oz61e1tCi66ouNYQAO_aqXBifFfqGPz3bRVxMJ0lFQvab_CnTFuK-9UL1bYhHJS1wnivZ6t642jpcfXerDMGq3f9mLIrQnNApZM8eGzkXKQaAkfmcCFqDNVrAAAf7uwtD5hmv2LbJJHLla9QSDjBT7gG81tQihSgl7pIPUBtXVBWo8TPVwTa3A9IR2CX3LkFl0RayoWHoXXO9edChFEJnMkuO3gsKZUmAJgXQRG1OyS-i3jud23L3F4gl-W4YK4xUscP7aoCilwrcEa2xVzcQ53WsVBjLc3gNBfP2-4O8hAvw3u5_KFrVLVVCsj1BozdMCn9CJpOiFxgdNzzaVCdlImP29fgWWgtIJA9WpGQdLUOOOyilRqTvCmTk9ejkjECKRU9kE-UINT_JJsoHT6d3fNrgd0hvV_dfl4LiNGhFk9mriYti-L4CdWmitjsGv37d7guOlTM01vfjPuXDdqxWKOcUjnx3RBiCKYYp4S2ukwPk7R5s7CXMmdby-ZVJQvf8Anrk__mf9PO1597pTt26qrr3IH47-w4jQqrXMMFGRYM-sLEJEP00OUtj8s4AEg1fOmGGlYSaWD5h_OfiIf9L6ATyjq5YngUI_CSXbwpFltQ43ODesDs5_E8R6Xn9wHxY7NzRNHU2UOHmRe9cES47novjdNRQF1ilMx1llTHzTfJ5aYeV03F8-E5WtUNyWqfVU-lm6VpETijI-Kxdqd-Ncy0312fE0nYVZ-uWCJrXkoYrRry5B3U5K2AZYVJqmp42YhkvSIVvc4hyRYFC8TrazotrGZgegvA6xxGrnBACOnf8kw2Q3dtQqTcq-nLUjRa2fPMtIiX1eJGAFq6RMWI8tJJKWogE9faUVeNDLmRlKe5fsDhfxuKSDoJ0XgNr6S7KKTt9lNay35IhJ9KqorUxVLPlxyWPkATdrX6klxkNVME-NK0Oh7t-h02M2FaCVYCrbg8WOJEoF5hTgAfMK5HtvFokcPwfr3NXo5oHCvpzpRBlJjPoneIqi2v-_nKC1Z8VZBpW4EVoc5F37ZZD3hVVg9p5_Ll4BjSW4gs7hthL38NPRFwk9DMqypDW4Ijt0Kxs8JQ9eqxicByylGs72cD-MHIM3InQYPu0a8zyed6OLWmfKLsKoiBts5K5FVIwJbFawLyWmUYrqsFqHXDyaoWzYCq2wv3EXaDhHPSZTjlrumi3FvkhSegEdJSfsybgvbBRk6vXdBi0OENJU_bXgpVhznKkH4bGHqRQI7MfMFjR6pg8dGHxYqDfu-buIRwrALNq0KSDhnxaug5TBRQ6MCNoGsA68cuDaboEfdZQzpKQ3NVWQYjZeo4bGa4wMRbUo1rZH0O-lOG1zWGzT9_gpI4oHeGZGxAaDaPLqv8iAnOSXpq28l9b84S3ZsQLbFY_-rRNPxTSoVGYq__X7Di7UDzvtkhvAJ4i8BSLda5QaYzhQNpbFxSEAWDI_DeWsVhvyS-36DAyXIdlvFcKAe1kuuu1CZnj5-mKa8EGjFneAIziDoqdV2WJgauFno23M-AJ4z9cTUyvAUqNjuhymPAhL7M9LUe67j2j39ftDzqlYCNuhTl4aGniW7ac7tGC4Tq9zikR1haHXXvSz8yUqjwfQF1L8uGo-gZgQxxIXjAAHkpmam2QsSM3sdbNQ7ZOfBDLPU5lAMywMjvsYHXF7E4HAH7VHe7TbEDzpff42RON88eoB7Xvs23JCmrQ7dxu5ooil00whmtxdg1VS_gaFTKHrsPPH-ng4qLosLJ8jjSOQANQaUyMYnyTApZmBIIXubUnHGJKBTVbZm3YXDL-TaQ39-AghmVBJ57NgAxssL_m2HqCuHBuriWoxaqOY_ht0_ftWbkcpHpgZ0im41mDhbjDok-lnJ7IPtoIh69IKcqvJnrLMCpNMiTBcjJgJDFRTqEx9VjYm0M8mQSIudnRFl2c86ugI4C_lCWObgDKE3zLmYFeMKwEZ8Z2j0oi-OQqVNMTqNmZTsRBIg9KZALAjGceCrkhJ7fhMDlwVhy35do1jEqPto86RghAKPzxhbCsgwAVx-dayK0v7mYBgGOjRyVaZw37kPFp1LmZDCGjmK-jBrJt79-3OFEWZkn9sIA_ujH-jkMf5S_pSorCd_aYNMmvuOU76Wj6a3oYNZOTsoK5T67HAQ-LMGuma-SwEuvtSu1xdQm17Elg3feIHe8_AJXewg76Oi2_EGqrB7o1O06govTp-il9IxtNf8yGCEjGbWj9_ex6iqxKyXII8Flcx3cJedvGW4P0RaNhJjfXXt1ADvtRxrXsxo23PC0xQ6Sr9FFX8E3z6rnc9aH99_VhFLXj6JAFRpcSCMyVoZEslF19Ggn9c13biVKmX9BiKabu4HoKmLD2da7X_0lDB43miteYzg7RbAvn2T6EWC4q1wod3QIeHjzpX13XVMjEYHtDX__wboUpFEmVhjwa8xbE0ipdMD19ZLa34YkulsuE94mBI0CqqJRlzFx5c1ZbffIly66Z0Rq9163WAnENA5dKrZ5b23EGY9FmKdPAusA_hkkA_k8WWpbk_wot0ncOEbRF-38lM1V7JPfBI01xMdMF5Vj9eyNQekh3W9rRsqzu6sKHU8ilm5D01LnqXl1cC8y9zaTOQJlCG4h6jgsE6pTAAHCZ3hbEPfjntuq-Vt6000mnfzJCEAcMzWLYv154YuYRACHIuD2U9uCuxPqQx_VUPncBhh-s7s5fntjHHG87Deeqa0eGwR_Se-ZTc3wQ9jUzpGcv1A-dHY0BlHZoBFCmuGoc33-KPSrtCV4o0Kv0eNuAxpiU6u29IAS98vTZcq4CcII-xQlmMXelgOdNjXloLAJrpHFpO5JdQuAIjaGkwhWglGjhunDyPCcjekr17FBOP5zgnbEn-r4-X_Kw7WlRg83O8WPBypsFZ8mV88u7ANQ6GFRqkC6KDb5urlXJo8Nj70gWYPzUZEbGf4ObaOhwPgDUGxhfZtRhQ1lmi0TQQBlZmbyuMHwKBZuqwO1CYtc25TpLrB4lC-PztRs&cid=CAASKORoJHFtfBuo6-xWww-GF8BaNl4Wsoh13394ptNzu7madzvzbOI6ZO0&rfl=1%2Chttps%253A%252F%252Fbongdaplus.vn%252F%240

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

a9c088d0bed5d4045ee54d91d4895f923caf85ada29048d8c458c35a6f1fa5e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16993
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9868 42 B
63 B 84ms
57ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AYtCBdHequUsXOeDQSxPEy2ZNKP-BSF6RuMehXNIrF_SOnqOk1dbX9p_TOCAMCGA_7kIj7fBC-Av9hFfEaF-NyKgQyjmXWK-1lFmRmq7_y-FNiw6E

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 9868 3 KB
1 KB 80ms
33ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:34:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9868 140 KB
43 KB 19ms
19ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Aug 2022 00:46:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 9868 17 KB
8 KB 53ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:16:07 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0919 624 B
300 B 26ms
25ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY9P6pXTAB&v=APEucNXI5vf6I873N3WrWtVVxVKzT-1AdZzJEEnAUzL_ufkdNVqIteYX48QKWKA8t_8AJgTYtk8sMjRicCY3zIIlbS7a_Sll2FSkEAlpSkMfR4X-rjEgw632BWUfKgNvUXal92oXd1fhbeiE9C_8S0JkOQSLHFFoi1u2gi2MF1zqFoVdLV-48Nk

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:00 GMT
expires: Mon, 29 Aug 2022 00:46:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9A6A 27 KB
16 KB 56ms
54ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cq_6SBLwl_yeoHkW_TkneEY8BEQmQwAsttacwZ_82htBxzRGcIaQ96JUO4A8HDRym_AR6dGRBNCgnPTcXQWKGU7CwPXGfDLA1Pf120S1g2ClUxvaVpMn8FIKex9tCSoO1bbTKwG1R6JdAve0Ro8Wq1UCofrw&cry=1&dbm_d=AKAmf-BNU61HHfpi0KwQ7HBZFR9BULiKXTAd5KXznTlsuloUEh8mXlaCyaciON_HKytNj8UWzAjFb2BsUGeie-V4wqtYt2-fIQ5yFh6TzEUpemru4DEIQdPc22AQZ4fV-QLsWqzN6aIJUbEsmOD4pLjBezxILJ5wfRJRSFvpMw4YOQQj1IWr0FnT5gBsk_Nilf_8Expdm28B_Kjd8rZPew0e7nbzdq1cPqrE7wkSs5M6cNRT6_5y0h-tr1VEZwE0ikJeui1sj5K6hRtFmTdNj_pI9R21RP1ujpO9wiZyOI7_ZZ2UZnkwQQVCKXZHgq-Wmk-mNyjFnhgkdNoTx3AlfKuRoF-Fr-Ks8hvb1Fu3JJuc7V4Xx2XJixBjx87svoujr4PfMBaKlvlpnMZ_9sgVkvMtNSZteBQZTkX9h7kb5b_joH40BSVZSDwCL_tYd4ha_7RYM_CAH0pceshMrLLE93--6ZCqU8wk2OzwpEVoSvvFfFkzAbIkDcfqOUjbnddTm4FHRpYpvjJpxaL3ss9DydARyZioPzNrNsO1YqdTvESbfAJQUfKgjBfx9XAb_QDSpuK-4JoHnCDz8t-sNl1hq7a9wVvZGWX5E8NbJQZzh1CSjZgQdHxpoKex2G0Dik5VOrrBBshbu2Yaih9hc2cQbKcE5pvjTamZ6hsc3tM-LKWv5yNpGEvNhMOzkmjAZxu9V9ToYdKx3P6BGkWniBvoPzTGSAf_lBp9ZyYPfGrCrrhYn4-nBZ_hq6VZPRRnpRoV2pOrbKTkvQYwG3Fp2Fl2uy_oELf8Z1xLWBP5JJjDmbjyEImDke-JaY5hmJ-hTyd1cv5Fdo-yGAgIHQafYTkLsVHMvYdSmkOYYUo_gN0eaNhStgcV9niXhXsm0wS046PsQK5FQKJ5Vtoy00Xp-nTESM0qsvHyurN0jTmIJD5wdddMSYss_b6ouYZYTJeDB1U3GKNKbe334EFvIJ6a85Smbkv6p7SJp-G534wnJzlbB_yY4NLc-W3j90FQVh5CQ9ZMlTi4APhY-um8FXol8poyDUoqDalV4BZ7XTz4eusilZ2cJIkVaZhXYWKpjPB3HxX_WpD5Nw8fN5yaEyo49iKR70n9cx5Vsf8iErDSavyVPZkxvYIlWG2a9efvXRSYIIlW1MJ1VABSSx0LPe6dDBvF7t2bw_SeEPMXy-I9-rzuuNCTeKNMVsprebixuFU1aJI3IjGd8L73MUh83qkZ_yhHuSSIaPyXwm2_gU37HKiRs56C2WrmZjT6QeZPdGZFWym3_9lYuJ_7fgDjJiUWLu9uT_aE4Av26JgIvQc_7GT7t4oVtmjSGvBrPluIr8_isoN2zg0UVDKJgZX7_rsRlSTUorlu2Svs0wap72nNOsPEljEpx-FlMtvQD_-kI5tkQf4IS7r-V3D_V4vmbDdUvQOWwKx0j645zLvCTp-iTBLp0CRNwX2MgRiV-zY6bKQ-zE9SHgLsVkqnx-pQEUo8cQPV2xFuiL1cNGm3uMKR4HNetwvK96pHoNYtlnEh5e8Aq6_KBTQz5qatWNXaTAxZUC6CjfzYqqAKnbLZU7tbBDPFf55kEVUQCeIFIhTs7vGNdU0yWeVDTc95VsHP-0JyAaBdqm54SBWNWcHmGGSFVuV-K0Jcc92tzwyTr0o7bsxTleTEcTc63crYiugEdLwAxH8j2G3GNFNA6chc5jIWOLqHKA4z4MTFaP6N-VKCqCvTUQmGqMcNMaTz5sRFrXzKDCq3bfSRyjnQXcEziKOLbjrSs3gEL-S-Ua2VhVixCOLT4EXCaybzLwN8aAGLsbb_TFys3dqn4OtqC7U1Bm7VNHT36B0kV6cK_PeAkw7ZFc5RGQXONt4Aq2ilWJ_i54mA5q7-MXcJCvLb6lJaPfF3-aL1SRJS6kpL4yFmRy7WW6auII_FRdZeC_oZZNpm1zNh2dCXKygIFvgMdjYpkJDHOFwilyE__DU89s34vn0V-xakqfXQFNpnibVoi1kWDw4wG9qQlxyrEg91djgKyWwWEZBIwEmNKlN9NTSnh4Y-W1a8e1N0tPk9Umfy158-5HPxwezr4YOAUfo4illkIg06O_DqluNzTz5uNabtEVMzvq9FdnCbBXlDBEB_DZfg2GVD0qDk26S8p0-ma2CEbWwt_Ay7kF2uD1MxlqSM-ohA_0lrbr_HhxxHNjBqQ1HwF3ShhMwl2DRi_qTrwKdlCVwMO7qCeXdxyDRh55fIH6Vm4qLSX52ljc5cMKoIBHz6K1r6q-dkk3q5DrcirHx8y1sk827ex0K7rJhlAI4YSHyputAkB67PKATzgr8DOMscNL8B3JT-TCinlQorWJ5ZESIK_K9MOQgXxbGd2Snn5xKoUA7Aaic6GpH4tCIR0vSL1hiFx5dW2yt6YoSOKn11SglCjm28lQnYhcSRwuvt-gaIuvgy_5qHFwfKl4DJ91WvznBjC2By98CTXqVazwFEiEsTEE15dHNm5x0Er4MonF94gVFIGz2Xqw59iOMmGbhifZ9lF9zRPK2KUh3Qu11KZITO7Fi9f-p6GkSvNodqFyOWtijw_akin6tNEfurmFG3sck6o23o1f8kpROtFdNWIsluHf63G2R9WS1sf8-PgMg38L4-t2bGn6UxxeSkHIDGhI6ZPeH8XvTWTKTsm6vBX0lh_4XdJ6Y5CYGv8XbImPcE6qrKzUYYtZFMAB1TQ6ZSTniGLQeX2MyoXuXMPLm-Xv0t8oqi9Y_1GMxBhiatLvNKMaK3VJ9C7hL2xwcNcd8yetereJoYSEYc0NNHiJgSTMxTXjp0sqcRcQJrDRhzH9Q2632K9EYPv_9YiuHAIvQgNicMGI6Oy2dmnOnf7Gi9TyjK6zVCineWadbz6PI_2YVyfvEnytHBfYj6by7CDz4-mQL-ahXZ7nNbGdoFqBDECDLJdKfoy4tFwVsUO71FJfGV2QhsaVvx2MeB6XhJPDPH4ksU30FA7_qqm3n07ZpGhY3xPex_FRVZL7q7U3qYsi829AG8dXVIB-5xlByq1tUUBoDN8af9Zpjp9uRXexgasZlNSwop6X4KndB84oe0-v-0Lkf5snrHimAb0wefJwDpu8AEA9R-CiNPyZSZWajZDt02hSsj-WsarLlFR9yv5l7M_L3ZCy1JRheWqaMiXqtzb6JLEovElXoihEuarGLLbF3OQ2qjhv1Mbzdpfvi7VkuSlxy9-ecDx8OjyPPNlRMGkXF6V6luGMCg9_to_FKPxj7HUV6uarNbAjOejIHVm8tAeKoS7m_Pf9oOddGE20entY0XePTGUN42IwHM2rHIZA-u-uVOsNZuhLAVDEBlv_7DsdD_RQ3eu-y3kYDuQ1yxX60wFQK-GeOvTF4lZ42_zisoexxQa1KG-qZhZxp3cPR3xHZuJy-GRC7f5b2jOzVLBgvYz24Mg3g_Y0sddkz8UWaaGcZfOzHPaayCKm9pKZE&cid=CAASKORoPfgJu7pv9GueH7MhuEvoKPGkqSyaVq2098pEOb2xS7cbSxG_2xM&rfl=1%2Chttps%253A%252F%252Fbongdaplus.vn%252F%240

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

0a9b34c99a9885c683a896ae11fd25a87202d2cd690ff18725c62815dae0a20c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16592
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A6A 42 B
63 B 78ms
55ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DBf51kR8Z759amCjjgDHEhIfjumZ5Y1B6jQmP2m62RfGylE0Rr57akDVtA0bijxvSwnDPHRDhtpgMEXrcadENLg-aTsmBrfMQ5kygOdgtUUZOzwLk

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 9A6A 3 KB
1 KB 75ms
32ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:34:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A6A 140 KB
43 KB 28ms
26ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Aug 2022 00:46:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 9A6A 17 KB
7 KB 51ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:16:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9A6A 0
0 42ms
17ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTq9K_QzYPBYlUc77Lld9MR1eFwyQoO4M_ax-HwR4hKVcR5C_zWU5_Pqk8wbZfWAiS3Of7yJqCUWQ_5WVKBBeuWLHf2fg
Requested by: Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4934 624 B
300 B 28ms
23ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY9P6pXTAB&v=APEucNUOcMZ5aD1M_qfELpKDIoZnB9daIsZvynv6WLsfzGsb1BhokrX5_rXHy2GklSEp-N8qO-PNARH8OGGp9NmSsK2E_R6Cr6FvDkkmPxU3q7PlIRNVLDwYrOBBz53dlWws2IZWE65ZRZPpLc9j4A2QhDKonzri9DMXAQCiUZZ14Zr_lNmbCuk

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:00 GMT
expires: Mon, 29 Aug 2022 00:46:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 312F 27 KB
16 KB 60ms
53ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AmGz04WpY71J_pIEo3-trMm_E1Vaujpcrm8uLVMcjt7wDdf0LLwQDO2lyFZTAU2JhgpyAGY0eb_ol-LRa7zyeOMisB8kdPVwDsLQWUI1MA7kYLaCn9HwxVRBcIAvZKLQC13ClBqxVIJ-3cfWppqwEGYYZavg&cry=1&dbm_d=AKAmf-BG04tGjuKSeNmEIweKPtSQ7TA_486_0IvLrJ6ex_6Kj70xlNi2QLAvOfup-L7u07Rf1r_a4bzTvBURB-fPlxlx14GvylV5K7ECivxCkM8CjxW6LJuOqUmCTDz5_M_KRb7avPIUxcAbozV7GIPn6MUv0XlauJE8nIN56IWhD_2rn-7XS6Z8llJi-s4A5YSvywuzXcN8UjfYXL_ldpD8CYwUTcAgiRBL2ZxI0BslcqloAFujwt8bSp8tMPge0H9-d-qjXZ1ovQX7_lPwHU9Z2gozoldSOuHV0arCWdiydGKUZcsdu0wsJbTusk5tmW5zCjlj4j1xuC8zA1-KXcg0Z7IQrIantryQmLvPdX0G-tNkmtNo9sqevshKV-wBCRO1qakkjqttLiv6E1vma3kFRgksPPCnTVyKrpH-W6qlNbr2c7FUZSoxVAXNv14Jer8F9Rj5cQlopU9eA4u6vAanz9hRRjxyiWdPPasDuowiOhkQvWRMh4OJwxGk8TwJhcldQAcqbxVDVC3PGEqMDyVa6aU_nX5gJQN5AJXNj9TnwyiyKFzw2RxWnBvy1jxyNyoy53yjzDKg6ttijswZg22RhWkRs47RI9Z02WU6-c1WxPF7FU8aZ3ZB-Q8dyFR_qoiu5VQ1_zNTuyHpqXS4b-JC-ml3nY2CeYvdncbtTPWQisJbGSH4NrVt2S-tkBsiC9k4-3M_8S_fs20bI3stzm50dvHQeDebJcbeZQG3HPbwbbwsg8tW0AMGMZUPPUMt2ReDy8lazhopNlOHP-ezIu2VGUf1_nBnVOTInQSIj2UJONueWpLriGqh3cPFYZsrlYY-RzROT7CaiKEFt0MoyBHa0NnWC4PJOrNfAPWpvtyCEblxT_2dfG7W8X0PdCvvEbIP7f8FbRV4MZBKM7Ybw4x8_Vnttzz135BWMuViAN-CT-vQfX0I2yiGXioICqd4z3PlYSaVjoaJ_i9bmqjSWj8VQ6soVoMwWQzOZkW4Bjy-QasKnjqPQTM-5qmxm4fq0uaK9Wp0Iak62WvEmUVT0trZIOuDDj5BSuvAleBb7_hC9Up59IgR3CwbfPVPlAprxt1PSJwTBgBf6cYfmsSHXLcdSWAS4Sk3lLp8TdPKjJacb0tXIPD2p1GMNi2-FJrjK0lp_VCgR0THHHtkobB8jtnccJTM-rW9ZSSY9WyYNGIWKYlRzM3t0N3PkQpESE9aSEOSvPQ4U46yqaj5fOHuWg7cmuScTI8jfVD9FGuhKytIctA8dpgOzA2O7htprdB5qDTY7AY5D5Mt-AqZywRq9dv_bUmFcpuVIE6fT_fpktHCp0DSUJD9fP_5YRpq6hLbOzQ5phKS124UvHjITW0LeYU5D-UKRuNqngPzjT0JN29z5rSzPnhZ9BHnUG6cloLJFeV-jykJfgE2aU1uhE2aIg_8N0PaMtsL6NoLGfwyfkXevTG0GHsDjKuQ_isQNH8BYe0fzNR-C-qUZXrkCH8EmOuih7erqOE7wceFvjv_5TZuU-IxHiT3lsELVsioxcSTbVqiiS-5eb6N1IZpBnkb_zTLXeJAII74ZTwxzxqbcYEYxBK-AZRGqPoetxuVL7tEGG0y7-zpuE8I-k4W6yEyJBnA7dFUMjMtMEFDhquZpfqY9KLaC2CyqSErKbdXh-LsUvR_kIfaQi0SPPcwV-g6AKGpUOLHLEGdvEtfCOkDy0DgjfmzOjn0QMs1wWjdSh7BqTFnxgC2GR8S00NZnxBzXvapy3e6R6uxwKhsRYQ5C0BnZA2r3ti0X9acMMk1ocS2L-XNgvAjwKFpiPpb8d3qm_PpkY7pTqjpf9sUBCunPySHQ3SIxhIq-mJn24Mv85rHN3Mb0DDp06plY9e0Xoy4PrcwWdZhWZSvXDPxATE6pPTkS0iC25bL7LAyRreg-9_9rtwCzlNVAUAfbbFdTEwH-oGDPwcw9A3sWK5ZfjzKPiurvmZErR1vLizlRAiiFNQ0SkLxph2u3Ha2L2OOk3IJtZfE85zo5129j8v6DLKj4ywsNisZ39YgDrWg9LMarbf4WnVmrnXASrce-my3MEcNZjMpN3nrebInU6FLfBhAsz4eGxG6hXhSaWN-DVqJnYBxBbsVZXyimZdtdBtaQxyN92LPAjcvHQ6j7R2ax2djRae3Af3De5E28jKUO1uK2P2aYBkawD7TnTnw9GEumJDBcBjBSbho_pxhmxDb4uLqikAVQzlUuq75xK-IG4_0Gl9jfsJgR6KMofjHuFUp7rVzi1MIOH8ena4dcG2n7Ty_gCiN6ooLcGXG0AlekVbHhiTtgIMJBh2RztDW2rcAVYYVr8fVcpDUbJrFzwgoUMAsv-ZsjkwTQIFV4tITVzD3JVIIaKlbMhVlm_-W5Zuo4Rywy0bhk1-m_JPCboG7JS-UZKzLr1yFwU2pyRgVYVTPNMmI-ze0NSFkt_eEzKDbaNmGbt1evHdLUdPo7hLlJ6CsSu1x2s7rqn1WxvHIK7MALdADP8SsAw8nkaTsdxf0w4cO8-7Kn9f0msNF9utcsqbQmw1EyTWxrixusZx68G03nqYuLvHlcNLOj8b0Mo1QcSu8YUqsbYvb9KcWsibAk--MQAovUV0VNaeSbwPrsLaOAjXj6B9U2QDL1jmWgOvRDhyKpOSLlTRtN1KFKdR0m3wPDZMHWjXo3zE_l5qG9l9SHNk6vE321MYsCqVUmuRzTs_p4ARbNu-8xMG1wxDUy75CSWe_WvUV17_9yGiNYOVgDsaBIugLWz7-I6RJdw80Ug7JNUK5jZjXoNGxNAXvcf-09D3v2pt4eWdDwuQaL_SLqGuIjmc-wI4EmMITqBIVjWVDWr67TMIZG2AYDtGUxXAZIjpnxh6cZ9G4XZ_HSg6FrOBWj0zIYWIxRAU47KIsVk4Kig1nofuOvbs-0WKfNiogcrNrERmZkCyDyj9OybOXvCCkdDw5or-xoVxBpkGnxZBbZ9uD5MvZrpiB2K652C4uE5RRjWKIHDo_JG8yZaHZuqOOhTa09T8TIr1plJGz_-j9_Dr1ICrbYczk3K1LJO6VaRwwSU54AbHJhaAq1S5fF-m9i4yIAG2U9bs1UP36gwMCC9fvL7gJ0i9qQFu6K1E3JsBSMe5_j1xRmLHymPNDtphlyMPVBHwFdShFQkU2mqiAQ-nG_cHH80HYpRKxwoFzVJRHMNtWb026GDl_AB2JvY495NYTqF33dfxgXSmoeZK1i2ICGqABXXELecQ1UADrVH8q_5xiPqWKy-CNF56PJpYA6rfrki9yfNZ3nz2IA0WRBqMZp7rNaPoToY5U5e4ZgYClbo8ll4VXDjsac5w3UaMIZ_ufMrkvmhDRB80fVvYEezfgQxApczWRrUNEbxS-BhBhTSLpFeYyoNFxSdLsXJnl8Qaj_wwia5D3aboonlPSBpxD0kLoJB0Eiaki_k2cx5wLVy-szapfAxw&cid=CAASKORoRLwXll7zDPGXA4HnhbTsyaqgZrcrB4sqOHchWh-kLIxKncuCZW0&rfl=1%2Chttps%253A%252F%252Fbongdaplus.vn%252F%240

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

8162705b5bc98010ce7627c806178d6dc12be19d52d42870a342bc501e38d91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16749
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 312F 42 B
63 B 77ms
55ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bd5eNm2hQOEeKCXKneqFNO_oNMmcu7CieRZ6D2s17pQ3uMNTgBlqEQf0Ipo7tVHNiRdIAIMu1QuhGqX6Iu9jxNGtpk_zbEP51jYuy3oiDsl-Dbhu8

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 312F 3 KB
1 KB 58ms
17ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:34:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 312F 140 KB
43 KB 35ms
29ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Aug 2022 00:46:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 312F 17 KB
7 KB 49ms
9ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:16:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 312F 0
0 38ms
16ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaToNuqNfXjuDPqHx-LphPhTK6u-3iUwMmxuE1pDly9BS6Mo710-ZJlIexZ7HmZqYzu8KBEztoaVwh-m9I_ynJtFH5QdzA
Requested by: Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6F1C 624 B
300 B 31ms
27ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY9P6pXTAB&v=APEucNX4dOi9DkhKK1tLxeiQRbbrdKMJ4xzYYrbsNW2TB-pOB_L3gjID_xbdMRVWxKZEtDmAil_9EWFyNtkDQf1DbyXUFKpMCkhgSwWdTs0aAeFru9R1AayyAxj251zCoExS2GRk92hjfZNC0_VOUWtkaEv7fqej5_J5EQhu0wpLEHS6TTIat2c

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:00 GMT
expires: Mon, 29 Aug 2022 00:46:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame EB3E 27 KB
17 KB 74ms
69ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARGHqF2EKAGhRBmCYtloAMaQfPg-5GD_UtP2ilM1maX2TqsQPzR8Ojlxv2KoOM2t5xJ91EBgrVZEWSWEd3_flzpb24awgMqOJCMf0qIznr94N9v8MSNjcFsesnp-jF55am-22SrFbBaBzG06p3Rg3LbAEOKw&cry=1&dbm_d=AKAmf-Dhs9s2R43KftPy7G1l2ww25sJfwt6D3QJ4B0e89fvYUwI32nAwcFVagoOqI7N1rMc3qH5Olv3r1ti2dsmx8WQO9ybQcIvEcHEV9a5KpbLnsWJRVakcLzCocP4UgQiB4ZL--oKkt6XXUWdA-nuM8BJtMGuLYao1EXJ7oGSDUwcfXSqoKyQZ39-EWj7gXKYSBi4-XvxjtoqK1jlcMW9Whmwrj0majD01_zhkWDaUFNjzv5iLw6GypGrU-tu3Zx8nsU3_Jjy_RwrZJ9RyeEnqHUSICHppu2TpmJsNCgp0_yRkKzi1mA_xaIl2_L60jb1pmP_TOqNX4noxqMZtlicK9ERdAhDdfSQynlrRgDs5lrccAsQL-ZCpeT26KWvzGZKPKElcxJiZWAwQ257CeFjwXbrj2Gni3PrdK7J7CSDJZ3nx9w4XBHafUeg3z9fyp7s9hzFgWuKohJSYD-m-2dZpLVRFCUxmStDV2aD5QAzWv-xjcv_7ZLqGyIuWWGsU0lXajTpH5IYbr8m25pGB-VgEPznwydjVbgWUgFEva_JFkukRBBtafCUCQN5plWQU-L2Hp2D27eKuRaxfNXRmGINAh1AS4VlX8CDkmkWcYhmAS2GTkR_Dq_cEuijuOAazzWcRAu5j87eb_9oawHVu94Xevbn4kng8IfNVZ5E5oT1BaFpL9l8WG5hw_1GjN8xBLE1fK0tu2_eSbvb3yOBsGcukl4L3RZ1C4ffi1nIKklfargxPxSGEH6m602WjofOguG-rpFXjy1tubIAvHNo2L-Kqc_cE6ro-USZMJgf8s05X_namiY4rMZNNJ-XokUqkYYX557q31bePMEsa35HmGH-2EVBo5jlm22YStk5IpXorx6KcDYCtCX4BAT_egG5sAQNPf2cU8j4pKTh4E6orzbdPywDpc0CTPtaTZTE7ndTe-hQ5xniKVlG-Z3lbyoY-Zf9Fqw1XhhxesUuh_QQKxMwMLHVEvr5cp07oyrNt2Ixd26cs7p1_X9m4i3ax8LPR7iH0xZW7bh28o8_xX5Xo8jPcH96TxHxdAbhxnkS0PpE0S8DwrWKThL6Rb_yhtEOYVhi4OCoNl3pbqzFyJVqmdIn9nb8zEm6WEqrcTmCwnuynkBNPfpLHC4IzI2NlqWPdljVB3F9b7VzVVBwG4CEcFQ68yQE2NSI9vSXgLaK-0ZVMuA1Ftg9hVTVr1cXt_qm4wzlg66P-n4fPNwtOrZy2Z6egM3buv6VnSsSyZN8sQjsj7kgqKveG3UIJ7XIw-q8RpCrgULN9lEBpdcRZGdmySqhipnMF7TSM2YIe3J-_2wtE-bXS-jLvJ38qnJPbmgO-uW-f7wHKsonLV_g_L5WM3ZFwYlWitSNPguRUKlubFWrinuBajvpBuBtg7A-dxG_xtvRYQc6OvuBsIK7jjRI7p_rSLLVEun318I0za-vq5AJ81m2UgJgwuKMYUjLaAOnbbgiDWBkypoPRlolZF_fcN26rETB5GuJS9DCAYzVwIbScAv7N-DgA4uKRnKD3dPQmFwHHsXmYf-JWzOR6_zmxwJysr2opbkROmgZowxz-pEC2t-W0bXmMeaDdx3D7kE0h8BTVtiieMXNhq25Tyr7gSll2FkRdXogAAvbv_L0kLiTCWKOqxNZO9DMpFLukNDLOAbLe-vQTtLlLBqUaS3Kt_XeizlnsbC3xvmmS8i2hwbuVgNrXXSen0F5kr7agToTROdO2FOEb80H8t9crQFnBj-Wt-g9A0m1tC1HDSdB61QXVOMAshN4AJOWMq0LyYfXixLsF0R1Pdk5e4nEgMwqIPP4RlN5NV7bEY7z1vDVUbisDxkGU3hP_6p4KDhpIOtMk1K_MflC7vTWldWj_gwBpsW3VYx6ChESBxSAQpoyvafmwXzkVBJ7Kh0AI0Q3VMsEyiiI9eXrJh6NH2rwEAEnuZnESYpppLcDvl05E22Z4oPuyvVjr2iNkM-sVvNT-_QYZ-ZX1PuPV5y7fqAlLYoISZ1n7mexSCg0JScH5HbSK2jh4STVgrsMLCYwTpTI8IBXDaT2drIRMWtTR5hiXO8TWZZZxho4-dI21oYbig5SwR1ouR-MNwVVCM_LwNIs3uJ2ghuLO7XivMXPWlEs94ZRdwHkSFDIzgDKEUtwdwhku91mYiamr2NNUCxXR0lJN_a4LdmOYs67niD_PQhRd53i3OJJcm7PN8pDUiSOTYtgqmOO0Yf9kOxlwaZB8ATbXH3FP3Rg8pF95mLj0Y4K_0zdxMRyYiJ1Dt5ZhdKe4PxGx44yXIfA_po_LTeFAAK8JN-KdQ_FDQNP6LyB9Zfh7cKlnLpkNR8g8TPp-9VkiKqQrvGnBo9_Mh9YWwMQKIcuInyLuHrtT_DCWcogZUIL7Axu3DeGAkzOe5aaV5hWLJWCfDo1DRgHsebk48Zhhtk9DRW4Ea_DlDJndEaFh0CXHhbpLeb8ImRv_zgKkgxVwgKvynRtnVaTll9_1HDBR1itRdsx5RXDFhdLWH3RqMYIekhkIf7eUOTHu-FOPprjz4E3omoAIliZUnLfdW9quU_NuUn_Au1T9si9kWp5v7a1rkMVLURIxQ3A7iNfnx5Tg2wR2keFNq8wQAEWILrmd9RaJlKxagyV3DY_yypAjrD9ZHHXnhBLBNd3P2m1-4EY7sW2U04wDKoL6VhljHbCz46OOf0BUk5I89JQt_0t5xv5OUhGs5GuMfRIqCrkdKQZFCgrEIOi3mfqn0eVchgcrU0QJdzh2kbq9gFvJZZLqzuXSLOaKfRBZtuloCq2kXBUnzBeo7Se2oUM4YmHs_-r3wzi1MoKgtNfsjfbdCYvdn2tBqowtBTRe09B1PB3Ne4kFeYhJ-x0MX_iRNZoFitpFE5KRy2dDpcuDXjgy1m-TBReSc7115vQ9Wv2Zxd7UOIPvxXYzwrlG1NsbiFDZ_k3aXCagscBcIcbgRSp5KOc1xlEQUeGPOhErqFfNsVczz9lK0tUW27_JdxRKFpeirDQ4_kqBEHcCePYWrooBp5eR3mCcvRAYJotaSd2GPrb4dNjZN9vl9OSBItJXKhBZm55_CN2FOnGcGPDkewewub_-FwKpM0LT6LIVl8AXbyXstJIHyMjSbxo9EQ2sPBXsJ9gqtOeC1sm0qxeVoAPGCEKQEJFbtqTCdm6RttrK8b2sdggDk2turMQItpXdiedBJelQzuJn4YPzSEx1t_gdLY_eWweZxTsV6oqOFowXfUPcxPpYWSNcIX37u8LK1FfAFAHXXx2qXtLnktY5f1e3rsJtaaHqpYIM09j3SMzK7ZEIogfcTpu3reC_cwNMKguR_uP2vstAbg9Dukq9DC1oVWeRya3g4LB303tLzBk61PDoId0xHFvfveu67uzaZxYlhLZFoMRWCXm92PkbBCkSTtPKimBnTXvcNU0PtW0skJKZvh6vbH71DfULRBchxRJ3WyI&cid=CAASKORoEZW3D38_eWV20ioVVCOtoB7AM0dea2_H01GIAx3bfIwOEs9sTBA&rfl=1%2Chttps%253A%252F%252Fbongdaplus.vn%252F%240

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

a75bc6748f11f9c8d00e15ac501b01bb0bdc6b95c1a82b385b4ac8c78fdf39cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16907
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EB3E 42 B
63 B 74ms
55ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AuTvCsP_kAjreguzzfotqkspw8XQiswe_6yh4zi36SXDG4_9Wifj9d7D7emev2YCL6zk-Zy6mEpkU-ZSEjMuknSqgEsNzVr3QPYj4eKMFwm60ok90

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame EB3E 3 KB
1 KB 70ms
33ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:34:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB3E 140 KB
43 KB 38ms
34ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Aug 2022 00:46:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame EB3E 17 KB
7 KB 52ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:16:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EB3E 0
0 35ms
16ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSkUngrFo8Ck0Nj0GMocqySXv1BJUEcVR-3bZSuzoUoP9ftG562hZM4EXRlyWlU6jfsmGd9EGSIHXABxGlXIJm5ugmKZg
Requested by: Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E521 624 B
300 B 30ms
27ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY9P6pXTAB&v=APEucNUx-2SOWXScd0j3lLSLrYUFwtrzRjWsKnQWLFKhsnbA8irSBe8M3JlPFMbe3Ai8p4wGYaLFPNnQk9eI6qW79iEppQdbbASfaBmfUOz9Ism2yBqLHSv0hHbUdoVytraJIxrvROmLXp5GQASy1VxNEctdi8wXp4j4aOxw3cBiD6-Y9za81SM

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:00 GMT
expires: Mon, 29 Aug 2022 00:46:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7C7C 27 KB
16 KB 56ms
53ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4VJRNVPmdl-c8XGr7u3FlRkTpVHBT3SMXDUdjsPQsHTyWtQWapjtugVOvVomMEz5aIzSAhPyvjzJYJMuMJhnTDEJyBE3Gx764nRgTvkmYD3ERoMj76vExiaJvvmQglYUrQv9gckcHR1Avn6y0Nnq9YGOOEw&cry=1&dbm_d=AKAmf-C85n8KO8FCZTIFbRwppw8qBYXPMb2KjJJ9IEHycpwyPgFSke2j0qMk14mNbG4L44Xpewf0ciwgTYpuxTdHXx220OO-CGls3PChJWe1hBtOBBYzloM6pZkUNYmiAE7iD5yqBjNpwST2JPsJuW6R5_Zqm_dEQXsT5OZhysi5uJrnbImBJKUQbphkYrcVHKBG-5MCH0ruYiUa1449ygcNJPEwCSGUJvQaMREj678yndetUdIbUfhLfE2s8Bn_gSgjnlF_JhOamhTzXaUMxs48CBLc7cxrwrhBuNjDogrUgJGqsia6BHZxFoVxhVx5sMN8lR71vCF7929_8ImkuAcqO0SDdxR4qIuRmiaLlw_BD81YwnO5UbQdiHZP5HCl97Mi_HvuX4pVOkYJdVXGSQ0YeyWTKeq6aj9HMV_VFznF-_lFYsNbrLHDJ_kPUJohWVC_9ctlumD27x4gGE8ossWs8K95dl1eZtT03S0fj5fYyjfDnz8Gfaof7kAvtHPPJTGxppjvqsRIaZuDlDeCnqbrRddTpOS0C1KYut8SlmizNd1DOgCbT3lR7n9ROssIuoMFfBMP_Mq54htUgdTlEqbUJG_l7mq1HvFQ9HcTiv1GCx_PLtWaQUKPwc8Wzc-pUVqZAdiZFcHzB-HthZUsYjBAzK5WSRkkRnbkPnGqoaGbKfqaJ2TFX-vyzSwnvpcYyZLFyMhynInQs2m1SANR0kqbc_QcH6-cukyjkEffdAaduwDHv-kN68JY2K7lQ-BkBWxEdbGE2Ks6e-RrcOexBsU0V59o-vvawVU7qZe5hAWzV1jayp-ysfgkoP-Lymids6VAP8jZpOIbq-Qbe51Abp0cQHsx7X4aTLpIHv3DEv1uirrYVHhPvC_Lb0VNWRz5Rs-JKmrmvnBNP-HBRyRYPrWHeR6OVKE3GGlj42UvE4HEQWD8GNKvndHEEn3539J5R9Txw0Eeg8VOd-XiixpFVch7Oe_rnhxxluPKVXFzw5UbSlOHXCSjHnnCJuSg6WqMC0DxQ2B9lxrD84ZMWJjz1TZSW8AQ9dA236reqQSD4TxcprK-SevGzGVRbeFqvifUffXJQ2JNUPTBffrYoEIjUgmTzQp76c_cMwUyTJTBe58Hqh33wEdLKqDrbX8KPPT8OQ0QzVT55HELRABkcA-J_6SfEx73UzSth8S8RbFZKUDpsX4bj2iovPg9WNFxf1flWKjQQpgf7JRbPnvFu8mjk6pk3l8fuFMvQTWKpx9EVP4gLXvcZUuBQn5TBNTos-JBsZ2v60JLzKG_j2JYrhElge12WJeyYlm8WtrH6tYMPWkrr4GLwO1EEHSkp7nQnNtDtC96axG2MgTOWbU_v1xgCcV4GhF872P9RUJrSe5ltQ_K1CdqycvdTBeDskVe4F_0UoPzYyatHI_EuYOkyGZd74BlYZggudLvQYMB8cmaLgtT7v6D-cIhVMk_U6WSle575IrulEbwSxyRhr83KzgdoTsZqLaA6_jRF5lXxWk2DEdGRvRYPgI3zPfG4A4BF-yMwP9YFZpZswTM_CCmmhy5dZ6IrU3Ze9yrAYlB3vxg3SoUMI3oS5zxaB1vAY9c0LimRm1a4IZ-GJECIc9MsOFzRaFzqPNpngQBxwHnGAbseBGiSM4asBV63laDV9LZijHazdZsCzwjlwxQbsXD6PJc3ZBzW_RdA1_FH2GJ00ZOiwAMGzRp6L6oTizNuiMdm1XnC_3EcnlGEp8NondxwIZ2xripyzxbJHUcHJVze5kgIbhUP_A4m7vLCOgY21j2ks6QRpMCoLChYyKx4o9IsoKBG-E5T8TwLGADECWdc6PpQyvShk8lwgxg0iVjfOHNYufK0lkgGirIWpeCyD264576pY27iuWsAQqwN4H7z32m-QLS2_Od-ZmLds0zmYl9eRgVCnhxLBPBtY8jeng2dIveuiHV72Txrkrkd93qkDXVbY3Q10gDwJXknLrn9hMuq3u_fGmb7TQlYFEXm4KowOBcvWC9zzfHm8YGWqEz3lUbGhWnhnqv8wIbHI7WaVWP8uSSKSPZbvj7pTrAHPK3a5Ueu57j3QQc9oWSd_4RvEJUYV1dEpH-NHtDdjHjOnaNGK6xTQMzQxjcialmbtQn4uZKsUl8zpNd7DF0Zac7br0C5oeT8CDjRr4diEalKp4jXp7T-Ftac8dFm_DG4-DN9iIc-tTVV-rWzI5p3GvcFFS7_y4idwlh7V1LXorg9VYDlPlEZlCwEyllj7X4yh38MJy3QGRrxa5ZJyDOTnSHubZjZaXJnqH2RbaVXRucztR6C2JpHC_A2PynY206bMCqK58GneINSyUduRS-joZOXhQQ6vXC4gu_B7aRXJ3KTLopk-nv1Ntwzox1db_OsfwcFSibAYMzCEEJpbWq07m93a3o1d1oz9Rmhi22C5l41_4lqJ0DyTvtH75ZJ5F6_DlXdb-8iPhvpnu1A9xOe5THb1LCpFaCUqkqNj5mvAOc_AfLhdFTsxlJ55CKjYOBr6X1seAPDVoPpzkZxI5Zf-Ej0mzHN9-rraS3WQOwfo4LMPxlWkb4gAL4GNY74S7AU0PpwERGHs5PGvbaPgqIAsmCUK0av5hQPqTuxQdRisuQ8iNKpNj7-_CHOYmxy8O28CyWTkjSpf8VdZqOqV0BB9mQwlCIzLasdiowcN-pH6Styl31W8H3nGONRFdJ0nap01GIpSC3y5zGeZQMTCPPeXj7bnd0JXkl14GIk1Pgz5PqT2UrwmAw8v51ow_mbze8W4N5rIpsRfB7ieGHndb7PunlvW3N-ngHE7-09ryMRaPl_K4eyaqWFT0ORr6SpfSIZtPMKT6F_vlXHoMx5kMT98_yI7L9IhVWjDFExbaVtF8usoT7SCqy0utwAM0qjSCG0dn_ll6Exk116yCXdgRRbz-On9SXYpnmhzAT09ZRSg3n1TfoD76n5MjCT5NV068jCXjgY8QnNfVbnK5Hy3RCXxh5gq0-acc9WFNjBzesROTyAdFSUcGU-bU_to7cN5lGbBRsjQ_gvlhe2sm1-BiEV6whzEnpdYw0KoC2ubBkmCEPsRvcSt5Ks8_nCMWQ-XhCe8eP79ToSKC0zzQfnd5dbcHBXVI-M_D5a-Ai7LDCrcuseBAaS66gqA_tEYK-VQ7raNsMMbGS6DJCgWlzqgC9ENRVZwmsQmjsZWLXY7xCVn9gOZc5OAGCvA7lSjBwWNvYm2MVy8AbuF8JexzGkm_n-o0LvZvpnBcqjqk7UbqWcYAJuGiXoonMJNXJkD_39hxjJm4ErgBH1iSNITMai9StcmQ5EmkmRx3_TbQDJpGenx51Afo6AeEm4GGTRA8s28CxX8u8un5q9t_Z_3XgRalPWGNuEO4GISctYLJldgKuCO9TITteUGtiqbefgtrQBKFqATWqjxFseNVCCPtZmsXLFUKw4mIYyYqD5hMigwqX0jU&cid=CAASKORoEDcKPyI5Sl8AqxUCzDgPJnMzL1oZBAnYuv4R-plGrTTr34zFmDk&rfl=1%2Chttps%253A%252F%252Fbongdaplus.vn%252F%240

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

11a7c0580408c1be76a1af2fe4f05aaaf4635847386885f1340e57e2b56da3fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16658
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C7C 42 B
63 B 72ms
56ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C912WpIYRdef2GgrgTDI_Dd_ZJ1BVs2hX3GVg7cPqLe_gmGBlZ8_-vI5A3bPk3Yz4P89DvCvuvF8cJcnBjcesHmdma18BJsJH1htQNbDbsUE7hXNU

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 7C7C 3 KB
1 KB 69ms
34ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:34:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C7C 140 KB
43 KB 35ms
33ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Aug 2022 00:46:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 7C7C 17 KB
7 KB 50ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:16:07 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FD00 640 B
316 B 34ms
22ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYoef4xgEwAQ&v=APEucNWpIi-0e-81QGfsWRUI2VTTh5xx7Yo9MtiGHAFAHaZjmz2kA7OcFfrbMKv8Cu807psKucqMeQJsbvw18nqLi8ODIAISKmtDaHUaxjfm0R-olnqdfoFRcyrJdF4C-HQ_EyVBvTytlG7c_vBALo9HcEWc0HMlBmhyNcdVyIJpOCY-c-UIfdI

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D652 84 KB
34 KB 74ms
62ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AIhZJXLapZSLCl74iyBOoBzmMbLqHGZOLqd6-hfcxyiUg51nCuzsToEoIpj4dQRrDs6j78In4IuiuHEI7iVy9XdKpAIP6DPT2X2JxBSqF2LotP7ol9541tOIVhPjrr-vLsYDbskeCRpnEsP1AEMsE7_XzUeQ&dbm_d=AKAmf-CaQnMavMd-D-WrmcDEKeU37XZXOa59AZIxwOEtca6F4Op3KD3GejJVUwiN9b9H4-4uIOAbNHn1QhcUcVVGR70oO57ce-pDkSUctQcWtOqlO-h0WJ_NCgyBIu-WKIVCBjHg2S0iejtpBwVGMtR2hU4mHR6k0BUoy3Cjtr3oKJGgDDmNB2HiOd7S9axaCJKZJQQrVfM5pnNnSrZuIFvPIuV2PF420bbf5nFqw0HYMXpb86txJ8UbcuLlPLdew5kOE-j15zkQ3ppQalLGjDeXzSV8O79T5hr-nQyR1SBbwDslOHWaykFfxGCOVHN3Ft2MqUg-XtuRhH1vkGDUkDXukqgCTOh_9mRtxytvAgpxEnRcZRzrq7LFNkgAtasH6TZiXd_7gVJDXEnyButfImMW3twiOqAxSZlY_I9kJzC47JB7tQSz5KqLJiRrdU0vZxD-faBz7VoYI1OU6puRCT3BGD9o5x0mA3bGcRe7qjaDsvKKCIis6jKoX8MsML3hF8WPxeIvfsHrR585R35E62qdjPGRPexF_J6e-GzGnwnA42d2C7ESwA6D0ignqLGcUgba_HRekFQvLNhlMtvuKMtXH0z8mm4b5glYCmeNQRn_OeUtHGIVsOnn9eAbGmsgCd3CCRA2pATvWzgzQPWbl43lNueExxNx48c2ZqgCBFb8AeqFjuOPwB669NYXBP1cTBBTKn3JdDQj68TIOzk8Ck7cktFQbuYsFmAbXGG8jL1xEo3ea44ZiC9SNOTtcYbeY5uzbDMMQpvnqyp8IHLJm4n1EreXUSOHB53sRn3Tgtb9GC69_eLGODucKrTNczuU943EQyvSngD6mKA1JiL0w4fDKRrhk91c1_bjjdpBrMQL5Sp6oge4DWxYAVmsBV2K8jSbQ5sQNeScXE1MfPpSN_5SUOlNlY2kVEUKYnDTOtlxlmq9o7pfnUBrwY1CvFlvH-doK48T5jmC4AlNvqNXw8GThWC-5ko1NfsJTq_EqgpMtsEHeQB8lUecydg-5WEv1eSlrWOSCslZHZnFgtMaTGqi71YlECQYZbxcohIaJdHtVS0pXPsLXMCZyHgZIulxReJ6ncqw15hrX5PZtpprw0DEZQX23mSU3QjmUT3ASLDnSS4TfeuVSgp0hWksrickyZOZ0kr4KxL8mUOfK023QwwOkUoeMafxPo1MSPY4YGQImEsLot0_Uy3sVIL4L9fsb_O6jz9xOAw_PtbB1UoqPXb1I-4cisnf3w5HWwQG3A2gjOg5N-k8dw7_I-Cr2K1ivk0adpFn2eN6yDc1kxHQI82td9rWFDCBfyxkTd8-z6-rcYil4e2306QjOBaVPnTqjJCfjUXLrpI_N9Gt0SppaGfkPh4BkM7UKA4LlNjV00JEOmwq_DY6wOe7c6uHDMXQssuHvnQFgUMsEwo8MmY5bGVYu4UMPwt1wRgCizJLGCvmrJnGJlGsy_YzOtysrBJq25doT0ZjFkHtlQ6TYLeLM04NaF9YjX4BigPZobt-s_3XJBdyviwU2qnfkqu1QFEqm3hqmWbuQVDkfRMlyJ3qnb9Jsbh89G_I4bus2xkgBTCnQ8fD4wTLwFgGSFfr17wh4X5znsyjeY3zPDnkvPbQhuBhfbYf-aGTikDH5kWGQB0lhycBBVP0M53hZqVCv6t8d7_vchbya-x1wAcaE3_rM5nonjecJwAm0UPcqqxPhJplM9pF6Imi_tCTpQmByJ-S-Kpvo74PH2pNTG4064HhLdTltvjLh52RLPQWWrg-KfNVXoZb68vDLifYOCjh1gpCb4SyfBFMbkdSh5NSXdTjOckffqK5AeWBhnXNwyI5kVU1ki37_krukuY8vyVsiViNpoaDjfbyW7kBu-0RCEx9M6g_Q5JTdb7Q0kAbmdu7lhG5DqETRrlgBHV74_GEGjAcS4JgchxKPyX1DoCllqoPS3gP6w2rTGEoBW9gvDdOhi1DNSMzoNu91hJGXNMUTD3400uHtT09VEvuKPYxDfGkbQ4ZmuT3h4fayDlf06GXK-6rjoW-Ay6HTrKO8Mm9lY253h3VdBEufjOVd_7oPf3smILrt8_WTDccMqf_zoLEylJ5qTIWz5uza9m8D31phy4EODqahddeaXKvwrpW1vDrQV9yoBnwCjKSoUWl-XPVnuaIfAlNUJgpkx4jxuvNYJ5MKgbOJMv4BFSLGoLIgnPhcx78nlPL7EdIvUWLfgIaZI4_BXtwqdikmbszkAnAwxjfOUKVr_4CQncmwKZvb5R-uLZj7PvVGWi0Akct3UW0ElSoE1Iz_k3F33ccMfLnjlep9ZvGIqoOs2Wzkx6b78p6E9tHEdF6i_98xRU-gp4UqjZi__i5_p2YGZhouZOhHReD4DrGMc9Ce8JFgQHlAn4Jp1pycorEW8ErU1heZ_gOhekEnYv39uuWv8DT2Vnw5fSxPPPJVJSYHTatZup8riZ_IeM5B8y59JeogHsqYCGBuMoICBTyLb5zKVbycrumn0DLoi8Z82-HTFh9RL7iC9IDnlK7Je5V7Rjhfeh_YkGJC1cvuuzBVGujkTeUOR-2_W-4R49e6jfphZulj_5K-mfxdZDZXV350kmEp8DFSQ-NymKIXhK0hVj8gbMfXFo9pYJlXgickcsimaqlc64C2Qd3-3itqZLcTKymBhXKZvf6RgaQTj58omo1tU5E9JK4rFInqJdWhHaKQ8_ZfDnVMvoC-TyxhoL6ktKPskCp_RvL_BaXrhsqR_f1cyuG49sUak5SB_jZm6FznM6eTO_xdWhxpDgCkGcg8wcAHadK-7YKsJE1NzUhWIjBRHrJRZIYTpkJ16zXVRkL3QnlOJF1ox6dBPLa-haN-1IW1W58abS1gB5L7unzBFBIiK5QyB_WxPT8I0LEFsrwt6kojgl3gKUD6pjdqOaleUwqMxM_DGKBvEDkTUBruyVkFi5kZQ9EpRfOR3gxj4lDeVmQfn5svGDiKASehuXG59PZWlCdMZ_YzEg1ALXrmb1edKL-FKudgWKOKJUJkJJUve3qbkMx14zFy7Z6lb1eyOMCnnTi3fwndkxOfJ9C5qG-T0Tvm4bqgtI6d9ePQ0NmPyyuts1v0E6jboUoopErSWqq2LqMPbUECKI0nr433Wu2H8w18H5xX5wh-jcKwYC4GoXkB7EhhrTl2QvtWl3ZLMQgmm-URoCjCdlC04WIrXr0Yh-LI0LHeaL3KInkXitVKKSsTv4kkZWgmyG_KE5lcBj5r_x12UQ3hEU956IHBXxz4qRezfpBT4whPE_OrGc176eE3dsu5f4jf40GgXcjNKljVwUt32M-uAsEMjIYxRRf2NcuSb_J32m25YcSP_FGMwL4V-Z3gLlU999IAvwZ0IqBvg&cid=CAASKORoVjinLopX1Mntx5fgghY26MTbrSCcXPuSPaBbmnXGpgsUYmq2oUw&rfl=1%2Chttps%253A%252F%252Fbongdaplus.vn%252F%240

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

c4820acfd38e3af0e4654b00f0e39eb97ede5f9d325ca68170e1adfdc9d72b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D652 42 B
63 B 62ms
51ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B4bq5I1zr8mHPKaknDMfwvuFTaTWVqHWtKRJxzaC0rgHgcZAVEDycOh6vAEPoJxgmqmltKx5-_T3zsPJzu66Zlvn_RO7KqMUz1Fa6GqWt1eBVnOKY

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame D652 3 KB
1 KB 56ms
31ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:34:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D652 140 KB
43 KB 28ms
17ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Aug 2022 00:46:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame D652 17 KB
7 KB 39ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:16:07 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 01A0 640 B
316 B 33ms
23ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYoef4xgEwAQ&v=APEucNWQpUkyI9ZblLbQ94CBHkaQCfP28g-ow_iHh52JueOEwFqzS2vCLMIJWtXhH2vRom2UFcZyAEoA9XbT63RERWk5ipfE_XqQciqqb_m4Mo6ojEbi7_U36jJANfnBGZLNwgslYJ4C0KMWWcnoQ41RWIFRRWW8opw1KsSJtIAveaIl4Zdo5eY

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DB4C 84 KB
34 KB 76ms
66ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0vGZi58aJywb7lD9TnR8L0NIwTL0WRlt5QYFrhzcHF6qplph6pK2-jsWbQSr8e9JxTr9ra8-zWP34usZOolSk2FtYwt7R84R7h7Hmcgdoa92AMxLTmcqyoQR0KjR_Zfpac4qTPm6iHpmAuGIKW-ivpQmmpw&dbm_d=AKAmf-D7IrHOnNk0k9WxPTcokMiNt-bhQMbUzdVpR0U_HZGFFcViNaXGz6Mn9tvtEiCdFRwllx8yj3fgvhvQUsbRXpkDzF-kja7DimyE4qo-dnoRD1lajVmMpG2tFIcnYdevF0bM9jN7F3Gva1P-K3x7zdxZeRrNMAVCeYNLtyrNdF7mwSx9pJue28FP77ukGCFT8pHbVMWh-SXVZaGWM0Qcu_QgTMmzupFKbYQ9SRfM4C-TcWImVKuVf_205iTr3heEtcVQqPtSSdb5lrNL41uNag2kVjahUEwo18mjSvsn1Q9V-kU3OZr0xJXJYrXrjMuUpUIgR6hKfrhEnYRm4BaqgfHBMUTHHFU8boEBXq_pRFOSiZ8wYa0MvKLqg648n7EyMDKBkwVS7mmLVADYWg8EhI4MKHGxngWDPFssq5m06MKd6PiM9vz7ieuZYJo8ebYtYwHTRNsSJatrB0pFCY99Vpxxa7h51drrB1q_Oe7Ex1wUw38B6kJB1s3AZTyfl2GBSfMHWEnDLFx1q-39rDZTN_Sd2N0ZIgAfsTPf-jmaM38-2z3WALMOKi-RXRM6H2_4nTuHvjTcLN34ifJt8ICMjTBQzjIRW_SKgsvux9y-ChaPFR-XPPiEmAKKZc9n7AdYi7wuO3FFqbfrpBYYcQSHtOY9R_cSt6pO0WYdryZ9nOY85TKv1CZy0Acz2i4KNDVhhRfW94LQfP_N_93FHBN6b6uDt7tzzfMDUGYp90LvOFbFBpfsnRnJUgUP6DojURBJqptj7Bbg9Jjm5FxHIg_A56tytiMxwy8wwNwHKgO8MIJj3l7hb8HwxTm3zpDLEWrzqpJFcKyzE6yJMALCGYbwG6o3C88CetGkM5I3nmIMvHgKrZSDb_QvYcODxS9Fvg8YSVlzuGFsl2v7RbwQps7NJuja1aK0X1AyL0Lqfju0K_B1CzqxlzqexptqAuz0w4qTd2cLvQr1agaOlHWmxP4gqQz2sE8HQ8QW3y-8Cje9dpKbMaLVqfnf10cqqOEyE6xaiNUqDutx1_U9MqQyvzC8vhezgpsJfNJ7Ue3Q9ghcuwDlCc3sJzTjUgjlU0G_FcGOgEdPud762BK8FVdc8IgRMJx6aGHfCqzByJo3odGBQ2R2Uwni9yA1aRTXlgrAMUjCZqAn-eEMazp0KouC3kTJDokYm9hy7I6a2tmE-E7E5MpJUe4_ZYjj2ff4qhYXGtA8c-Pyulkq_WSc7mWUdycwNXSpINHHl03L77flCdbWqoNoVeTALDVQw9JNLPV0GUqveX82eV0-kYkgFLyvI8VbM0cqzpKhN-wOO8ZM35SAJ7YxZcANc4ee4bs_xSPucXmv5cXH0nVMRJFwbFWVpB0EOYcYq4bCPl-b1o_TZ6Gb9xle1KFTUyM5WUEysM5OUQX0mtcoXCWibRYflKV4TG_3bsBW4RRQFkwa0V4Igs84p-KyX_FS6kenbz33eUc9UXSaymU2olwffZK3Fdajsqiwqu1Tn_r-rjolxgG9aRJf_Bk69o0JK5ajlsZm0kY3lWTOxHBg2e2leAverBRWZKIpaqylAkVyqMjYbPcGtsJiINansGfb1Xlo_urF5rQBcsckjIZykdF2mjxcVYD2xgwjgiehGVxWRh2otO3Y6LywTUHPPS_KYvvM3zs-i0IdE5V5Riuw44qMcTYaY9RmPSQNpV4w7e6h7fgfPO-3cSg59h3wgwFAbs-CHnRsggCCr5z4HSkG5Ulu-eGnuR4l5MuZWK_Sppt7LmuwzQeCsRJFlzFdMWLMKh75At8-_jB5ZA_Gzb-c5Y7ip_NJHGTpX2BqIQDAnnqUY_46Dpt4ftY9T3hEJOKED-SnAL5dnw6UabvlR_8mBIiky6mFz25tWOr-rGVBmlc9tisC5Jyf1F7PxA1LJxiu9-A44h8Sn2LilyH-w-TNm_rIXvgVy2Ng7GXYSu55b7m6jBL3M2cv83C6OUtDjp8CFlYlzXa-TtQiHT_Bpgf7qO1DtUk687cRwNAp4GDZCHcEB_hAyHRM8diCr35oo6lgVWbMhf-R-XlMWiWW36OsEtq9KqxNVDalq6NTrMfc3iaOA4bgsF7R2GOawtzi_tY0VO94OoWcmKw_FUNXHqlH_auhn9dOfzwzv4CTEYP6UtBYV7I8DiI6CRxvSqUDxi_lyA9gulzxdGPV4XoVGTZJDGRtNlwAb32wArsG46VYjrfKIK0YP98qnN8FKnRaHGdFrmsaHfhi-ITC98xMfQJbnZSYY3L-p7ubmSa27neV6_XV-eD7yt5o1C6prF8z3Lvuif9tJ9hFTugAZNQqRAb_gje04DO8eOAmHC5yIkSRjKudSrQOupc7brcSArdodx3Klhh29yzal0oXlxGXe6o9fQ3UXNSQSFTPFfBPsF2j2xiByukBoo-xpjnlsswMQbffY42Vu4DrouDJdafMOT5uNgu1V8S21cVq_agJlXC02OPQGA_4rAAry726biFStkD-aTLwP0Jf_UO5Sq7eML41I4OFAf2l_E7HxpnfeEd9N18Xowk6aCkTvHgNkurdj99UROaxTZJdfDdRNE0iE3uAhz7rw09cGihFzLY5Ro2cy6PxjLMRKS1utHgYQz5CVoOQtabu6tXlmV_KF8NeZDTVNBT4pb_cvf8bk8zFWXfrU-FkmwiGaXLnD3BWt3tCeh7WtyLJY3ns0fwat9BdDNqYEYxFrh3l2bkuU0mNSmVfAhrM_ZKh_Uh05hFaDKDR50Q03M8cbD7WwVBBjEcKLGbLDwitP7adqrQ0yU0uL9BnWND_rD0-vcyPezwvUsnnLEdUEndP5hUEDTAO3dMcERbnHbTyXcuQ4wzKKDydlG_ZHdfdZUQ43VNQiRaTIbyD8UDWu8TsReVq6lLaAw6wz3CHITcIwiKVw4jkhbnQgbLlWhm5h9cEc2sPfZHT0l4uGcvNURJbcDWpFKVE8BUswE-sFMKWE9gViLCdDrUefANF_XkH-smms0SkfMB8qh7Uz2tNhCCp0KfgX3LGW-qY_jvDXjgDN42sw9x5aWZLoL3xN02GxeOv97wO6wIDxVVfTkImAmfkI_bhNSLZVhUXuTflBQI0WAYhBoNFkqAbclTCcLeDCj1QusDsLFRzD6l6eryY6rrIcTKSuuYLUUJypkM62RJOuFlZUrTt18u3275UW_RTFZh-A5UQckgVf0eabsX2mmhiwMk0ezKA8TsMTFY193y6vGhy4PTUCGMeTIyl29pmCvWGdYPoDZuB07ozXncgc4Y7Dc4o27cAKU5bOFwIjh9tJNeFg9fP7QhQZgVg4WS0xl3cYfrwHShYhcdcWQQA4gM8nRjEL3x3T64yEmg7mizrRqodX3nnCaVJf_BKwdfYug&cid=CAASKORogClGphZV7TcTEMBIq3z-x2VSAT7lH65aM50o7E6YLA9OUloER0s&rfl=1%2Chttps%253A%252F%252Fbongdaplus.vn%252F%240

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

22810d11db9e3b7a8869739cc149f2e0ddd53b0d8d47daf487a36071c935b472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35157
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DB4C 42 B
63 B 59ms
50ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AE2zmEtCki_UjpJKMrj6nWk1iRENi3DTXjfSQwjSbVG1nOXG-YgApICdaOhbGjTwVgNGL-TSJhN1Y51DyVmzPJNkB9UO1xY_M80CyFrlAqwz1YNCs

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame DB4C 3 KB
1 KB 54ms
32ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:34:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DB4C 140 KB
43 KB 40ms
30ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Aug 2022 00:46:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame DB4C 17 KB
7 KB 38ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:16:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DB4C 0
0 24ms
14ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_dOzt_aJWnJP0motoG1vukLuk-ncg2gGPP6TsoFUsvmjSe9h3tqTaP1iBOWN_HhyDRzgZdlU5_WwhPprIyB0cQt3kxw
Requested by: Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F245 640 B
316 B 31ms
22ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY5eL4xgEwAQ&v=APEucNX1lUnf2mKKe9AvNhCwXWzTT__hPVyYtvPIHWXvwvO_-HOfMX7nKlKeWe3qZJWXQ6owTpU0YF79yzSV2uGJL3kYxuTkiaT7-tCwF6_kCfo2vm6vk_bNJpX2SmFlN_ShkKcu0rZivNe-7QIACbw-0z09ryKw1Qxkvs6-n1ohcUbBRtBWQjI

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 387C 84 KB
34 KB 70ms
60ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DrvpM3wXXP60_AaKwiTQ6w83aGD2sC1VnXOSspiyYAQhBFxOtwzBfCCu6q-TjaPLDCb9P50DtTWVbu8aSUmszidiMGd87AcoQCd7xK7EkFFm22k9v3aTsS2alnmnOmo9c1HyYuPFd6eBbBsN15LAzP5jrPbw&dbm_d=AKAmf-AjY_NPThDtUoAIPcONvY0J5vPp9Bv90VnoH5mORGZ4cI_ncvBnTrD-yuPXouJNbJ7V1VtZscm12aPkvYIARQatxdGXYFdCo71QK-pD_GYy-2ZFEhrgl0y44cv3T1_S6MTTkQ4f69hPfuRgtzbT4t6UxG6msQyehz0rc5Hot4yapUdmfFoFfdV0zRAK4cIbLWxxu5eSv7tGigvjBlSaJ3hQvAgZVP6e_6i1yCBQmzyM0ky9YdhfShfeg1cv_ltQm0Id14744_TCqRQ-G9V04D7X4gb6i_Bl2Nqspz3vg7moChsJzYtgK0HYUi1V07kSr6E8xuFzgcV62if-pESw7LGwhTMa1hMXCUrI0dwti1BWVIfXweIrIOSLquvr0cwVykI55DGDUHhdgaO2APdZRg4ru9iA2Ca2ZpjP5psIE8OV9Uws_itpLGbDcQNf8rif5OSqn6IMmfr2ggQ3FlfwioHoq_aJmF8fgqJRZrled6918h-b5tE_bOJkpuDIYQgiLXvuFCXIQpro_5aL77yqe_LhgA15jaUWBiuO4-X3X4Zk5rwb4N5qcOTnbd7Tu_0PzcOhxgaspWCP7LyE2UdIqZhjFDm68ML8PzyC1Eu-4afseHppj-LHPIckgtP8IW2aWdyRWXtSrXf5rJ6QRWev0WuEEbtMowI6RS0IuP9hJc47b25F2LqowZINAuATnK2J_iqy5rDAAITUJIjSYx0qu76UWAfKPBznwrxdKIJqFkPDTdhIdeMA-HtGYQ3ywBuzxtDQXZMgh8Gs2WM4B20trPke_MpVv2Cvego2mwqZFmd8wMpcnRXqNWn680Ff4eM0kLHWOMMJcoeXQsw_NWO16oEcaouqwUbli5sxQU4eAuqK4u1x9uglmBiSdoHXK-zlJejprFud-1cigZptmHY1mbwXNKcF8-aYMQSIsMobSJLGYCpESMyIXzpNmjpHPfnVOb-sGe7i7kUd535NgnlBR9B6BxlNJD48Rx7S6PUVZ2lwdO9QCgkHCAu_L6am15H1IwM7FMPaJtDiYUziIMyNVFi8rejA4OsKGHIHL6BCU-hu4iD-XBjtmORA_YIfOo7g3cvloLZeyVKfAVDoDmw_KpoCoTt3oE2GwmP_ZWkIXG9SVAbzfQj6-6pnSFkQY19HycAQZ8SvdWKdKa8o8k498DpmKoTTDLLjbUTzwLm3LqCj9rVGtlAKJqiJESKYmQlBzQ7d3kOSHU2qYwjmZDzEJEbKK4WrS317JhV7wqE9tXD40EpW8x1cQ0ZLbqu-HLC0C2CTPE_CqgqhZx-G1kz_z60gMzoQS2aOVdJMssVj1cBGn4rhcTU2lIkjEDL_b1r_AMALIu0z9mes5lW181UZS5AoIV9yvTpZBAmmlqDS7_NYBGB0AgYnW5goDw-4oHv42Sv-d4vvSRApbOI7LUObbWLuwCUbD7t4s7f0HNHAN8E7qY-p9rHnmOhLsjaCqdSY3X86Un7Oxm3PdMKsOIXRxol_LGGz7nrROsJsQ-oVFSXC0torA3mm81EPJshu1rDczTnxYWSSGmDzMCc2xOqjlxcE5XGlFcsVE7O5KNW3JgY_NzEVn_dIU_-GfA5642uRjdAAf0Dm1-WetLmVjeI7ekUVc-YmjYWb8fxFjOxwi6oMemb2SFHetPgf0nfhlUlw2YnVS_n3BfJCiPXzv92-BW9gRXnnF0Uz3YFo8xv7mvKNqtNUK4F3_Ydh3ZQUub5_F6WeAtSeyvxH5WZ3DgDApPPs-C3h32DlT1VyOox1C8QQQ8okOiQd-TyOVfBc29tDQMzjVN7pHPPjXVwG4s9EEgB-osvlMll2tFMU2uTV_PM8XFfmG6l3KPuUierIIhGwhHFB2V6PUUM7pMx49Yo9oO2KM_oWj-LwQrv8g1W0gZ4osXduqQJHWMSnE9AxIUp7GWWGcn7piTMroWpl4k9WtGzzMvwgnRm0ZE7BAZc4YlExvXotEf7tgA-J4RG2tGW7vpd30rdjCGpETMcX04tZHdOS30SZ02kYS2n4ORZfsZ8yIREa-C5OK2Vn8LaO9-6FYcHyQroQNFR_7JUqIjq22CIPuGVId74t_SR59EJnDhv8RkfbPRXOSAo4FWYpC7yxnJlMdCrIqs0D9FmCX5YSjGjFnb7JVvc-D7NVaHnyzgFldIq3WTwWEwWIM_PqtCyCBjZIrfkOighu8dmkuQYE0HZaQSqI5i3OnVjYXCK6_VC45mh-LyATCE48f3ONlBloEthJqEvk8cDXoD-WoBorx1E2M-R2ZJjm9UwHnh5lurSttK0R47axargux0C7lP3GHdpItB__gZlUPrmdc-NHSldg3oSfvY1qhkMhbkqAvBsNAJi_xPgkJtLEeyRAA-ASOH2jB9WIyZcRhi1GEDhnnuNX5WxgUJV45UEs0RA_p4hx8Pdd3xX2fxdXYjo3539qS-p9gj45qh3NMfaKzG-kGbTuOS-tzxCRo492uN5TyQ9sTKobFTg_qi5M1zpti2s658nQHZeyji1yW6-v7rMnC-6U4ILftPB905C3ZNlBRQD20kGqebJS4UDqhKF6JRGYGz8j5r5S2MzwPZAfAQSuRbPMWA7wNQ7yawuGcGPewZczQqAhIqJvyXbDHIu-3EvZd1BVkIe6C7jihiZMQ3Uw_QZRzGA8K41I-Li5CCc-Lo3VOUVDCZj_eM-CWxBvM7EfSRv7mYdcAtOOE_Kbmjgcdx5D-GHfFWypiqHscNtYxRW5FfTnle2TCfTjSkBDTDpvc7gA5iC8PXYJ8pwkmd_cii7FrIoYdJkM44Dl3RSDiEEdyBN7cGs8d3kIdWG4avlRg-dJ2CWJY-HGUUI9B6SkJNwTZgMM0DVmgbGPTEc2E5c8vk7db8XWy3mLeZFsDisrwNzLdvldJCRorVF9Sp3pjJowZHXeuSPcjanDuNT2Ptt02u1lItd28YffvMxKxpVr1En4hcyqDi1wk4F29ANhdVTS0RKkuZwoIz8t7CknxB5_oNNOitby_bdyjPIt6lhw5JPBZ_FE4iTg1DyCX7EnQvnDve0N2KXJCM-58JSAShkpqo4gv9LoEAtNzJ4aKH7Wd09581FcMjLhiYnqsNyGr9NQHxLFPzDlQMV8hy3gAe4A4BkAbjq6IjoXzUugV-esHnj_ZyXRMsewsorfIbJs9_SuhqFU7UZ-Cb3N-aPtwz1JNJwpfglUNVOSnaQklw9oZnFnbUohrHO-GkR2ikFzJhiY2xdkPt2NJWIz0DKdMSvaCeZCadTyFMv2H35qi2UH0izKIzNDfxVJvGJpF6F2l4Ky5s8ICvCVn74rtA0HxcGbCfsFv4cKpJUYKcC0qw4yOPp2sF3BVnFpQc46zJeazqALEGlZRQ&cid=CAASKORoM8JBMvP93iAyvImU29YvQBi1YEcx9IKEwWeLnI0-xqj-C_cfmGI&rfl=1%2Chttps%253A%252F%252Fbongdaplus.vn%252F%240

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

0ae3017829c46e14f88353cadea0a8a4396b42d63637c3f8e2f3d0d0b3e79c3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35142
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 387C 42 B
63 B 58ms
48ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DKMYwJmfXbvXb5fpQMqyosx13UJbhsa76P7ihJAN5TcDi4RSlKHtqpiovvJdCRJCn6NjBr0NSZ-wch_XXGRjBFc5-ZATniiHmulmc6GjdNvikdMRk

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 387C 3 KB
1 KB 53ms
33ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:34:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 387C 140 KB
43 KB 41ms
32ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Aug 2022 00:46:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 387C 17 KB
7 KB 37ms
17ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:16:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 387C 0
0 25ms
15ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTw5eJdalHuFRNyLHv24URt9Tc3-y7pPgxsCJTY9yKkKIv387X8jeGD4Mbha0vYOwi-ea-KwgDQIm4WiUsmdyoneGIUgg
Requested by: Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0C47
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM7U3fIxu3gkoKtW1PiHxjI&google_cver=1

43 B
907 B

51ms
35ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM7U3fIxu3gkoKtW1PiHxjI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNUHoWjr9RTX--kViCq93ut7ha-nk6Ki98SCo_5ND4QZInMM1tZtbnNwTtcADRqNHPBCidtrprmDaJ0VhVlQU9_-6G7PQuRg8eyqnF7JyS3YGXfNUnsyQXFS32PKSlL2gpD9d1bdK9izMYusU2rtjxNSBus3fVoZaSWXmLdE605bxMK6ip4
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 742144683bae6964-FRA
pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxRNU2KBpXqS2tzeOGWrWCdz4kWnWgkjbBgG2BT1BaqAr9YqpBKZrhgRYIdeTqEiazopiI07P4U4fnobqGUdkuDtQaK3kXzIUqd4O5nRBzIca0LEy5GWA8V3F%2BfMZZUZmEys975rX6jm9g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM7U3fIxu3gkoKtW1PiHxjI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0C47
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwwMSCZBkDYtJjyTecgg4gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1

43 B
908 B

39ms
38ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNUHoWjr9RTX--kViCq93ut7ha-nk6Ki98SCo_5ND4QZInMM1tZtbnNwTtcADRqNHPBCidtrprmDaJ0VhVlQU9_-6G7PQuRg8eyqnF7JyS3YGXfNUnsyQXFS32PKSlL2gpD9d1bdK9izMYusU2rtjxNSBus3fVoZaSWXmLdE605bxMK6ip4
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 742144697c956964-FRA
pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ycy28TIZoTacnLI4s9qeNNGrjpqHrmNwybW9uqGE2xe5W754qWSOl4vqo%2FSkAI1pB%2BZOHWGK13p2myoik7uoTvYUnLB4TGmukCdWt64HhtA32ak25bnJ5K5dkq9NXwnQ%2FVCioEcpLxk0Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0C47
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBFnY1XRVd0ABf86ZImaHy0&google_cver=1

43 B
1010 B

9ms
9ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBFnY1XRVd0ABf86ZImaHy0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNUHoWjr9RTX--kViCq93ut7ha-nk6Ki98SCo_5ND4QZInMM1tZtbnNwTtcADRqNHPBCidtrprmDaJ0VhVlQU9_-6G7PQuRg8eyqnF7JyS3YGXfNUnsyQXFS32PKSlL2gpD9d1bdK9izMYusU2rtjxNSBus3fVoZaSWXmLdE605bxMK6ip4

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 00:46:00 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 06c14c08-4f64-4a3c-9ef8-9b1b84a76587
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBFnY1XRVd0ABf86ZImaHy0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C47
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NjU5MTgzMzY0ODMzNjQ2Mg%3D%3D

170 B
188 B

19ms
19ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NjU5MTgzMzY0ODMzNjQ2Mg%3D%3D

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 00:46:00 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 20c4cbe9-a3c8-46fd-9baf-740782d32044
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NjU5MTgzMzY0ODMzNjQ2Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0919
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMaFWdm8VC2BBjxKGLAxMZc&google_cver=1

43 B
908 B

45ms
29ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMaFWdm8VC2BBjxKGLAxMZc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY9P6pXTAB&v=APEucNXI5vf6I873N3WrWtVVxVKzT-1AdZzJEEnAUzL_ufkdNVqIteYX48QKWKA8t_8AJgTYtk8sMjRicCY3zIIlbS7a_Sll2FSkEAlpSkMfR4X-rjEgw632BWUfKgNvUXal92oXd1fhbeiE9C_8S0JkOQSLHFFoi1u2gi2MF1zqFoVdLV-48Nk
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 742144683bac6964-FRA
pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsEhiMAf8OU07pw%2FfNyaFhpE%2BhrBt58QcDFSp3JQR8pCRAqT2NogMmxx6KMKV7U%2FQ9oicKVhYSlh0wK3FGaliOtRlQuTzWAWmzJngY6E8tvC2ZUKIU5h3SNo2BCu3QWkdaw69Q2qrdfzSw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMaFWdm8VC2BBjxKGLAxMZc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0919
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwwMSCZBkDYtJjyTecgg4gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1

43 B
912 B

45ms
44ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY9P6pXTAB&v=APEucNXI5vf6I873N3WrWtVVxVKzT-1AdZzJEEnAUzL_ufkdNVqIteYX48QKWKA8t_8AJgTYtk8sMjRicCY3zIIlbS7a_Sll2FSkEAlpSkMfR4X-rjEgw632BWUfKgNvUXal92oXd1fhbeiE9C_8S0JkOQSLHFFoi1u2gi2MF1zqFoVdLV-48Nk
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 742144696c906964-FRA
pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZCm26DUCJ98s12i7M93l%2FrJKyCzDiD%2BdO5kPOzTe0BhKvor3K%2F%2FZhfJWJO91dOvPnHQBKnqH%2Fo2OiaK6WFyAcX4wcdiOL83GITjKsKtTM1TamMtRqAuorAXqrfmjUR82J4%2F9bp6iObYCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0919
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHwOXzAJvcOkJtGzywuCqd8&google_cver=1

43 B
1010 B

18ms
7ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHwOXzAJvcOkJtGzywuCqd8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY9P6pXTAB&v=APEucNXI5vf6I873N3WrWtVVxVKzT-1AdZzJEEnAUzL_ufkdNVqIteYX48QKWKA8t_8AJgTYtk8sMjRicCY3zIIlbS7a_Sll2FSkEAlpSkMfR4X-rjEgw632BWUfKgNvUXal92oXd1fhbeiE9C_8S0JkOQSLHFFoi1u2gi2MF1zqFoVdLV-48Nk

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 00:46:01 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b79f3944-506c-49f4-bebf-93166e19f453
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHwOXzAJvcOkJtGzywuCqd8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0919
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NjU5MTgzMzY0ODMzNjQ2Mg%3D%3D

170 B
188 B

32ms
32ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NjU5MTgzMzY0ODMzNjQ2Mg%3D%3D

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 00:46:00 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4a0ca395-5f95-4d2c-ba97-ba3664e1624a
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NjU5MTgzMzY0ODMzNjQ2Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4934
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMaFWdm8VC2BBjxKGLAxMZc&google_cver=1

43 B
906 B

46ms
36ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMaFWdm8VC2BBjxKGLAxMZc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY9P6pXTAB&v=APEucNUOcMZ5aD1M_qfELpKDIoZnB9daIsZvynv6WLsfzGsb1BhokrX5_rXHy2GklSEp-N8qO-PNARH8OGGp9NmSsK2E_R6Cr6FvDkkmPxU3q7PlIRNVLDwYrOBBz53dlWws2IZWE65ZRZPpLc9j4A2QhDKonzri9DMXAQCiUZZ14Zr_lNmbCuk
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 742144683ba66964-FRA
pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMIUY6B1RBdpeYIWuV6WVllgn92RnHWp014at8hH%2F8ZmPtu%2FsynGuYeBmWUErDQYESQQzPstPRyiF72vMkuQkLggRJbl4hobtbo91V9BBRIEkMzxoulmI8Sace93mXxdFRY6lg9AuniNOg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMaFWdm8VC2BBjxKGLAxMZc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4934
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwwMSCZBkDYtJjyTecgg4gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1

43 B
910 B

35ms
35ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY9P6pXTAB&v=APEucNUOcMZ5aD1M_qfELpKDIoZnB9daIsZvynv6WLsfzGsb1BhokrX5_rXHy2GklSEp-N8qO-PNARH8OGGp9NmSsK2E_R6Cr6FvDkkmPxU3q7PlIRNVLDwYrOBBz53dlWws2IZWE65ZRZPpLc9j4A2QhDKonzri9DMXAQCiUZZ14Zr_lNmbCuk
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 742144696c836964-FRA
pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqje9db4qZ97Dz2dMKgZRFEYRMeLrGV93E0JsFVOKtPoAepDvBr%2Fg%2F51JntVnsV5OtTIsRlDC4HfZmNYWN%2FDHOhuw6g6tiITaCQCDQybQsksfPMzfQGakq831SVf2AP8yY9iUgPWdTT%2FKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4934
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHwOXzAJvcOkJtGzywuCqd8&google_cver=1

43 B
1010 B

24ms
13ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHwOXzAJvcOkJtGzywuCqd8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY9P6pXTAB&v=APEucNUOcMZ5aD1M_qfELpKDIoZnB9daIsZvynv6WLsfzGsb1BhokrX5_rXHy2GklSEp-N8qO-PNARH8OGGp9NmSsK2E_R6Cr6FvDkkmPxU3q7PlIRNVLDwYrOBBz53dlWws2IZWE65ZRZPpLc9j4A2QhDKonzri9DMXAQCiUZZ14Zr_lNmbCuk

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 00:46:01 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: fc6f3740-e9c8-4e9c-8245-71be69cd2207
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHwOXzAJvcOkJtGzywuCqd8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4934
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NjU5MTgzMzY0ODMzNjQ2Mg%3D%3D

170 B
188 B

20ms
19ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NjU5MTgzMzY0ODMzNjQ2Mg%3D%3D

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 00:46:00 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: cd0d2e61-c4f2-49ad-bc81-ddc7054b2c27
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NjU5MTgzMzY0ODMzNjQ2Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6F1C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1

43 B
911 B

44ms
33ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY9P6pXTAB&v=APEucNX4dOi9DkhKK1tLxeiQRbbrdKMJ4xzYYrbsNW2TB-pOB_L3gjID_xbdMRVWxKZEtDmAil_9EWFyNtkDQf1DbyXUFKpMCkhgSwWdTs0aAeFru9R1AayyAxj251zCoExS2GRk92hjfZNC0_VOUWtkaEv7fqej5_J5EQhu0wpLEHS6TTIat2c
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 742144683bad6964-FRA
pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YYPLqJfrG%2By7SusK7Ya6V3KGLK5w7jWah0VfYnwtr6ED2K8sWeXq6Mxd%2BqWCNxDCh2%2FaPxatU2a5x82xrJccUvXxTe3MOjoK5qGIphscNvXUSUn7UgzEt6gdQffpqW7PWHC8qUklMWX%2FNw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6F1C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwwMSCZBkDYtJjyTecgg4gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1

43 B
910 B

34ms
34ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY9P6pXTAB&v=APEucNX4dOi9DkhKK1tLxeiQRbbrdKMJ4xzYYrbsNW2TB-pOB_L3gjID_xbdMRVWxKZEtDmAil_9EWFyNtkDQf1DbyXUFKpMCkhgSwWdTs0aAeFru9R1AayyAxj251zCoExS2GRk92hjfZNC0_VOUWtkaEv7fqej5_J5EQhu0wpLEHS6TTIat2c
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 742144696c8d6964-FRA
pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ds3Sqk4zjt%2BgpwxyC6nzP1Bex1OCr8lzzv8mv3UqVi2zWCnwhskqB%2BVfbZsXS84NCtfx3UyIN980am6Lbf0269YpVUNhgNbsHf0qkqkgIMy%2FIPN%2FknvEwfZcITcjscYMFdzGAui681godw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6F1C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHwOXzAJvcOkJtGzywuCqd8&google_cver=1

43 B
1010 B

9ms
8ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHwOXzAJvcOkJtGzywuCqd8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY9P6pXTAB&v=APEucNX4dOi9DkhKK1tLxeiQRbbrdKMJ4xzYYrbsNW2TB-pOB_L3gjID_xbdMRVWxKZEtDmAil_9EWFyNtkDQf1DbyXUFKpMCkhgSwWdTs0aAeFru9R1AayyAxj251zCoExS2GRk92hjfZNC0_VOUWtkaEv7fqej5_J5EQhu0wpLEHS6TTIat2c

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 00:46:01 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: dbf382ec-77df-4744-acb3-1d5b2dc0c5ac
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHwOXzAJvcOkJtGzywuCqd8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F1C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NjU5MTgzMzY0ODMzNjQ2Mg%3D%3D

170 B
188 B

18ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NjU5MTgzMzY0ODMzNjQ2Mg%3D%3D

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 00:46:00 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f798a9ec-e645-4998-ab0e-d41d2f52bcd9
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NjU5MTgzMzY0ODMzNjQ2Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 9868 30 KB
12 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-FbCeICz5b3j4XrWUH1y3dtBkJHpgi4GzaftQhBbmShGs3I44JBoGYnMaHIBoB0RjtOBMrB4cIF_gs5888rFBjsUHJpto3FlTmKXUroMMZ6daYmOtVrZk3KwVyCZ73LdzlUpr-SHuD-L_E_W3kPbTF7K68A&cry=1&dbm_d=AKAmf-BJc0FYaGNlCbWM13au6SxBIfTwp1fOQl8Yut9-D3lPQ62t6XY8eQwWOA-RjGmK460-jP3aNNWpUcdeXgxt5WZWC7JBt1Gf3YXJBMmGP_zzBcu2DxNO2zJ6r9ScGvHkVfq2oxIcYM-gQvTBFFdupXzBDj_XRKxkHbDgwbCVuBxC5yFEb0tZkObHxp26HV3glj4sMuOYJpPhYlEfgN_MFgCYL8aCqnTBxE3_FLIyio8rWsrRgoMN0S54baKMkLXPoLQl_qD1hBk0cMocaMvvTAKJVtSvpZUNIhpCDLvjybWnkND-sW50eWLnNJI1H34A3CBXlI5t8ZAjWH65-ErgthrwZJ__V3qmwfc3QZC9Qkh8IfVDKGkqKFSGt3TEsXAQwPfSjx6U37FWiXTyyLyJuv0qf8Flg5JWvq5eBFX973_Oz61e1tCi66ouNYQAO_aqXBifFfqGPz3bRVxMJ0lFQvab_CnTFuK-9UL1bYhHJS1wnivZ6t642jpcfXerDMGq3f9mLIrQnNApZM8eGzkXKQaAkfmcCFqDNVrAAAf7uwtD5hmv2LbJJHLla9QSDjBT7gG81tQihSgl7pIPUBtXVBWo8TPVwTa3A9IR2CX3LkFl0RayoWHoXXO9edChFEJnMkuO3gsKZUmAJgXQRG1OyS-i3jud23L3F4gl-W4YK4xUscP7aoCilwrcEa2xVzcQ53WsVBjLc3gNBfP2-4O8hAvw3u5_KFrVLVVCsj1BozdMCn9CJpOiFxgdNzzaVCdlImP29fgWWgtIJA9WpGQdLUOOOyilRqTvCmTk9ejkjECKRU9kE-UINT_JJsoHT6d3fNrgd0hvV_dfl4LiNGhFk9mriYti-L4CdWmitjsGv37d7guOlTM01vfjPuXDdqxWKOcUjnx3RBiCKYYp4S2ukwPk7R5s7CXMmdby-ZVJQvf8Anrk__mf9PO1597pTt26qrr3IH47-w4jQqrXMMFGRYM-sLEJEP00OUtj8s4AEg1fOmGGlYSaWD5h_OfiIf9L6ATyjq5YngUI_CSXbwpFltQ43ODesDs5_E8R6Xn9wHxY7NzRNHU2UOHmRe9cES47novjdNRQF1ilMx1llTHzTfJ5aYeV03F8-E5WtUNyWqfVU-lm6VpETijI-Kxdqd-Ncy0312fE0nYVZ-uWCJrXkoYrRry5B3U5K2AZYVJqmp42YhkvSIVvc4hyRYFC8TrazotrGZgegvA6xxGrnBACOnf8kw2Q3dtQqTcq-nLUjRa2fPMtIiX1eJGAFq6RMWI8tJJKWogE9faUVeNDLmRlKe5fsDhfxuKSDoJ0XgNr6S7KKTt9lNay35IhJ9KqorUxVLPlxyWPkATdrX6klxkNVME-NK0Oh7t-h02M2FaCVYCrbg8WOJEoF5hTgAfMK5HtvFokcPwfr3NXo5oHCvpzpRBlJjPoneIqi2v-_nKC1Z8VZBpW4EVoc5F37ZZD3hVVg9p5_Ll4BjSW4gs7hthL38NPRFwk9DMqypDW4Ijt0Kxs8JQ9eqxicByylGs72cD-MHIM3InQYPu0a8zyed6OLWmfKLsKoiBts5K5FVIwJbFawLyWmUYrqsFqHXDyaoWzYCq2wv3EXaDhHPSZTjlrumi3FvkhSegEdJSfsybgvbBRk6vXdBi0OENJU_bXgpVhznKkH4bGHqRQI7MfMFjR6pg8dGHxYqDfu-buIRwrALNq0KSDhnxaug5TBRQ6MCNoGsA68cuDaboEfdZQzpKQ3NVWQYjZeo4bGa4wMRbUo1rZH0O-lOG1zWGzT9_gpI4oHeGZGxAaDaPLqv8iAnOSXpq28l9b84S3ZsQLbFY_-rRNPxTSoVGYq__X7Di7UDzvtkhvAJ4i8BSLda5QaYzhQNpbFxSEAWDI_DeWsVhvyS-36DAyXIdlvFcKAe1kuuu1CZnj5-mKa8EGjFneAIziDoqdV2WJgauFno23M-AJ4z9cTUyvAUqNjuhymPAhL7M9LUe67j2j39ftDzqlYCNuhTl4aGniW7ac7tGC4Tq9zikR1haHXXvSz8yUqjwfQF1L8uGo-gZgQxxIXjAAHkpmam2QsSM3sdbNQ7ZOfBDLPU5lAMywMjvsYHXF7E4HAH7VHe7TbEDzpff42RON88eoB7Xvs23JCmrQ7dxu5ooil00whmtxdg1VS_gaFTKHrsPPH-ng4qLosLJ8jjSOQANQaUyMYnyTApZmBIIXubUnHGJKBTVbZm3YXDL-TaQ39-AghmVBJ57NgAxssL_m2HqCuHBuriWoxaqOY_ht0_ftWbkcpHpgZ0im41mDhbjDok-lnJ7IPtoIh69IKcqvJnrLMCpNMiTBcjJgJDFRTqEx9VjYm0M8mQSIudnRFl2c86ugI4C_lCWObgDKE3zLmYFeMKwEZ8Z2j0oi-OQqVNMTqNmZTsRBIg9KZALAjGceCrkhJ7fhMDlwVhy35do1jEqPto86RghAKPzxhbCsgwAVx-dayK0v7mYBgGOjRyVaZw37kPFp1LmZDCGjmK-jBrJt79-3OFEWZkn9sIA_ujH-jkMf5S_pSorCd_aYNMmvuOU76Wj6a3oYNZOTsoK5T67HAQ-LMGuma-SwEuvtSu1xdQm17Elg3feIHe8_AJXewg76Oi2_EGqrB7o1O06govTp-il9IxtNf8yGCEjGbWj9_ex6iqxKyXII8Flcx3cJedvGW4P0RaNhJjfXXt1ADvtRxrXsxo23PC0xQ6Sr9FFX8E3z6rnc9aH99_VhFLXj6JAFRpcSCMyVoZEslF19Ggn9c13biVKmX9BiKabu4HoKmLD2da7X_0lDB43miteYzg7RbAvn2T6EWC4q1wod3QIeHjzpX13XVMjEYHtDX__wboUpFEmVhjwa8xbE0ipdMD19ZLa34YkulsuE94mBI0CqqJRlzFx5c1ZbffIly66Z0Rq9163WAnENA5dKrZ5b23EGY9FmKdPAusA_hkkA_k8WWpbk_wot0ncOEbRF-38lM1V7JPfBI01xMdMF5Vj9eyNQekh3W9rRsqzu6sKHU8ilm5D01LnqXl1cC8y9zaTOQJlCG4h6jgsE6pTAAHCZ3hbEPfjntuq-Vt6000mnfzJCEAcMzWLYv154YuYRACHIuD2U9uCuxPqQx_VUPncBhh-s7s5fntjHHG87Deeqa0eGwR_Se-ZTc3wQ9jUzpGcv1A-dHY0BlHZoBFCmuGoc33-KPSrtCV4o0Kv0eNuAxpiU6u29IAS98vTZcq4CcII-xQlmMXelgOdNjXloLAJrpHFpO5JdQuAIjaGkwhWglGjhunDyPCcjekr17FBOP5zgnbEn-r4-X_Kw7WlRg83O8WPBypsFZ8mV88u7ANQ6GFRqkC6KDb5urlXJo8Nj70gWYPzUZEbGf4ObaOhwPgDUGxhfZtRhQ1lmi0TQQBlZmbyuMHwKBZuqwO1CYtc25TpLrB4lC-PztRs&cid=CAASKORoJHFtfBuo6-xWww-GF8BaNl4Wsoh13394ptNzu7madzvzbOI6ZO0&rfl=1%2Chttps%253A%252F%252Fbongdaplus.vn%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:38:07 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9868 41 KB
15 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 11:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 11:23:17 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E521
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1

43 B
915 B

35ms
34ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY9P6pXTAB&v=APEucNUx-2SOWXScd0j3lLSLrYUFwtrzRjWsKnQWLFKhsnbA8irSBe8M3JlPFMbe3Ai8p4wGYaLFPNnQk9eI6qW79iEppQdbbASfaBmfUOz9Ism2yBqLHSv0hHbUdoVytraJIxrvROmLXp5GQASy1VxNEctdi8wXp4j4aOxw3cBiD6-Y9za81SM
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 742144684bb16964-FRA
pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UyTUZg3jCswMf9ncHylIj6iWReBQ7Q1AWE7Mi7h5h571JSw%2FmbxKP2h12ET4D95u5RZOXW4FpZA6cmxMVdTmKrHWn4iefehB6gL6EvNt%2B%2BSuApUG2677%2B24EYyH0a5%2BdZHulo5%2F%2B%2Fk05XA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E521
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwwMSCZBkDYtJjyTecgg4gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1

43 B
911 B

37ms
37ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY9P6pXTAB&v=APEucNUx-2SOWXScd0j3lLSLrYUFwtrzRjWsKnQWLFKhsnbA8irSBe8M3JlPFMbe3Ai8p4wGYaLFPNnQk9eI6qW79iEppQdbbASfaBmfUOz9Ism2yBqLHSv0hHbUdoVytraJIxrvROmLXp5GQASy1VxNEctdi8wXp4j4aOxw3cBiD6-Y9za81SM
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 742144696c8f6964-FRA
pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WH6hrgUkrfaT2BbnS0j%2BgUB4hyC2bm3lEGxq21BQjONbvHIRJ5QJTVsu%2FhwOOmmOYu8P2xTox30P%2BurdYZjg068a4sEgtayj09h%2BJxX94%2FPE2R8LjhUHepUiU2h9RK0Qk3KGtUvUnT9m6w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBp7hHDYEypzdHVjnQJevOI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E521
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHwOXzAJvcOkJtGzywuCqd8&google_cver=1

43 B
1010 B

7ms
7ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHwOXzAJvcOkJtGzywuCqd8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY9P6pXTAB&v=APEucNUx-2SOWXScd0j3lLSLrYUFwtrzRjWsKnQWLFKhsnbA8irSBe8M3JlPFMbe3Ai8p4wGYaLFPNnQk9eI6qW79iEppQdbbASfaBmfUOz9Ism2yBqLHSv0hHbUdoVytraJIxrvROmLXp5GQASy1VxNEctdi8wXp4j4aOxw3cBiD6-Y9za81SM

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 00:46:01 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 00efcd57-8ad5-4c1e-8e1e-0375ddca3c41
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHwOXzAJvcOkJtGzywuCqd8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E521
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NjU5MTgzMzY0ODMzNjQ2Mg%3D%3D

170 B
188 B

21ms
21ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NjU5MTgzMzY0ODMzNjQ2Mg%3D%3D

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 00:46:00 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8c587770-8ee8-49a7-90fa-b0407b29cc01
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NjU5MTgzMzY0ODMzNjQ2Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 9A6A 30 KB
12 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cq_6SBLwl_yeoHkW_TkneEY8BEQmQwAsttacwZ_82htBxzRGcIaQ96JUO4A8HDRym_AR6dGRBNCgnPTcXQWKGU7CwPXGfDLA1Pf120S1g2ClUxvaVpMn8FIKex9tCSoO1bbTKwG1R6JdAve0Ro8Wq1UCofrw&cry=1&dbm_d=AKAmf-BNU61HHfpi0KwQ7HBZFR9BULiKXTAd5KXznTlsuloUEh8mXlaCyaciON_HKytNj8UWzAjFb2BsUGeie-V4wqtYt2-fIQ5yFh6TzEUpemru4DEIQdPc22AQZ4fV-QLsWqzN6aIJUbEsmOD4pLjBezxILJ5wfRJRSFvpMw4YOQQj1IWr0FnT5gBsk_Nilf_8Expdm28B_Kjd8rZPew0e7nbzdq1cPqrE7wkSs5M6cNRT6_5y0h-tr1VEZwE0ikJeui1sj5K6hRtFmTdNj_pI9R21RP1ujpO9wiZyOI7_ZZ2UZnkwQQVCKXZHgq-Wmk-mNyjFnhgkdNoTx3AlfKuRoF-Fr-Ks8hvb1Fu3JJuc7V4Xx2XJixBjx87svoujr4PfMBaKlvlpnMZ_9sgVkvMtNSZteBQZTkX9h7kb5b_joH40BSVZSDwCL_tYd4ha_7RYM_CAH0pceshMrLLE93--6ZCqU8wk2OzwpEVoSvvFfFkzAbIkDcfqOUjbnddTm4FHRpYpvjJpxaL3ss9DydARyZioPzNrNsO1YqdTvESbfAJQUfKgjBfx9XAb_QDSpuK-4JoHnCDz8t-sNl1hq7a9wVvZGWX5E8NbJQZzh1CSjZgQdHxpoKex2G0Dik5VOrrBBshbu2Yaih9hc2cQbKcE5pvjTamZ6hsc3tM-LKWv5yNpGEvNhMOzkmjAZxu9V9ToYdKx3P6BGkWniBvoPzTGSAf_lBp9ZyYPfGrCrrhYn4-nBZ_hq6VZPRRnpRoV2pOrbKTkvQYwG3Fp2Fl2uy_oELf8Z1xLWBP5JJjDmbjyEImDke-JaY5hmJ-hTyd1cv5Fdo-yGAgIHQafYTkLsVHMvYdSmkOYYUo_gN0eaNhStgcV9niXhXsm0wS046PsQK5FQKJ5Vtoy00Xp-nTESM0qsvHyurN0jTmIJD5wdddMSYss_b6ouYZYTJeDB1U3GKNKbe334EFvIJ6a85Smbkv6p7SJp-G534wnJzlbB_yY4NLc-W3j90FQVh5CQ9ZMlTi4APhY-um8FXol8poyDUoqDalV4BZ7XTz4eusilZ2cJIkVaZhXYWKpjPB3HxX_WpD5Nw8fN5yaEyo49iKR70n9cx5Vsf8iErDSavyVPZkxvYIlWG2a9efvXRSYIIlW1MJ1VABSSx0LPe6dDBvF7t2bw_SeEPMXy-I9-rzuuNCTeKNMVsprebixuFU1aJI3IjGd8L73MUh83qkZ_yhHuSSIaPyXwm2_gU37HKiRs56C2WrmZjT6QeZPdGZFWym3_9lYuJ_7fgDjJiUWLu9uT_aE4Av26JgIvQc_7GT7t4oVtmjSGvBrPluIr8_isoN2zg0UVDKJgZX7_rsRlSTUorlu2Svs0wap72nNOsPEljEpx-FlMtvQD_-kI5tkQf4IS7r-V3D_V4vmbDdUvQOWwKx0j645zLvCTp-iTBLp0CRNwX2MgRiV-zY6bKQ-zE9SHgLsVkqnx-pQEUo8cQPV2xFuiL1cNGm3uMKR4HNetwvK96pHoNYtlnEh5e8Aq6_KBTQz5qatWNXaTAxZUC6CjfzYqqAKnbLZU7tbBDPFf55kEVUQCeIFIhTs7vGNdU0yWeVDTc95VsHP-0JyAaBdqm54SBWNWcHmGGSFVuV-K0Jcc92tzwyTr0o7bsxTleTEcTc63crYiugEdLwAxH8j2G3GNFNA6chc5jIWOLqHKA4z4MTFaP6N-VKCqCvTUQmGqMcNMaTz5sRFrXzKDCq3bfSRyjnQXcEziKOLbjrSs3gEL-S-Ua2VhVixCOLT4EXCaybzLwN8aAGLsbb_TFys3dqn4OtqC7U1Bm7VNHT36B0kV6cK_PeAkw7ZFc5RGQXONt4Aq2ilWJ_i54mA5q7-MXcJCvLb6lJaPfF3-aL1SRJS6kpL4yFmRy7WW6auII_FRdZeC_oZZNpm1zNh2dCXKygIFvgMdjYpkJDHOFwilyE__DU89s34vn0V-xakqfXQFNpnibVoi1kWDw4wG9qQlxyrEg91djgKyWwWEZBIwEmNKlN9NTSnh4Y-W1a8e1N0tPk9Umfy158-5HPxwezr4YOAUfo4illkIg06O_DqluNzTz5uNabtEVMzvq9FdnCbBXlDBEB_DZfg2GVD0qDk26S8p0-ma2CEbWwt_Ay7kF2uD1MxlqSM-ohA_0lrbr_HhxxHNjBqQ1HwF3ShhMwl2DRi_qTrwKdlCVwMO7qCeXdxyDRh55fIH6Vm4qLSX52ljc5cMKoIBHz6K1r6q-dkk3q5DrcirHx8y1sk827ex0K7rJhlAI4YSHyputAkB67PKATzgr8DOMscNL8B3JT-TCinlQorWJ5ZESIK_K9MOQgXxbGd2Snn5xKoUA7Aaic6GpH4tCIR0vSL1hiFx5dW2yt6YoSOKn11SglCjm28lQnYhcSRwuvt-gaIuvgy_5qHFwfKl4DJ91WvznBjC2By98CTXqVazwFEiEsTEE15dHNm5x0Er4MonF94gVFIGz2Xqw59iOMmGbhifZ9lF9zRPK2KUh3Qu11KZITO7Fi9f-p6GkSvNodqFyOWtijw_akin6tNEfurmFG3sck6o23o1f8kpROtFdNWIsluHf63G2R9WS1sf8-PgMg38L4-t2bGn6UxxeSkHIDGhI6ZPeH8XvTWTKTsm6vBX0lh_4XdJ6Y5CYGv8XbImPcE6qrKzUYYtZFMAB1TQ6ZSTniGLQeX2MyoXuXMPLm-Xv0t8oqi9Y_1GMxBhiatLvNKMaK3VJ9C7hL2xwcNcd8yetereJoYSEYc0NNHiJgSTMxTXjp0sqcRcQJrDRhzH9Q2632K9EYPv_9YiuHAIvQgNicMGI6Oy2dmnOnf7Gi9TyjK6zVCineWadbz6PI_2YVyfvEnytHBfYj6by7CDz4-mQL-ahXZ7nNbGdoFqBDECDLJdKfoy4tFwVsUO71FJfGV2QhsaVvx2MeB6XhJPDPH4ksU30FA7_qqm3n07ZpGhY3xPex_FRVZL7q7U3qYsi829AG8dXVIB-5xlByq1tUUBoDN8af9Zpjp9uRXexgasZlNSwop6X4KndB84oe0-v-0Lkf5snrHimAb0wefJwDpu8AEA9R-CiNPyZSZWajZDt02hSsj-WsarLlFR9yv5l7M_L3ZCy1JRheWqaMiXqtzb6JLEovElXoihEuarGLLbF3OQ2qjhv1Mbzdpfvi7VkuSlxy9-ecDx8OjyPPNlRMGkXF6V6luGMCg9_to_FKPxj7HUV6uarNbAjOejIHVm8tAeKoS7m_Pf9oOddGE20entY0XePTGUN42IwHM2rHIZA-u-uVOsNZuhLAVDEBlv_7DsdD_RQ3eu-y3kYDuQ1yxX60wFQK-GeOvTF4lZ42_zisoexxQa1KG-qZhZxp3cPR3xHZuJy-GRC7f5b2jOzVLBgvYz24Mg3g_Y0sddkz8UWaaGcZfOzHPaayCKm9pKZE&cid=CAASKORoPfgJu7pv9GueH7MhuEvoKPGkqSyaVq2098pEOb2xS7cbSxG_2xM&rfl=1%2Chttps%253A%252F%252Fbongdaplus.vn%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:38:07 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9A6A 41 KB
15 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 11:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 11:23:17 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame FD00
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH9cNgUjDYUgS4GwFRSEV0M&google_cver=1

43 B
106 B

16ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH9cNgUjDYUgS4GwFRSEV0M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYoef4xgEwAQ&v=APEucNWpIi-0e-81QGfsWRUI2VTTh5xx7Yo9MtiGHAFAHaZjmz2kA7OcFfrbMKv8Cu807psKucqMeQJsbvw18nqLi8ODIAISKmtDaHUaxjfm0R-olnqdfoFRcyrJdF4C-HQ_EyVBvTytlG7c_vBALo9HcEWc0HMlBmhyNcdVyIJpOCY-c-UIfdI
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH9cNgUjDYUgS4GwFRSEV0M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame FD00 43 B
120 B 50ms
18ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYoef4xgEwAQ&v=APEucNWpIi-0e-81QGfsWRUI2VTTh5xx7Yo9MtiGHAFAHaZjmz2kA7OcFfrbMKv8Cu807psKucqMeQJsbvw18nqLi8ODIAISKmtDaHUaxjfm0R-olnqdfoFRcyrJdF4C-HQ_EyVBvTytlG7c_vBALo9HcEWc0HMlBmhyNcdVyIJpOCY-c-UIfdI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame FD00
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEOhpbEvRW1yrw6BRjlBcqYA&google_cver=1

23 B
172 B

54ms
53ms

Image
image/gif

104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEOhpbEvRW1yrw6BRjlBcqYA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYoef4xgEwAQ&v=APEucNWpIi-0e-81QGfsWRUI2VTTh5xx7Yo9MtiGHAFAHaZjmz2kA7OcFfrbMKv8Cu807psKucqMeQJsbvw18nqLi8ODIAISKmtDaHUaxjfm0R-olnqdfoFRcyrJdF4C-HQ_EyVBvTytlG7c_vBALo9HcEWc0HMlBmhyNcdVyIJpOCY-c-UIfdI
Protocol: H2
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 29 Aug 2022 00:46:01 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEOhpbEvRW1yrw6BRjlBcqYA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame FD00 23 B
172 B 172ms
53ms Image
image/gif 104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYoef4xgEwAQ&v=APEucNWpIi-0e-81QGfsWRUI2VTTh5xx7Yo9MtiGHAFAHaZjmz2kA7OcFfrbMKv8Cu807psKucqMeQJsbvw18nqLi8ODIAISKmtDaHUaxjfm0R-olnqdfoFRcyrJdF4C-HQ_EyVBvTytlG7c_vBALo9HcEWc0HMlBmhyNcdVyIJpOCY-c-UIfdI
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 29 Aug 2022 00:46:01 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 01A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH9cNgUjDYUgS4GwFRSEV0M&google_cver=1

43 B
106 B

17ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH9cNgUjDYUgS4GwFRSEV0M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYoef4xgEwAQ&v=APEucNWQpUkyI9ZblLbQ94CBHkaQCfP28g-ow_iHh52JueOEwFqzS2vCLMIJWtXhH2vRom2UFcZyAEoA9XbT63RERWk5ipfE_XqQciqqb_m4Mo6ojEbi7_U36jJANfnBGZLNwgslYJ4C0KMWWcnoQ41RWIFRRWW8opw1KsSJtIAveaIl4Zdo5eY
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH9cNgUjDYUgS4GwFRSEV0M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 01A0 43 B
304 B 49ms
17ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYoef4xgEwAQ&v=APEucNWQpUkyI9ZblLbQ94CBHkaQCfP28g-ow_iHh52JueOEwFqzS2vCLMIJWtXhH2vRom2UFcZyAEoA9XbT63RERWk5ipfE_XqQciqqb_m4Mo6ojEbi7_U36jJANfnBGZLNwgslYJ4C0KMWWcnoQ41RWIFRRWW8opw1KsSJtIAveaIl4Zdo5eY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 01A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEOhpbEvRW1yrw6BRjlBcqYA&google_cver=1

23 B
172 B

144ms
56ms

Image
image/gif

104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEOhpbEvRW1yrw6BRjlBcqYA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYoef4xgEwAQ&v=APEucNWQpUkyI9ZblLbQ94CBHkaQCfP28g-ow_iHh52JueOEwFqzS2vCLMIJWtXhH2vRom2UFcZyAEoA9XbT63RERWk5ipfE_XqQciqqb_m4Mo6ojEbi7_U36jJANfnBGZLNwgslYJ4C0KMWWcnoQ41RWIFRRWW8opw1KsSJtIAveaIl4Zdo5eY
Protocol: H2
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 29 Aug 2022 00:46:01 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEOhpbEvRW1yrw6BRjlBcqYA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 01A0 23 B
172 B 172ms
54ms Image
image/gif 104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYoef4xgEwAQ&v=APEucNWQpUkyI9ZblLbQ94CBHkaQCfP28g-ow_iHh52JueOEwFqzS2vCLMIJWtXhH2vRom2UFcZyAEoA9XbT63RERWk5ipfE_XqQciqqb_m4Mo6ojEbi7_U36jJANfnBGZLNwgslYJ4C0KMWWcnoQ41RWIFRRWW8opw1KsSJtIAveaIl4Zdo5eY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 29 Aug 2022 00:46:01 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F245
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH9cNgUjDYUgS4GwFRSEV0M&google_cver=1

43 B
114 B

17ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH9cNgUjDYUgS4GwFRSEV0M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY5eL4xgEwAQ&v=APEucNX1lUnf2mKKe9AvNhCwXWzTT__hPVyYtvPIHWXvwvO_-HOfMX7nKlKeWe3qZJWXQ6owTpU0YF79yzSV2uGJL3kYxuTkiaT7-tCwF6_kCfo2vm6vk_bNJpX2SmFlN_ShkKcu0rZivNe-7QIACbw-0z09ryKw1Qxkvs6-n1ohcUbBRtBWQjI
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH9cNgUjDYUgS4GwFRSEV0M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame F245 43 B
120 B 49ms
18ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY5eL4xgEwAQ&v=APEucNX1lUnf2mKKe9AvNhCwXWzTT__hPVyYtvPIHWXvwvO_-HOfMX7nKlKeWe3qZJWXQ6owTpU0YF79yzSV2uGJL3kYxuTkiaT7-tCwF6_kCfo2vm6vk_bNJpX2SmFlN_ShkKcu0rZivNe-7QIACbw-0z09ryKw1Qxkvs6-n1ohcUbBRtBWQjI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame F245
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEOhpbEvRW1yrw6BRjlBcqYA&google_cver=1

23 B
172 B

139ms
56ms

Image
image/gif

104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEOhpbEvRW1yrw6BRjlBcqYA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY5eL4xgEwAQ&v=APEucNX1lUnf2mKKe9AvNhCwXWzTT__hPVyYtvPIHWXvwvO_-HOfMX7nKlKeWe3qZJWXQ6owTpU0YF79yzSV2uGJL3kYxuTkiaT7-tCwF6_kCfo2vm6vk_bNJpX2SmFlN_ShkKcu0rZivNe-7QIACbw-0z09ryKw1Qxkvs6-n1ohcUbBRtBWQjI
Protocol: H2
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 29 Aug 2022 00:46:01 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEOhpbEvRW1yrw6BRjlBcqYA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame F245 23 B
172 B 173ms
55ms Image
image/gif 104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY5eL4xgEwAQ&v=APEucNX1lUnf2mKKe9AvNhCwXWzTT__hPVyYtvPIHWXvwvO_-HOfMX7nKlKeWe3qZJWXQ6owTpU0YF79yzSV2uGJL3kYxuTkiaT7-tCwF6_kCfo2vm6vk_bNJpX2SmFlN_ShkKcu0rZivNe-7QIACbw-0z09ryKw1Qxkvs6-n1ohcUbBRtBWQjI
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 29 Aug 2022 00:46:01 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 312F 30 KB
12 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AmGz04WpY71J_pIEo3-trMm_E1Vaujpcrm8uLVMcjt7wDdf0LLwQDO2lyFZTAU2JhgpyAGY0eb_ol-LRa7zyeOMisB8kdPVwDsLQWUI1MA7kYLaCn9HwxVRBcIAvZKLQC13ClBqxVIJ-3cfWppqwEGYYZavg&cry=1&dbm_d=AKAmf-BG04tGjuKSeNmEIweKPtSQ7TA_486_0IvLrJ6ex_6Kj70xlNi2QLAvOfup-L7u07Rf1r_a4bzTvBURB-fPlxlx14GvylV5K7ECivxCkM8CjxW6LJuOqUmCTDz5_M_KRb7avPIUxcAbozV7GIPn6MUv0XlauJE8nIN56IWhD_2rn-7XS6Z8llJi-s4A5YSvywuzXcN8UjfYXL_ldpD8CYwUTcAgiRBL2ZxI0BslcqloAFujwt8bSp8tMPge0H9-d-qjXZ1ovQX7_lPwHU9Z2gozoldSOuHV0arCWdiydGKUZcsdu0wsJbTusk5tmW5zCjlj4j1xuC8zA1-KXcg0Z7IQrIantryQmLvPdX0G-tNkmtNo9sqevshKV-wBCRO1qakkjqttLiv6E1vma3kFRgksPPCnTVyKrpH-W6qlNbr2c7FUZSoxVAXNv14Jer8F9Rj5cQlopU9eA4u6vAanz9hRRjxyiWdPPasDuowiOhkQvWRMh4OJwxGk8TwJhcldQAcqbxVDVC3PGEqMDyVa6aU_nX5gJQN5AJXNj9TnwyiyKFzw2RxWnBvy1jxyNyoy53yjzDKg6ttijswZg22RhWkRs47RI9Z02WU6-c1WxPF7FU8aZ3ZB-Q8dyFR_qoiu5VQ1_zNTuyHpqXS4b-JC-ml3nY2CeYvdncbtTPWQisJbGSH4NrVt2S-tkBsiC9k4-3M_8S_fs20bI3stzm50dvHQeDebJcbeZQG3HPbwbbwsg8tW0AMGMZUPPUMt2ReDy8lazhopNlOHP-ezIu2VGUf1_nBnVOTInQSIj2UJONueWpLriGqh3cPFYZsrlYY-RzROT7CaiKEFt0MoyBHa0NnWC4PJOrNfAPWpvtyCEblxT_2dfG7W8X0PdCvvEbIP7f8FbRV4MZBKM7Ybw4x8_Vnttzz135BWMuViAN-CT-vQfX0I2yiGXioICqd4z3PlYSaVjoaJ_i9bmqjSWj8VQ6soVoMwWQzOZkW4Bjy-QasKnjqPQTM-5qmxm4fq0uaK9Wp0Iak62WvEmUVT0trZIOuDDj5BSuvAleBb7_hC9Up59IgR3CwbfPVPlAprxt1PSJwTBgBf6cYfmsSHXLcdSWAS4Sk3lLp8TdPKjJacb0tXIPD2p1GMNi2-FJrjK0lp_VCgR0THHHtkobB8jtnccJTM-rW9ZSSY9WyYNGIWKYlRzM3t0N3PkQpESE9aSEOSvPQ4U46yqaj5fOHuWg7cmuScTI8jfVD9FGuhKytIctA8dpgOzA2O7htprdB5qDTY7AY5D5Mt-AqZywRq9dv_bUmFcpuVIE6fT_fpktHCp0DSUJD9fP_5YRpq6hLbOzQ5phKS124UvHjITW0LeYU5D-UKRuNqngPzjT0JN29z5rSzPnhZ9BHnUG6cloLJFeV-jykJfgE2aU1uhE2aIg_8N0PaMtsL6NoLGfwyfkXevTG0GHsDjKuQ_isQNH8BYe0fzNR-C-qUZXrkCH8EmOuih7erqOE7wceFvjv_5TZuU-IxHiT3lsELVsioxcSTbVqiiS-5eb6N1IZpBnkb_zTLXeJAII74ZTwxzxqbcYEYxBK-AZRGqPoetxuVL7tEGG0y7-zpuE8I-k4W6yEyJBnA7dFUMjMtMEFDhquZpfqY9KLaC2CyqSErKbdXh-LsUvR_kIfaQi0SPPcwV-g6AKGpUOLHLEGdvEtfCOkDy0DgjfmzOjn0QMs1wWjdSh7BqTFnxgC2GR8S00NZnxBzXvapy3e6R6uxwKhsRYQ5C0BnZA2r3ti0X9acMMk1ocS2L-XNgvAjwKFpiPpb8d3qm_PpkY7pTqjpf9sUBCunPySHQ3SIxhIq-mJn24Mv85rHN3Mb0DDp06plY9e0Xoy4PrcwWdZhWZSvXDPxATE6pPTkS0iC25bL7LAyRreg-9_9rtwCzlNVAUAfbbFdTEwH-oGDPwcw9A3sWK5ZfjzKPiurvmZErR1vLizlRAiiFNQ0SkLxph2u3Ha2L2OOk3IJtZfE85zo5129j8v6DLKj4ywsNisZ39YgDrWg9LMarbf4WnVmrnXASrce-my3MEcNZjMpN3nrebInU6FLfBhAsz4eGxG6hXhSaWN-DVqJnYBxBbsVZXyimZdtdBtaQxyN92LPAjcvHQ6j7R2ax2djRae3Af3De5E28jKUO1uK2P2aYBkawD7TnTnw9GEumJDBcBjBSbho_pxhmxDb4uLqikAVQzlUuq75xK-IG4_0Gl9jfsJgR6KMofjHuFUp7rVzi1MIOH8ena4dcG2n7Ty_gCiN6ooLcGXG0AlekVbHhiTtgIMJBh2RztDW2rcAVYYVr8fVcpDUbJrFzwgoUMAsv-ZsjkwTQIFV4tITVzD3JVIIaKlbMhVlm_-W5Zuo4Rywy0bhk1-m_JPCboG7JS-UZKzLr1yFwU2pyRgVYVTPNMmI-ze0NSFkt_eEzKDbaNmGbt1evHdLUdPo7hLlJ6CsSu1x2s7rqn1WxvHIK7MALdADP8SsAw8nkaTsdxf0w4cO8-7Kn9f0msNF9utcsqbQmw1EyTWxrixusZx68G03nqYuLvHlcNLOj8b0Mo1QcSu8YUqsbYvb9KcWsibAk--MQAovUV0VNaeSbwPrsLaOAjXj6B9U2QDL1jmWgOvRDhyKpOSLlTRtN1KFKdR0m3wPDZMHWjXo3zE_l5qG9l9SHNk6vE321MYsCqVUmuRzTs_p4ARbNu-8xMG1wxDUy75CSWe_WvUV17_9yGiNYOVgDsaBIugLWz7-I6RJdw80Ug7JNUK5jZjXoNGxNAXvcf-09D3v2pt4eWdDwuQaL_SLqGuIjmc-wI4EmMITqBIVjWVDWr67TMIZG2AYDtGUxXAZIjpnxh6cZ9G4XZ_HSg6FrOBWj0zIYWIxRAU47KIsVk4Kig1nofuOvbs-0WKfNiogcrNrERmZkCyDyj9OybOXvCCkdDw5or-xoVxBpkGnxZBbZ9uD5MvZrpiB2K652C4uE5RRjWKIHDo_JG8yZaHZuqOOhTa09T8TIr1plJGz_-j9_Dr1ICrbYczk3K1LJO6VaRwwSU54AbHJhaAq1S5fF-m9i4yIAG2U9bs1UP36gwMCC9fvL7gJ0i9qQFu6K1E3JsBSMe5_j1xRmLHymPNDtphlyMPVBHwFdShFQkU2mqiAQ-nG_cHH80HYpRKxwoFzVJRHMNtWb026GDl_AB2JvY495NYTqF33dfxgXSmoeZK1i2ICGqABXXELecQ1UADrVH8q_5xiPqWKy-CNF56PJpYA6rfrki9yfNZ3nz2IA0WRBqMZp7rNaPoToY5U5e4ZgYClbo8ll4VXDjsac5w3UaMIZ_ufMrkvmhDRB80fVvYEezfgQxApczWRrUNEbxS-BhBhTSLpFeYyoNFxSdLsXJnl8Qaj_wwia5D3aboonlPSBpxD0kLoJB0Eiaki_k2cx5wLVy-szapfAxw&cid=CAASKORoRLwXll7zDPGXA4HnhbTsyaqgZrcrB4sqOHchWh-kLIxKncuCZW0&rfl=1%2Chttps%253A%252F%252Fbongdaplus.vn%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:38:07 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 312F 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 11:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 11:23:17 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 7C7C 30 KB
12 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4VJRNVPmdl-c8XGr7u3FlRkTpVHBT3SMXDUdjsPQsHTyWtQWapjtugVOvVomMEz5aIzSAhPyvjzJYJMuMJhnTDEJyBE3Gx764nRgTvkmYD3ERoMj76vExiaJvvmQglYUrQv9gckcHR1Avn6y0Nnq9YGOOEw&cry=1&dbm_d=AKAmf-C85n8KO8FCZTIFbRwppw8qBYXPMb2KjJJ9IEHycpwyPgFSke2j0qMk14mNbG4L44Xpewf0ciwgTYpuxTdHXx220OO-CGls3PChJWe1hBtOBBYzloM6pZkUNYmiAE7iD5yqBjNpwST2JPsJuW6R5_Zqm_dEQXsT5OZhysi5uJrnbImBJKUQbphkYrcVHKBG-5MCH0ruYiUa1449ygcNJPEwCSGUJvQaMREj678yndetUdIbUfhLfE2s8Bn_gSgjnlF_JhOamhTzXaUMxs48CBLc7cxrwrhBuNjDogrUgJGqsia6BHZxFoVxhVx5sMN8lR71vCF7929_8ImkuAcqO0SDdxR4qIuRmiaLlw_BD81YwnO5UbQdiHZP5HCl97Mi_HvuX4pVOkYJdVXGSQ0YeyWTKeq6aj9HMV_VFznF-_lFYsNbrLHDJ_kPUJohWVC_9ctlumD27x4gGE8ossWs8K95dl1eZtT03S0fj5fYyjfDnz8Gfaof7kAvtHPPJTGxppjvqsRIaZuDlDeCnqbrRddTpOS0C1KYut8SlmizNd1DOgCbT3lR7n9ROssIuoMFfBMP_Mq54htUgdTlEqbUJG_l7mq1HvFQ9HcTiv1GCx_PLtWaQUKPwc8Wzc-pUVqZAdiZFcHzB-HthZUsYjBAzK5WSRkkRnbkPnGqoaGbKfqaJ2TFX-vyzSwnvpcYyZLFyMhynInQs2m1SANR0kqbc_QcH6-cukyjkEffdAaduwDHv-kN68JY2K7lQ-BkBWxEdbGE2Ks6e-RrcOexBsU0V59o-vvawVU7qZe5hAWzV1jayp-ysfgkoP-Lymids6VAP8jZpOIbq-Qbe51Abp0cQHsx7X4aTLpIHv3DEv1uirrYVHhPvC_Lb0VNWRz5Rs-JKmrmvnBNP-HBRyRYPrWHeR6OVKE3GGlj42UvE4HEQWD8GNKvndHEEn3539J5R9Txw0Eeg8VOd-XiixpFVch7Oe_rnhxxluPKVXFzw5UbSlOHXCSjHnnCJuSg6WqMC0DxQ2B9lxrD84ZMWJjz1TZSW8AQ9dA236reqQSD4TxcprK-SevGzGVRbeFqvifUffXJQ2JNUPTBffrYoEIjUgmTzQp76c_cMwUyTJTBe58Hqh33wEdLKqDrbX8KPPT8OQ0QzVT55HELRABkcA-J_6SfEx73UzSth8S8RbFZKUDpsX4bj2iovPg9WNFxf1flWKjQQpgf7JRbPnvFu8mjk6pk3l8fuFMvQTWKpx9EVP4gLXvcZUuBQn5TBNTos-JBsZ2v60JLzKG_j2JYrhElge12WJeyYlm8WtrH6tYMPWkrr4GLwO1EEHSkp7nQnNtDtC96axG2MgTOWbU_v1xgCcV4GhF872P9RUJrSe5ltQ_K1CdqycvdTBeDskVe4F_0UoPzYyatHI_EuYOkyGZd74BlYZggudLvQYMB8cmaLgtT7v6D-cIhVMk_U6WSle575IrulEbwSxyRhr83KzgdoTsZqLaA6_jRF5lXxWk2DEdGRvRYPgI3zPfG4A4BF-yMwP9YFZpZswTM_CCmmhy5dZ6IrU3Ze9yrAYlB3vxg3SoUMI3oS5zxaB1vAY9c0LimRm1a4IZ-GJECIc9MsOFzRaFzqPNpngQBxwHnGAbseBGiSM4asBV63laDV9LZijHazdZsCzwjlwxQbsXD6PJc3ZBzW_RdA1_FH2GJ00ZOiwAMGzRp6L6oTizNuiMdm1XnC_3EcnlGEp8NondxwIZ2xripyzxbJHUcHJVze5kgIbhUP_A4m7vLCOgY21j2ks6QRpMCoLChYyKx4o9IsoKBG-E5T8TwLGADECWdc6PpQyvShk8lwgxg0iVjfOHNYufK0lkgGirIWpeCyD264576pY27iuWsAQqwN4H7z32m-QLS2_Od-ZmLds0zmYl9eRgVCnhxLBPBtY8jeng2dIveuiHV72Txrkrkd93qkDXVbY3Q10gDwJXknLrn9hMuq3u_fGmb7TQlYFEXm4KowOBcvWC9zzfHm8YGWqEz3lUbGhWnhnqv8wIbHI7WaVWP8uSSKSPZbvj7pTrAHPK3a5Ueu57j3QQc9oWSd_4RvEJUYV1dEpH-NHtDdjHjOnaNGK6xTQMzQxjcialmbtQn4uZKsUl8zpNd7DF0Zac7br0C5oeT8CDjRr4diEalKp4jXp7T-Ftac8dFm_DG4-DN9iIc-tTVV-rWzI5p3GvcFFS7_y4idwlh7V1LXorg9VYDlPlEZlCwEyllj7X4yh38MJy3QGRrxa5ZJyDOTnSHubZjZaXJnqH2RbaVXRucztR6C2JpHC_A2PynY206bMCqK58GneINSyUduRS-joZOXhQQ6vXC4gu_B7aRXJ3KTLopk-nv1Ntwzox1db_OsfwcFSibAYMzCEEJpbWq07m93a3o1d1oz9Rmhi22C5l41_4lqJ0DyTvtH75ZJ5F6_DlXdb-8iPhvpnu1A9xOe5THb1LCpFaCUqkqNj5mvAOc_AfLhdFTsxlJ55CKjYOBr6X1seAPDVoPpzkZxI5Zf-Ej0mzHN9-rraS3WQOwfo4LMPxlWkb4gAL4GNY74S7AU0PpwERGHs5PGvbaPgqIAsmCUK0av5hQPqTuxQdRisuQ8iNKpNj7-_CHOYmxy8O28CyWTkjSpf8VdZqOqV0BB9mQwlCIzLasdiowcN-pH6Styl31W8H3nGONRFdJ0nap01GIpSC3y5zGeZQMTCPPeXj7bnd0JXkl14GIk1Pgz5PqT2UrwmAw8v51ow_mbze8W4N5rIpsRfB7ieGHndb7PunlvW3N-ngHE7-09ryMRaPl_K4eyaqWFT0ORr6SpfSIZtPMKT6F_vlXHoMx5kMT98_yI7L9IhVWjDFExbaVtF8usoT7SCqy0utwAM0qjSCG0dn_ll6Exk116yCXdgRRbz-On9SXYpnmhzAT09ZRSg3n1TfoD76n5MjCT5NV068jCXjgY8QnNfVbnK5Hy3RCXxh5gq0-acc9WFNjBzesROTyAdFSUcGU-bU_to7cN5lGbBRsjQ_gvlhe2sm1-BiEV6whzEnpdYw0KoC2ubBkmCEPsRvcSt5Ks8_nCMWQ-XhCe8eP79ToSKC0zzQfnd5dbcHBXVI-M_D5a-Ai7LDCrcuseBAaS66gqA_tEYK-VQ7raNsMMbGS6DJCgWlzqgC9ENRVZwmsQmjsZWLXY7xCVn9gOZc5OAGCvA7lSjBwWNvYm2MVy8AbuF8JexzGkm_n-o0LvZvpnBcqjqk7UbqWcYAJuGiXoonMJNXJkD_39hxjJm4ErgBH1iSNITMai9StcmQ5EmkmRx3_TbQDJpGenx51Afo6AeEm4GGTRA8s28CxX8u8un5q9t_Z_3XgRalPWGNuEO4GISctYLJldgKuCO9TITteUGtiqbefgtrQBKFqATWqjxFseNVCCPtZmsXLFUKw4mIYyYqD5hMigwqX0jU&cid=CAASKORoEDcKPyI5Sl8AqxUCzDgPJnMzL1oZBAnYuv4R-plGrTTr34zFmDk&rfl=1%2Chttps%253A%252F%252Fbongdaplus.vn%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:38:07 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7C7C 41 KB
15 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 11:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 11:23:17 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame EB3E 30 KB
12 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARGHqF2EKAGhRBmCYtloAMaQfPg-5GD_UtP2ilM1maX2TqsQPzR8Ojlxv2KoOM2t5xJ91EBgrVZEWSWEd3_flzpb24awgMqOJCMf0qIznr94N9v8MSNjcFsesnp-jF55am-22SrFbBaBzG06p3Rg3LbAEOKw&cry=1&dbm_d=AKAmf-Dhs9s2R43KftPy7G1l2ww25sJfwt6D3QJ4B0e89fvYUwI32nAwcFVagoOqI7N1rMc3qH5Olv3r1ti2dsmx8WQO9ybQcIvEcHEV9a5KpbLnsWJRVakcLzCocP4UgQiB4ZL--oKkt6XXUWdA-nuM8BJtMGuLYao1EXJ7oGSDUwcfXSqoKyQZ39-EWj7gXKYSBi4-XvxjtoqK1jlcMW9Whmwrj0majD01_zhkWDaUFNjzv5iLw6GypGrU-tu3Zx8nsU3_Jjy_RwrZJ9RyeEnqHUSICHppu2TpmJsNCgp0_yRkKzi1mA_xaIl2_L60jb1pmP_TOqNX4noxqMZtlicK9ERdAhDdfSQynlrRgDs5lrccAsQL-ZCpeT26KWvzGZKPKElcxJiZWAwQ257CeFjwXbrj2Gni3PrdK7J7CSDJZ3nx9w4XBHafUeg3z9fyp7s9hzFgWuKohJSYD-m-2dZpLVRFCUxmStDV2aD5QAzWv-xjcv_7ZLqGyIuWWGsU0lXajTpH5IYbr8m25pGB-VgEPznwydjVbgWUgFEva_JFkukRBBtafCUCQN5plWQU-L2Hp2D27eKuRaxfNXRmGINAh1AS4VlX8CDkmkWcYhmAS2GTkR_Dq_cEuijuOAazzWcRAu5j87eb_9oawHVu94Xevbn4kng8IfNVZ5E5oT1BaFpL9l8WG5hw_1GjN8xBLE1fK0tu2_eSbvb3yOBsGcukl4L3RZ1C4ffi1nIKklfargxPxSGEH6m602WjofOguG-rpFXjy1tubIAvHNo2L-Kqc_cE6ro-USZMJgf8s05X_namiY4rMZNNJ-XokUqkYYX557q31bePMEsa35HmGH-2EVBo5jlm22YStk5IpXorx6KcDYCtCX4BAT_egG5sAQNPf2cU8j4pKTh4E6orzbdPywDpc0CTPtaTZTE7ndTe-hQ5xniKVlG-Z3lbyoY-Zf9Fqw1XhhxesUuh_QQKxMwMLHVEvr5cp07oyrNt2Ixd26cs7p1_X9m4i3ax8LPR7iH0xZW7bh28o8_xX5Xo8jPcH96TxHxdAbhxnkS0PpE0S8DwrWKThL6Rb_yhtEOYVhi4OCoNl3pbqzFyJVqmdIn9nb8zEm6WEqrcTmCwnuynkBNPfpLHC4IzI2NlqWPdljVB3F9b7VzVVBwG4CEcFQ68yQE2NSI9vSXgLaK-0ZVMuA1Ftg9hVTVr1cXt_qm4wzlg66P-n4fPNwtOrZy2Z6egM3buv6VnSsSyZN8sQjsj7kgqKveG3UIJ7XIw-q8RpCrgULN9lEBpdcRZGdmySqhipnMF7TSM2YIe3J-_2wtE-bXS-jLvJ38qnJPbmgO-uW-f7wHKsonLV_g_L5WM3ZFwYlWitSNPguRUKlubFWrinuBajvpBuBtg7A-dxG_xtvRYQc6OvuBsIK7jjRI7p_rSLLVEun318I0za-vq5AJ81m2UgJgwuKMYUjLaAOnbbgiDWBkypoPRlolZF_fcN26rETB5GuJS9DCAYzVwIbScAv7N-DgA4uKRnKD3dPQmFwHHsXmYf-JWzOR6_zmxwJysr2opbkROmgZowxz-pEC2t-W0bXmMeaDdx3D7kE0h8BTVtiieMXNhq25Tyr7gSll2FkRdXogAAvbv_L0kLiTCWKOqxNZO9DMpFLukNDLOAbLe-vQTtLlLBqUaS3Kt_XeizlnsbC3xvmmS8i2hwbuVgNrXXSen0F5kr7agToTROdO2FOEb80H8t9crQFnBj-Wt-g9A0m1tC1HDSdB61QXVOMAshN4AJOWMq0LyYfXixLsF0R1Pdk5e4nEgMwqIPP4RlN5NV7bEY7z1vDVUbisDxkGU3hP_6p4KDhpIOtMk1K_MflC7vTWldWj_gwBpsW3VYx6ChESBxSAQpoyvafmwXzkVBJ7Kh0AI0Q3VMsEyiiI9eXrJh6NH2rwEAEnuZnESYpppLcDvl05E22Z4oPuyvVjr2iNkM-sVvNT-_QYZ-ZX1PuPV5y7fqAlLYoISZ1n7mexSCg0JScH5HbSK2jh4STVgrsMLCYwTpTI8IBXDaT2drIRMWtTR5hiXO8TWZZZxho4-dI21oYbig5SwR1ouR-MNwVVCM_LwNIs3uJ2ghuLO7XivMXPWlEs94ZRdwHkSFDIzgDKEUtwdwhku91mYiamr2NNUCxXR0lJN_a4LdmOYs67niD_PQhRd53i3OJJcm7PN8pDUiSOTYtgqmOO0Yf9kOxlwaZB8ATbXH3FP3Rg8pF95mLj0Y4K_0zdxMRyYiJ1Dt5ZhdKe4PxGx44yXIfA_po_LTeFAAK8JN-KdQ_FDQNP6LyB9Zfh7cKlnLpkNR8g8TPp-9VkiKqQrvGnBo9_Mh9YWwMQKIcuInyLuHrtT_DCWcogZUIL7Axu3DeGAkzOe5aaV5hWLJWCfDo1DRgHsebk48Zhhtk9DRW4Ea_DlDJndEaFh0CXHhbpLeb8ImRv_zgKkgxVwgKvynRtnVaTll9_1HDBR1itRdsx5RXDFhdLWH3RqMYIekhkIf7eUOTHu-FOPprjz4E3omoAIliZUnLfdW9quU_NuUn_Au1T9si9kWp5v7a1rkMVLURIxQ3A7iNfnx5Tg2wR2keFNq8wQAEWILrmd9RaJlKxagyV3DY_yypAjrD9ZHHXnhBLBNd3P2m1-4EY7sW2U04wDKoL6VhljHbCz46OOf0BUk5I89JQt_0t5xv5OUhGs5GuMfRIqCrkdKQZFCgrEIOi3mfqn0eVchgcrU0QJdzh2kbq9gFvJZZLqzuXSLOaKfRBZtuloCq2kXBUnzBeo7Se2oUM4YmHs_-r3wzi1MoKgtNfsjfbdCYvdn2tBqowtBTRe09B1PB3Ne4kFeYhJ-x0MX_iRNZoFitpFE5KRy2dDpcuDXjgy1m-TBReSc7115vQ9Wv2Zxd7UOIPvxXYzwrlG1NsbiFDZ_k3aXCagscBcIcbgRSp5KOc1xlEQUeGPOhErqFfNsVczz9lK0tUW27_JdxRKFpeirDQ4_kqBEHcCePYWrooBp5eR3mCcvRAYJotaSd2GPrb4dNjZN9vl9OSBItJXKhBZm55_CN2FOnGcGPDkewewub_-FwKpM0LT6LIVl8AXbyXstJIHyMjSbxo9EQ2sPBXsJ9gqtOeC1sm0qxeVoAPGCEKQEJFbtqTCdm6RttrK8b2sdggDk2turMQItpXdiedBJelQzuJn4YPzSEx1t_gdLY_eWweZxTsV6oqOFowXfUPcxPpYWSNcIX37u8LK1FfAFAHXXx2qXtLnktY5f1e3rsJtaaHqpYIM09j3SMzK7ZEIogfcTpu3reC_cwNMKguR_uP2vstAbg9Dukq9DC1oVWeRya3g4LB303tLzBk61PDoId0xHFvfveu67uzaZxYlhLZFoMRWCXm92PkbBCkSTtPKimBnTXvcNU0PtW0skJKZvh6vbH71DfULRBchxRJ3WyI&cid=CAASKORoEZW3D38_eWV20ioVVCOtoB7AM0dea2_H01GIAx3bfIwOEs9sTBA&rfl=1%2Chttps%253A%252F%252Fbongdaplus.vn%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:38:07 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame EB3E 41 KB
15 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 11:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 11:23:17 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame D652 170 KB
59 KB 58ms
7ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Origin: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 07:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60902
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 07:50:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame D652 8 KB
3 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AIhZJXLapZSLCl74iyBOoBzmMbLqHGZOLqd6-hfcxyiUg51nCuzsToEoIpj4dQRrDs6j78In4IuiuHEI7iVy9XdKpAIP6DPT2X2JxBSqF2LotP7ol9541tOIVhPjrr-vLsYDbskeCRpnEsP1AEMsE7_XzUeQ&dbm_d=AKAmf-CaQnMavMd-D-WrmcDEKeU37XZXOa59AZIxwOEtca6F4Op3KD3GejJVUwiN9b9H4-4uIOAbNHn1QhcUcVVGR70oO57ce-pDkSUctQcWtOqlO-h0WJ_NCgyBIu-WKIVCBjHg2S0iejtpBwVGMtR2hU4mHR6k0BUoy3Cjtr3oKJGgDDmNB2HiOd7S9axaCJKZJQQrVfM5pnNnSrZuIFvPIuV2PF420bbf5nFqw0HYMXpb86txJ8UbcuLlPLdew5kOE-j15zkQ3ppQalLGjDeXzSV8O79T5hr-nQyR1SBbwDslOHWaykFfxGCOVHN3Ft2MqUg-XtuRhH1vkGDUkDXukqgCTOh_9mRtxytvAgpxEnRcZRzrq7LFNkgAtasH6TZiXd_7gVJDXEnyButfImMW3twiOqAxSZlY_I9kJzC47JB7tQSz5KqLJiRrdU0vZxD-faBz7VoYI1OU6puRCT3BGD9o5x0mA3bGcRe7qjaDsvKKCIis6jKoX8MsML3hF8WPxeIvfsHrR585R35E62qdjPGRPexF_J6e-GzGnwnA42d2C7ESwA6D0ignqLGcUgba_HRekFQvLNhlMtvuKMtXH0z8mm4b5glYCmeNQRn_OeUtHGIVsOnn9eAbGmsgCd3CCRA2pATvWzgzQPWbl43lNueExxNx48c2ZqgCBFb8AeqFjuOPwB669NYXBP1cTBBTKn3JdDQj68TIOzk8Ck7cktFQbuYsFmAbXGG8jL1xEo3ea44ZiC9SNOTtcYbeY5uzbDMMQpvnqyp8IHLJm4n1EreXUSOHB53sRn3Tgtb9GC69_eLGODucKrTNczuU943EQyvSngD6mKA1JiL0w4fDKRrhk91c1_bjjdpBrMQL5Sp6oge4DWxYAVmsBV2K8jSbQ5sQNeScXE1MfPpSN_5SUOlNlY2kVEUKYnDTOtlxlmq9o7pfnUBrwY1CvFlvH-doK48T5jmC4AlNvqNXw8GThWC-5ko1NfsJTq_EqgpMtsEHeQB8lUecydg-5WEv1eSlrWOSCslZHZnFgtMaTGqi71YlECQYZbxcohIaJdHtVS0pXPsLXMCZyHgZIulxReJ6ncqw15hrX5PZtpprw0DEZQX23mSU3QjmUT3ASLDnSS4TfeuVSgp0hWksrickyZOZ0kr4KxL8mUOfK023QwwOkUoeMafxPo1MSPY4YGQImEsLot0_Uy3sVIL4L9fsb_O6jz9xOAw_PtbB1UoqPXb1I-4cisnf3w5HWwQG3A2gjOg5N-k8dw7_I-Cr2K1ivk0adpFn2eN6yDc1kxHQI82td9rWFDCBfyxkTd8-z6-rcYil4e2306QjOBaVPnTqjJCfjUXLrpI_N9Gt0SppaGfkPh4BkM7UKA4LlNjV00JEOmwq_DY6wOe7c6uHDMXQssuHvnQFgUMsEwo8MmY5bGVYu4UMPwt1wRgCizJLGCvmrJnGJlGsy_YzOtysrBJq25doT0ZjFkHtlQ6TYLeLM04NaF9YjX4BigPZobt-s_3XJBdyviwU2qnfkqu1QFEqm3hqmWbuQVDkfRMlyJ3qnb9Jsbh89G_I4bus2xkgBTCnQ8fD4wTLwFgGSFfr17wh4X5znsyjeY3zPDnkvPbQhuBhfbYf-aGTikDH5kWGQB0lhycBBVP0M53hZqVCv6t8d7_vchbya-x1wAcaE3_rM5nonjecJwAm0UPcqqxPhJplM9pF6Imi_tCTpQmByJ-S-Kpvo74PH2pNTG4064HhLdTltvjLh52RLPQWWrg-KfNVXoZb68vDLifYOCjh1gpCb4SyfBFMbkdSh5NSXdTjOckffqK5AeWBhnXNwyI5kVU1ki37_krukuY8vyVsiViNpoaDjfbyW7kBu-0RCEx9M6g_Q5JTdb7Q0kAbmdu7lhG5DqETRrlgBHV74_GEGjAcS4JgchxKPyX1DoCllqoPS3gP6w2rTGEoBW9gvDdOhi1DNSMzoNu91hJGXNMUTD3400uHtT09VEvuKPYxDfGkbQ4ZmuT3h4fayDlf06GXK-6rjoW-Ay6HTrKO8Mm9lY253h3VdBEufjOVd_7oPf3smILrt8_WTDccMqf_zoLEylJ5qTIWz5uza9m8D31phy4EODqahddeaXKvwrpW1vDrQV9yoBnwCjKSoUWl-XPVnuaIfAlNUJgpkx4jxuvNYJ5MKgbOJMv4BFSLGoLIgnPhcx78nlPL7EdIvUWLfgIaZI4_BXtwqdikmbszkAnAwxjfOUKVr_4CQncmwKZvb5R-uLZj7PvVGWi0Akct3UW0ElSoE1Iz_k3F33ccMfLnjlep9ZvGIqoOs2Wzkx6b78p6E9tHEdF6i_98xRU-gp4UqjZi__i5_p2YGZhouZOhHReD4DrGMc9Ce8JFgQHlAn4Jp1pycorEW8ErU1heZ_gOhekEnYv39uuWv8DT2Vnw5fSxPPPJVJSYHTatZup8riZ_IeM5B8y59JeogHsqYCGBuMoICBTyLb5zKVbycrumn0DLoi8Z82-HTFh9RL7iC9IDnlK7Je5V7Rjhfeh_YkGJC1cvuuzBVGujkTeUOR-2_W-4R49e6jfphZulj_5K-mfxdZDZXV350kmEp8DFSQ-NymKIXhK0hVj8gbMfXFo9pYJlXgickcsimaqlc64C2Qd3-3itqZLcTKymBhXKZvf6RgaQTj58omo1tU5E9JK4rFInqJdWhHaKQ8_ZfDnVMvoC-TyxhoL6ktKPskCp_RvL_BaXrhsqR_f1cyuG49sUak5SB_jZm6FznM6eTO_xdWhxpDgCkGcg8wcAHadK-7YKsJE1NzUhWIjBRHrJRZIYTpkJ16zXVRkL3QnlOJF1ox6dBPLa-haN-1IW1W58abS1gB5L7unzBFBIiK5QyB_WxPT8I0LEFsrwt6kojgl3gKUD6pjdqOaleUwqMxM_DGKBvEDkTUBruyVkFi5kZQ9EpRfOR3gxj4lDeVmQfn5svGDiKASehuXG59PZWlCdMZ_YzEg1ALXrmb1edKL-FKudgWKOKJUJkJJUve3qbkMx14zFy7Z6lb1eyOMCnnTi3fwndkxOfJ9C5qG-T0Tvm4bqgtI6d9ePQ0NmPyyuts1v0E6jboUoopErSWqq2LqMPbUECKI0nr433Wu2H8w18H5xX5wh-jcKwYC4GoXkB7EhhrTl2QvtWl3ZLMQgmm-URoCjCdlC04WIrXr0Yh-LI0LHeaL3KInkXitVKKSsTv4kkZWgmyG_KE5lcBj5r_x12UQ3hEU956IHBXxz4qRezfpBT4whPE_OrGc176eE3dsu5f4jf40GgXcjNKljVwUt32M-uAsEMjIYxRRf2NcuSb_J32m25YcSP_FGMwL4V-Z3gLlU999IAvwZ0IqBvg&cid=CAASKORoVjinLopX1Mntx5fgghY26MTbrSCcXPuSPaBbmnXGpgsUYmq2oUw&rfl=1%2Chttps%253A%252F%252Fbongdaplus.vn%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:35:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:35:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame D652 30 KB
12 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:38:07 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 387C 170 KB
59 KB 59ms
14ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Origin: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 07:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60902
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 07:50:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 387C 8 KB
3 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DrvpM3wXXP60_AaKwiTQ6w83aGD2sC1VnXOSspiyYAQhBFxOtwzBfCCu6q-TjaPLDCb9P50DtTWVbu8aSUmszidiMGd87AcoQCd7xK7EkFFm22k9v3aTsS2alnmnOmo9c1HyYuPFd6eBbBsN15LAzP5jrPbw&dbm_d=AKAmf-AjY_NPThDtUoAIPcONvY0J5vPp9Bv90VnoH5mORGZ4cI_ncvBnTrD-yuPXouJNbJ7V1VtZscm12aPkvYIARQatxdGXYFdCo71QK-pD_GYy-2ZFEhrgl0y44cv3T1_S6MTTkQ4f69hPfuRgtzbT4t6UxG6msQyehz0rc5Hot4yapUdmfFoFfdV0zRAK4cIbLWxxu5eSv7tGigvjBlSaJ3hQvAgZVP6e_6i1yCBQmzyM0ky9YdhfShfeg1cv_ltQm0Id14744_TCqRQ-G9V04D7X4gb6i_Bl2Nqspz3vg7moChsJzYtgK0HYUi1V07kSr6E8xuFzgcV62if-pESw7LGwhTMa1hMXCUrI0dwti1BWVIfXweIrIOSLquvr0cwVykI55DGDUHhdgaO2APdZRg4ru9iA2Ca2ZpjP5psIE8OV9Uws_itpLGbDcQNf8rif5OSqn6IMmfr2ggQ3FlfwioHoq_aJmF8fgqJRZrled6918h-b5tE_bOJkpuDIYQgiLXvuFCXIQpro_5aL77yqe_LhgA15jaUWBiuO4-X3X4Zk5rwb4N5qcOTnbd7Tu_0PzcOhxgaspWCP7LyE2UdIqZhjFDm68ML8PzyC1Eu-4afseHppj-LHPIckgtP8IW2aWdyRWXtSrXf5rJ6QRWev0WuEEbtMowI6RS0IuP9hJc47b25F2LqowZINAuATnK2J_iqy5rDAAITUJIjSYx0qu76UWAfKPBznwrxdKIJqFkPDTdhIdeMA-HtGYQ3ywBuzxtDQXZMgh8Gs2WM4B20trPke_MpVv2Cvego2mwqZFmd8wMpcnRXqNWn680Ff4eM0kLHWOMMJcoeXQsw_NWO16oEcaouqwUbli5sxQU4eAuqK4u1x9uglmBiSdoHXK-zlJejprFud-1cigZptmHY1mbwXNKcF8-aYMQSIsMobSJLGYCpESMyIXzpNmjpHPfnVOb-sGe7i7kUd535NgnlBR9B6BxlNJD48Rx7S6PUVZ2lwdO9QCgkHCAu_L6am15H1IwM7FMPaJtDiYUziIMyNVFi8rejA4OsKGHIHL6BCU-hu4iD-XBjtmORA_YIfOo7g3cvloLZeyVKfAVDoDmw_KpoCoTt3oE2GwmP_ZWkIXG9SVAbzfQj6-6pnSFkQY19HycAQZ8SvdWKdKa8o8k498DpmKoTTDLLjbUTzwLm3LqCj9rVGtlAKJqiJESKYmQlBzQ7d3kOSHU2qYwjmZDzEJEbKK4WrS317JhV7wqE9tXD40EpW8x1cQ0ZLbqu-HLC0C2CTPE_CqgqhZx-G1kz_z60gMzoQS2aOVdJMssVj1cBGn4rhcTU2lIkjEDL_b1r_AMALIu0z9mes5lW181UZS5AoIV9yvTpZBAmmlqDS7_NYBGB0AgYnW5goDw-4oHv42Sv-d4vvSRApbOI7LUObbWLuwCUbD7t4s7f0HNHAN8E7qY-p9rHnmOhLsjaCqdSY3X86Un7Oxm3PdMKsOIXRxol_LGGz7nrROsJsQ-oVFSXC0torA3mm81EPJshu1rDczTnxYWSSGmDzMCc2xOqjlxcE5XGlFcsVE7O5KNW3JgY_NzEVn_dIU_-GfA5642uRjdAAf0Dm1-WetLmVjeI7ekUVc-YmjYWb8fxFjOxwi6oMemb2SFHetPgf0nfhlUlw2YnVS_n3BfJCiPXzv92-BW9gRXnnF0Uz3YFo8xv7mvKNqtNUK4F3_Ydh3ZQUub5_F6WeAtSeyvxH5WZ3DgDApPPs-C3h32DlT1VyOox1C8QQQ8okOiQd-TyOVfBc29tDQMzjVN7pHPPjXVwG4s9EEgB-osvlMll2tFMU2uTV_PM8XFfmG6l3KPuUierIIhGwhHFB2V6PUUM7pMx49Yo9oO2KM_oWj-LwQrv8g1W0gZ4osXduqQJHWMSnE9AxIUp7GWWGcn7piTMroWpl4k9WtGzzMvwgnRm0ZE7BAZc4YlExvXotEf7tgA-J4RG2tGW7vpd30rdjCGpETMcX04tZHdOS30SZ02kYS2n4ORZfsZ8yIREa-C5OK2Vn8LaO9-6FYcHyQroQNFR_7JUqIjq22CIPuGVId74t_SR59EJnDhv8RkfbPRXOSAo4FWYpC7yxnJlMdCrIqs0D9FmCX5YSjGjFnb7JVvc-D7NVaHnyzgFldIq3WTwWEwWIM_PqtCyCBjZIrfkOighu8dmkuQYE0HZaQSqI5i3OnVjYXCK6_VC45mh-LyATCE48f3ONlBloEthJqEvk8cDXoD-WoBorx1E2M-R2ZJjm9UwHnh5lurSttK0R47axargux0C7lP3GHdpItB__gZlUPrmdc-NHSldg3oSfvY1qhkMhbkqAvBsNAJi_xPgkJtLEeyRAA-ASOH2jB9WIyZcRhi1GEDhnnuNX5WxgUJV45UEs0RA_p4hx8Pdd3xX2fxdXYjo3539qS-p9gj45qh3NMfaKzG-kGbTuOS-tzxCRo492uN5TyQ9sTKobFTg_qi5M1zpti2s658nQHZeyji1yW6-v7rMnC-6U4ILftPB905C3ZNlBRQD20kGqebJS4UDqhKF6JRGYGz8j5r5S2MzwPZAfAQSuRbPMWA7wNQ7yawuGcGPewZczQqAhIqJvyXbDHIu-3EvZd1BVkIe6C7jihiZMQ3Uw_QZRzGA8K41I-Li5CCc-Lo3VOUVDCZj_eM-CWxBvM7EfSRv7mYdcAtOOE_Kbmjgcdx5D-GHfFWypiqHscNtYxRW5FfTnle2TCfTjSkBDTDpvc7gA5iC8PXYJ8pwkmd_cii7FrIoYdJkM44Dl3RSDiEEdyBN7cGs8d3kIdWG4avlRg-dJ2CWJY-HGUUI9B6SkJNwTZgMM0DVmgbGPTEc2E5c8vk7db8XWy3mLeZFsDisrwNzLdvldJCRorVF9Sp3pjJowZHXeuSPcjanDuNT2Ptt02u1lItd28YffvMxKxpVr1En4hcyqDi1wk4F29ANhdVTS0RKkuZwoIz8t7CknxB5_oNNOitby_bdyjPIt6lhw5JPBZ_FE4iTg1DyCX7EnQvnDve0N2KXJCM-58JSAShkpqo4gv9LoEAtNzJ4aKH7Wd09581FcMjLhiYnqsNyGr9NQHxLFPzDlQMV8hy3gAe4A4BkAbjq6IjoXzUugV-esHnj_ZyXRMsewsorfIbJs9_SuhqFU7UZ-Cb3N-aPtwz1JNJwpfglUNVOSnaQklw9oZnFnbUohrHO-GkR2ikFzJhiY2xdkPt2NJWIz0DKdMSvaCeZCadTyFMv2H35qi2UH0izKIzNDfxVJvGJpF6F2l4Ky5s8ICvCVn74rtA0HxcGbCfsFv4cKpJUYKcC0qw4yOPp2sF3BVnFpQc46zJeazqALEGlZRQ&cid=CAASKORoM8JBMvP93iAyvImU29YvQBi1YEcx9IKEwWeLnI0-xqj-C_cfmGI&rfl=1%2Chttps%253A%252F%252Fbongdaplus.vn%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:35:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:35:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 387C 30 KB
12 KB 14ms
9ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:38:07 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame DB4C 170 KB
59 KB 63ms
24ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Origin: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 07:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60902
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 07:50:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame DB4C 8 KB
3 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0vGZi58aJywb7lD9TnR8L0NIwTL0WRlt5QYFrhzcHF6qplph6pK2-jsWbQSr8e9JxTr9ra8-zWP34usZOolSk2FtYwt7R84R7h7Hmcgdoa92AMxLTmcqyoQR0KjR_Zfpac4qTPm6iHpmAuGIKW-ivpQmmpw&dbm_d=AKAmf-D7IrHOnNk0k9WxPTcokMiNt-bhQMbUzdVpR0U_HZGFFcViNaXGz6Mn9tvtEiCdFRwllx8yj3fgvhvQUsbRXpkDzF-kja7DimyE4qo-dnoRD1lajVmMpG2tFIcnYdevF0bM9jN7F3Gva1P-K3x7zdxZeRrNMAVCeYNLtyrNdF7mwSx9pJue28FP77ukGCFT8pHbVMWh-SXVZaGWM0Qcu_QgTMmzupFKbYQ9SRfM4C-TcWImVKuVf_205iTr3heEtcVQqPtSSdb5lrNL41uNag2kVjahUEwo18mjSvsn1Q9V-kU3OZr0xJXJYrXrjMuUpUIgR6hKfrhEnYRm4BaqgfHBMUTHHFU8boEBXq_pRFOSiZ8wYa0MvKLqg648n7EyMDKBkwVS7mmLVADYWg8EhI4MKHGxngWDPFssq5m06MKd6PiM9vz7ieuZYJo8ebYtYwHTRNsSJatrB0pFCY99Vpxxa7h51drrB1q_Oe7Ex1wUw38B6kJB1s3AZTyfl2GBSfMHWEnDLFx1q-39rDZTN_Sd2N0ZIgAfsTPf-jmaM38-2z3WALMOKi-RXRM6H2_4nTuHvjTcLN34ifJt8ICMjTBQzjIRW_SKgsvux9y-ChaPFR-XPPiEmAKKZc9n7AdYi7wuO3FFqbfrpBYYcQSHtOY9R_cSt6pO0WYdryZ9nOY85TKv1CZy0Acz2i4KNDVhhRfW94LQfP_N_93FHBN6b6uDt7tzzfMDUGYp90LvOFbFBpfsnRnJUgUP6DojURBJqptj7Bbg9Jjm5FxHIg_A56tytiMxwy8wwNwHKgO8MIJj3l7hb8HwxTm3zpDLEWrzqpJFcKyzE6yJMALCGYbwG6o3C88CetGkM5I3nmIMvHgKrZSDb_QvYcODxS9Fvg8YSVlzuGFsl2v7RbwQps7NJuja1aK0X1AyL0Lqfju0K_B1CzqxlzqexptqAuz0w4qTd2cLvQr1agaOlHWmxP4gqQz2sE8HQ8QW3y-8Cje9dpKbMaLVqfnf10cqqOEyE6xaiNUqDutx1_U9MqQyvzC8vhezgpsJfNJ7Ue3Q9ghcuwDlCc3sJzTjUgjlU0G_FcGOgEdPud762BK8FVdc8IgRMJx6aGHfCqzByJo3odGBQ2R2Uwni9yA1aRTXlgrAMUjCZqAn-eEMazp0KouC3kTJDokYm9hy7I6a2tmE-E7E5MpJUe4_ZYjj2ff4qhYXGtA8c-Pyulkq_WSc7mWUdycwNXSpINHHl03L77flCdbWqoNoVeTALDVQw9JNLPV0GUqveX82eV0-kYkgFLyvI8VbM0cqzpKhN-wOO8ZM35SAJ7YxZcANc4ee4bs_xSPucXmv5cXH0nVMRJFwbFWVpB0EOYcYq4bCPl-b1o_TZ6Gb9xle1KFTUyM5WUEysM5OUQX0mtcoXCWibRYflKV4TG_3bsBW4RRQFkwa0V4Igs84p-KyX_FS6kenbz33eUc9UXSaymU2olwffZK3Fdajsqiwqu1Tn_r-rjolxgG9aRJf_Bk69o0JK5ajlsZm0kY3lWTOxHBg2e2leAverBRWZKIpaqylAkVyqMjYbPcGtsJiINansGfb1Xlo_urF5rQBcsckjIZykdF2mjxcVYD2xgwjgiehGVxWRh2otO3Y6LywTUHPPS_KYvvM3zs-i0IdE5V5Riuw44qMcTYaY9RmPSQNpV4w7e6h7fgfPO-3cSg59h3wgwFAbs-CHnRsggCCr5z4HSkG5Ulu-eGnuR4l5MuZWK_Sppt7LmuwzQeCsRJFlzFdMWLMKh75At8-_jB5ZA_Gzb-c5Y7ip_NJHGTpX2BqIQDAnnqUY_46Dpt4ftY9T3hEJOKED-SnAL5dnw6UabvlR_8mBIiky6mFz25tWOr-rGVBmlc9tisC5Jyf1F7PxA1LJxiu9-A44h8Sn2LilyH-w-TNm_rIXvgVy2Ng7GXYSu55b7m6jBL3M2cv83C6OUtDjp8CFlYlzXa-TtQiHT_Bpgf7qO1DtUk687cRwNAp4GDZCHcEB_hAyHRM8diCr35oo6lgVWbMhf-R-XlMWiWW36OsEtq9KqxNVDalq6NTrMfc3iaOA4bgsF7R2GOawtzi_tY0VO94OoWcmKw_FUNXHqlH_auhn9dOfzwzv4CTEYP6UtBYV7I8DiI6CRxvSqUDxi_lyA9gulzxdGPV4XoVGTZJDGRtNlwAb32wArsG46VYjrfKIK0YP98qnN8FKnRaHGdFrmsaHfhi-ITC98xMfQJbnZSYY3L-p7ubmSa27neV6_XV-eD7yt5o1C6prF8z3Lvuif9tJ9hFTugAZNQqRAb_gje04DO8eOAmHC5yIkSRjKudSrQOupc7brcSArdodx3Klhh29yzal0oXlxGXe6o9fQ3UXNSQSFTPFfBPsF2j2xiByukBoo-xpjnlsswMQbffY42Vu4DrouDJdafMOT5uNgu1V8S21cVq_agJlXC02OPQGA_4rAAry726biFStkD-aTLwP0Jf_UO5Sq7eML41I4OFAf2l_E7HxpnfeEd9N18Xowk6aCkTvHgNkurdj99UROaxTZJdfDdRNE0iE3uAhz7rw09cGihFzLY5Ro2cy6PxjLMRKS1utHgYQz5CVoOQtabu6tXlmV_KF8NeZDTVNBT4pb_cvf8bk8zFWXfrU-FkmwiGaXLnD3BWt3tCeh7WtyLJY3ns0fwat9BdDNqYEYxFrh3l2bkuU0mNSmVfAhrM_ZKh_Uh05hFaDKDR50Q03M8cbD7WwVBBjEcKLGbLDwitP7adqrQ0yU0uL9BnWND_rD0-vcyPezwvUsnnLEdUEndP5hUEDTAO3dMcERbnHbTyXcuQ4wzKKDydlG_ZHdfdZUQ43VNQiRaTIbyD8UDWu8TsReVq6lLaAw6wz3CHITcIwiKVw4jkhbnQgbLlWhm5h9cEc2sPfZHT0l4uGcvNURJbcDWpFKVE8BUswE-sFMKWE9gViLCdDrUefANF_XkH-smms0SkfMB8qh7Uz2tNhCCp0KfgX3LGW-qY_jvDXjgDN42sw9x5aWZLoL3xN02GxeOv97wO6wIDxVVfTkImAmfkI_bhNSLZVhUXuTflBQI0WAYhBoNFkqAbclTCcLeDCj1QusDsLFRzD6l6eryY6rrIcTKSuuYLUUJypkM62RJOuFlZUrTt18u3275UW_RTFZh-A5UQckgVf0eabsX2mmhiwMk0ezKA8TsMTFY193y6vGhy4PTUCGMeTIyl29pmCvWGdYPoDZuB07ozXncgc4Y7Dc4o27cAKU5bOFwIjh9tJNeFg9fP7QhQZgVg4WS0xl3cYfrwHShYhcdcWQQA4gM8nRjEL3x3T64yEmg7mizrRqodX3nnCaVJf_BKwdfYug&cid=CAASKORogClGphZV7TcTEMBIq3z-x2VSAT7lH65aM50o7E6YLA9OUloER0s&rfl=1%2Chttps%253A%252F%252Fbongdaplus.vn%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:35:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:35:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame DB4C 30 KB
12 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 00:38:07 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 188ms
21ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 29 Aug 2022 00:46:00 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1135
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK 4as54di69f4s Show response
hal9000.redintelligence.net/zone/ Frame 9868 11 KB
4 KB 40ms
10ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/4as54di69f4s?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGtPPSAwMY63nGKqMx_AP7Oe8oAfdreioYLuP39SICvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0ALJTodBb37jEVHmjv1bYeJ6ul1304zTfkKze7-_7MwDAUKbSY5yaYaZ6hz2jvlyXYA60IQwEDTraWKuxk1U_s-WZ83bngqCfgHclKwuLIK4e44Q73obxCFj2AcIWnQuDrR3z0fUClbdqM_CSY5g81AxEigd56yaaFoSchZT69vU-2x7qHw0pmOQ4QCYn69vHUtbn_Xm4PH86rOtjOGG6rPmCYqMZKKyMWXj3v5ycgD8Uxtz0f8lNH6pEa_DolNIwefb2nhLEDVyM69kwsukNyAiXnFx0pzUKjq3d8t2bN8CWb1Bq8NNYQrfwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoJHFtfBuo6-xWww-GF8BaNl4Wsoh13394ptNzu7madzvzbOI6ZO0%26sig%3DAOD64_0cO9GpfH7BUl0qkSZdyrZnFWGH5A%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-D1izvSUkycX95t2dV0kVm38FOKQj0iF_tXNH6cyvhhZLJ-dYeDG-2OokiZrzp63AWUdMMyJ6NXlwYm2FoSht-7SQdX6mtv6n7ecNeyfIHJiA_9x8qvGTp2DBrnduPjsTBRpOVLTQm7z_Z5xcMqxJoi_XnTEg%26cry%3D1%26dbm_d%3DAKAmf-BhzE2vtN40GRsk7GqU6kQmBqaYj7qNQv4jEua_Z1i3UrdSeYpoIT29EZ8wqNyKAQzfgHrAlEOHQuMb0rr9n4ZtD3n3GocBxIhY54I-GxexJmSUr9wDwsAk82th6fY8OEkyi0anLHuj5WUHuadmuzIV-TzzUid0rwtGjL11PKu54T0lPHjW_mSVcizeRlqwt0qUbY32MAD2nyacrC8upJotVeHo9_t61Er_gjVROkoOogggcIMCu8oEVNy5mlCvctOE9w407nsBhcLdhbX74SRF9-X6ZfGhiLLAfYBH28zGBUDtB7sxZ4_DpoBmg0XMgn2Dz0H96V5Udo49ZPEgmMIYs1p4vbme3fPacQ5V69HoJTgnpL-DdjXP9DBk3cKLFAdIHHzL-IE0G4ZCYaxibXRfEOvUphpRjURZGpPm8xqpgdRuHAl9hTAfw1xdIgI92W5DF9OnGqF-lP_PsK_Fc_7jwgD59TYif1ogLbnigRhc45AnI5piKn0Ugv7u0DpPaMR7Wg1UE37HMEYCC6tM8mDRiqn0G7Zq98Zp0DwdGpHnx5KmGofaBBAr7LwXViAOW4gvnm2J%26adurl%3D
Requested by: Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 0e08a4b2dad935412be84ca5b57aabb165a589bffc3d7eb746450ecfba128822

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:01 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4039
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK 07kjbl94dsnm Show response
hal9000.redintelligence.net/zone/ Frame 9A6A 11 KB
4 KB 32ms
8ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/07kjbl94dsnm?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCg6vSSAwMY67nGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0LM3By6d4TEn4zHgTgiHutc6lH7jnb0HIU8njCRSarxtVY0A2Oaf7p70KnYK3xuBTOY2QpN3lPVfogSBnmS7bUR-Z8SKdDAA5E0BxsMul0M8fUeZ6j_27FQWzjL2p0tKNaYpyQORJ64yYsVLsx_SWjwzC0QVw8zr3PxadfpGR_tf5qKUVSoWBot6tq466l_HPJAuyJK7g5PlQVBL7dGlxYMKB4wV79Qy4nc17YCStB13vp1a2uh7MN4aZEhxTgQJCtI66Fmxk_s2Iie7tAZwo73HCoP7ClIcTbkiU1Aht2CB7dvzez5wyYMIwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoPfgJu7pv9GueH7MhuEvoKPGkqSyaVq2098pEOb2xS7cbSxG_2xM%26sig%3DAOD64_0G3iSeJ8n4QjhgFGktUMQHUe4G8A%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-A5I5TSCCXPOFOPIddZUe_rF-0vwyPDql3uKTofhpUwfl9NmhxI_MCupMifmlb2ApZvOA2tTw_f4xsJLhxwYksPLWLW2g3iB5LA5C1mrrQrYO6vPYoN_HbAs_aO7T0f6EHWqZpWQkFp8FkItCAuJWCG-PaGYQ%26cry%3D1%26dbm_d%3DAKAmf-CoEPLvxiJZBBRgKS_q45bgh8qjk4_JAHICJHyyc3KAUmtUzpOv3BxJ9oIGpQkIyDzd64WGAu444sOLVBhyzrwE0Sh0GX4hQdUBbW6wZOcnySOMo6UdHIDKwGZ3qRg-JTeJV74wLAtReauYHPbHFjJTxNTZVPFHVsxn6w13Pk5cdEfMGF_aWpXwiBNJqUvZfPkCgjaXWbL0244mgZqoCp4FsQcaVc-B-G60ctKWt4YSzlIBpu4Crat86t1VzeGG7MgAOJWEfuqlnhPX0Ib3TRCGZQkBKEZ5YQY5oXy68-hADZl7qfbo4XCRMzivj4uFpRkdEF7aSvOEqdzogSob5p7VTICGVNzMkzsO1WR7EaB1NJibMfnFpIKUQSzRYvN2Q8hNeQYsAFukKPxNUx3p-MbjNMDOhAVJJMNz-vjS1MgsQ9PuiBhP3-hY-3AnW4te-TS-CLvYMmPjE7LcepYx5CP1pghDQz6KQfQHj0zpFNg7fvJRKIz9xDzeBAffi2UBvGAe_8l48OfW8hnYAGnw3A0gPyv3zQ8ch47fVukLG27pmsy-CNnwxu7PqLx_n0e08PuHpnpX%26adurl%3D
Requested by: Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 86fea61899aa8fee9f8a560761e0e672adc50cc6efe4d863d4917239e794d057

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:01 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4040
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B0E1 22 KB
8 KB 12ms
12ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 387466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 13:08:15 GMT
expires: Thu, 24 Aug 2023 13:08:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 07kjbl94dsnm Show response
hal9000.redintelligence.net/zone/ Frame 7C7C 11 KB
4 KB 27ms
9ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/07kjbl94dsnm?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEMRdSAwMY7HnGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0Nnim2VANp8UR3sUoOM6m9aba0g2Wjq3Jk8URL-nbrJ6vz98hb1xR-Qo2ei2UskXxuR_WWA8dR9A4iG1KSnzQs7rxAyaNK-LJySPbUOlpDRPgiBJQQYcA1Pqg9GF6hCxfT9bxORl9ZZSo5kuJy1wSqzNRBgbAnOk6jPmh2Wrh6hYzJXLiyueiij51M1D2U0JGTuOQzkQiyosDdD2HZZjkjiC6Vxgd1HZ9pZPRcd8hQ7c1HKqw3nEwZ2CEWZ44Yq83PpO7hjlnAb-HfvLSH5m-vYuLf6BsQVG2As80qCGipUCFqRe3UyIVHCEwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoEDcKPyI5Sl8AqxUCzDgPJnMzL1oZBAnYuv4R-plGrTTr34zFmDk%26sig%3DAOD64_27gH6hY81Qs24LBJ_dbnsT6AQxSA%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-An0e7CPGuQGBVc8uyHXpwcvdXeSQY6moF7PvpP-0USDc_iPp97TbwGUM8DBVDKf5erX9Loll4sCt9hCNigtTiFKfZuDCI4CH6M3JBt6e0_UaeLuUJqW_0m3m-R5Ns11h0J9hFoNSJJkLVyZkk2P62q6pdW2g%26cry%3D1%26dbm_d%3DAKAmf-DVcrhS5R_rfQ2DFGSpdFAa0t1qsYUi6GQp9eOnbr0yxZoGUX6GlCSXcO-8hQlPzyrq1s8p6fkodeAaXXtAhHKyWjsET1RRUqFVXx5rZQO08fQON5BOah1Nq_gaucYMcOaHOtsbmMwddcmHBnx3MoBIH58zRiLSWRaI38lRBDhIFJJsuie9iXJTAwUW9VFVvGd_fhD_XZAyJEmvOLLHn2CEr5jK2L4QCKQmuh9za2ci-pRjW0bE9gQeTQ9t6CgjE8kdEPcmLwAA7FTCaQzdkwhlZN2EwDdIJ86NjfKlRy8i8jDfIUBy9dOiBTpvcNAIFLkXrhXLdAfmMkCDVbkhInzPCuaBo8zrs73_To8OaXb1a-x8ZtZ8Q7DRcpLiitqqhSU3WBAbHU4oQrwmkYPuw5pPk_0An2oRvADQ4Og8rYfFCN5GjOSZYzU2tGpu8zIs2QUP_W8a7piUIYVbDbSP4tPXqLlsc7W90JoXQkqp66gT-8QxXlf18NmqcS2nUcGtRkvHbjEJpBEzAcBiseAHajvvurs6mvzwP7z1uvxeUQYcjUNzQ0Zwp0VLjO1gKeJEzIlBQUOs%26adurl%3D
Requested by: Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 65c270e8fa2f237334bf1931399d784288beab127d120120697dc51cf5276f1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:01 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4040
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK 07kjbl94dsnm Show response
hal9000.redintelligence.net/zone/ Frame 312F 11 KB
4 KB 25ms
9ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/07kjbl94dsnm?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC14ovSAwMY6_nGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0FMNAUcpFMgxLicROmeAQcvju-x83Uv6Wm78nFNbC5srTgFVYOwyCbAUytfXpt_QchtL-0XtS3WA9sNNgl9SoNI4ci5euk8ZjK5imkiX4t3WxFjpbfbtb9rMxjmh7cfVtAlpJz7Tnj-z1tRw3vRFl0_aWJ1nn1qnRo8v1BL-777D3BOVXYHktqJ8cpsSZE1m5TLdldf52lSgZVBONydPrLfSV_z4-XNBLejlZXmDr4spljQ6UWKMgw-waUUXTlce7RgUcQaAjDLU1fRkQSX8Wc5kGNYsk9P8bPP1vj72SbIjKqbU8pRJSF6EwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoRLwXll7zDPGXA4HnhbTsyaqgZrcrB4sqOHchWh-kLIxKncuCZW0%26sig%3DAOD64_0M4d9nE6YTpLeFEiBJFWq1ukyzaQ%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-Aqu8Cy16bNNnIqrApL4CseCVqFdYvjZRAYmBwseir2I6cTwJnUvN-pFq5XBrXyCtxeRmQEema02HM_5KimcA-8btc_lox_sjzLvwebJomHvGNqeBO8u_3fmm3nDZ0T11-0EPVFI2YfnnT4tb807P_9m2KY-w%26cry%3D1%26dbm_d%3DAKAmf-BBuhDCsHqRZZhp-N_hszybgctr8KBbrOt24pzMzcuYG40COJ-3POUp7sGm2W-uvGz5K_NrxLrg7mpxc-aQ5ig1QRYXOY6mdmIIReMVfQSwOu3nKJF_aeKQU_P50WgkT_WoKDryV71npP59_G1cVmTAqQ9sQ5SFxJGyCMm30i4H0e9VAxsD9HYmK7ZfqWHQgtpdei-wuigBbEPpjYO2BOCUxWEcqeEsnXGEbpetIN0_UdOJZ0anrzgQ_GG5pJ0P4JFSuqraqEHm1AgDhX2ZRgXZK-futpb-ftdC1INV4eTW_1XSheiDFnV8WPtw65s-TCwxFcVa0l5bKj15yxIDdYz20kGvdn4h4nme1Liar6dBzOHCnAIDyxh299WbX3oLaqOr_58l_rcPPO-6uc24EGBrcL2jvcBN6Im4k07FHlTyu9I9QzU6K_RQTqycoYQo1xKsZ_94WvJgAj5rbbCPrrkIontjBS6jpPqlr9ObzEIey_a2n487mcwxay8Hthk2LOkgLyFxF2u_qiGhgCNNDxui5wKyPX8rzuo1zsl9svcI5AG2VUqGqmA8HVRQW-OpE0j2HjIk%26adurl%3D
Requested by: Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 139423b0348cf17467e5739cf89277d2742bf2ed586d0d323980cfac9f3abc5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:01 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4038
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK 07kjbl94dsnm Show response
hal9000.redintelligence.net/zone/ Frame EB3E 11 KB
4 KB 24ms
10ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/07kjbl94dsnm?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbBjYSAwMY7DnGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0KxOMzwxg7rT45ySZpmjMkRtGJPxaeKTM01NJCOfrGk97iK8P5rNgxoC36bbvDOjUDhIoGJlCa-RS8yb_WgNfyGhOOQFGxyprjx-Rrr9bmbE0rabhIDq8MOwi96XcjyE4-DYWorTV132DZsVWq5sCXgvtTp1cEFZh9Fr--FJgskzTMZp-R6lS-Ee2BUkK1q6OBxbNp4-hWpGSupI967R-mPLuGBKnhmklllWyYFWEoP9ejFRd-jVFJAhIIct_ANzddvVxIYJp6iI07NKC8CESD4O5ehAS3d1Z8AI9fAz6xmyYXK2-1SL3OEywATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoEZW3D38_eWV20ioVVCOtoB7AM0dea2_H01GIAx3bfIwOEs9sTBA%26sig%3DAOD64_1j9vWMT3mOWUWYNKOVt-D4rNSCVQ%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-CSZRo2D66z62r2T7wfBbFHD5sULTdUMjvz8xKdhFZ770KKjAt3wCoJER5E1A3VNVcp-pHOKkkXS3CDtiXUbRnIV31FtwksnlIzZr5i8men6mHb6S5MaTdwojzBO1fevvy2twkK-pSkELM9wdftdE4mp6oguA%26cry%3D1%26dbm_d%3DAKAmf-CXIvbegyP--JYG5DfU09-os1ffZET-nukrMpskPcue-xO8fTpqT_VwtYuEdWcIIE9usEAbxCiRXVXc1pPBp-4unQ7ZN20LdrOcoaxEa97My5bFNx1uwoiR7ejfhH4NRD1Xuni1f0z4dgw-9RACpSnxw-SNwvBCQ8WQ7Us7RmEnIip5mgotv9UTPGxcomsJjDdcGby4LpMhN9pTZiAqXmXFHezWyI6Wy2VML-XIXxmsyYSH1vReTzdp87eN1tCSeAD3gW--7PtVSK6a_sdVPhZS8ceinAeyJrxgNQ442DbeJ60ZSUZOIZnzZ__LcUO6p8rwrMa6vWI7fVplAqu1v0PO-OmPaOcjYrnEtfZomaBZihiH9RvQmsyOTLwuz_se3-ZhrYiCH29TEBNC-uh3yFfm3BsQMqW4mXnlWD9G6Jhamc-2qrUxk7EsCzfx69feeqNwNSDT58XS9XIJ6E7elUVvqdYKJJXps_KJ3nN7tzC1XpfVHv88lsydDsblLi29soY0YNdeCr7j8PrxolJHDceT-7fj7I-7aOsPEzx32IpSqYHp-t3WhstpQXdu4OuCjE_NxW06%26adurl%3D
Requested by: Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 5546d0ff1b85d0f8f104dd5ab27e302e9ed1d4f3639aa1699d4bf5ffcba58cd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:01 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4041
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 69C5 22 KB
8 KB 14ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 387466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 13:08:15 GMT
expires: Thu, 24 Aug 2023 13:08:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 245D 22 KB
8 KB 18ms
12ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 387466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 13:08:15 GMT
expires: Thu, 24 Aug 2023 13:08:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D652 41 KB
15 KB 17ms
12ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 11:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480164
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 11:23:17 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4AEA 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 387466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 13:08:15 GMT
expires: Thu, 24 Aug 2023 13:08:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 387C 41 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 11:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480164
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 11:23:17 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0A3B 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 387466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 13:08:15 GMT
expires: Thu, 24 Aug 2023 13:08:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DB4C 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 11:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480164
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 11:23:17 GMT

GET
DATA 200
OK truncated
/ Frame D652 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c1935591afc24072731b4586f475561e8e977a36dacf5cf7b459a14adfb7b05

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DB4C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d78dbbecd229d23f3438cb0692401bc9dd0323a96dbbff657687849c153f7af

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 387C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3440de1ee1bb3ab66c29563e17eb4bf54af4b626d1c5699cda704802a4f1a92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

request.php Show response
hal90001.redintelligence.net/ Frame 9A6A
Redirect Chain

https://hal90001.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=40f69bddc3&subid=&uid=ddbf13a54f2064e6&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90001.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=40f69bddc3&subid=&uid=ddbf13a54f2064e6&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

3 KB
2 KB

91ms
74ms

Script
application/x-javascript

46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=40f69bddc3&subid=&uid=ddbf13a54f2064e6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCg6vSSAwMY67nGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0LM3By6d4TEn4zHgTgiHutc6lH7jnb0HIU8njCRSarxtVY0A2Oaf7p70KnYK3xuBTOY2QpN3lPVfogSBnmS7bUR-Z8SKdDAA5E0BxsMul0M8fUeZ6j_27FQWzjL2p0tKNaYpyQORJ64yYsVLsx_SWjwzC0QVw8zr3PxadfpGR_tf5qKUVSoWBot6tq466l_HPJAuyJK7g5PlQVBL7dGlxYMKB4wV79Qy4nc17YCStB13vp1a2uh7MN4aZEhxTgQJCtI66Fmxk_s2Iie7tAZwo73HCoP7ClIcTbkiU1Aht2CB7dvzez5wyYMIwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoPfgJu7pv9GueH7MhuEvoKPGkqSyaVq2098pEOb2xS7cbSxG_2xM%26sig%3DAOD64_0G3iSeJ8n4QjhgFGktUMQHUe4G8A%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-A5I5TSCCXPOFOPIddZUe_rF-0vwyPDql3uKTofhpUwfl9NmhxI_MCupMifmlb2ApZvOA2tTw_f4xsJLhxwYksPLWLW2g3iB5LA5C1mrrQrYO6vPYoN_HbAs_aO7T0f6EHWqZpWQkFp8FkItCAuJWCG-PaGYQ%26cry%3D1%26dbm_d%3DAKAmf-CoEPLvxiJZBBRgKS_q45bgh8qjk4_JAHICJHyyc3KAUmtUzpOv3BxJ9oIGpQkIyDzd64WGAu444sOLVBhyzrwE0Sh0GX4hQdUBbW6wZOcnySOMo6UdHIDKwGZ3qRg-JTeJV74wLAtReauYHPbHFjJTxNTZVPFHVsxn6w13Pk5cdEfMGF_aWpXwiBNJqUvZfPkCgjaXWbL0244mgZqoCp4FsQcaVc-B-G60ctKWt4YSzlIBpu4Crat86t1VzeGG7MgAOJWEfuqlnhPX0Ib3TRCGZQkBKEZ5YQY5oXy68-hADZl7qfbo4XCRMzivj4uFpRkdEF7aSvOEqdzogSob5p7VTICGVNzMkzsO1WR7EaB1NJibMfnFpIKUQSzRYvN2Q8hNeQYsAFukKPxNUx3p-MbjNMDOhAVJJMNz-vjS1MgsQ9PuiBhP3-hY-3AnW4te-TS-CLvYMmPjE7LcepYx5CP1pghDQz6KQfQHj0zpFNg7fvJRKIz9xDzeBAffi2UBvGAe_8l48OfW8hnYAGnw3A0gPyv3zQ8ch47fVukLG27pmsy-CNnwxu7PqLx_n0e08PuHpnpX%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=8333485531652&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 00b76f924405015b59c87ce47507959e88f73faff262254f64a3757cbbe42ff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 00:46:01 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 95808200007473000757597012066001
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1091
Expires: Mon, 29 Aug 2022 01:46:01 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 00:46:01 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=40f69bddc3&subid=&uid=ddbf13a54f2064e6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCg6vSSAwMY67nGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0LM3By6d4TEn4zHgTgiHutc6lH7jnb0HIU8njCRSarxtVY0A2Oaf7p70KnYK3xuBTOY2QpN3lPVfogSBnmS7bUR-Z8SKdDAA5E0BxsMul0M8fUeZ6j_27FQWzjL2p0tKNaYpyQORJ64yYsVLsx_SWjwzC0QVw8zr3PxadfpGR_tf5qKUVSoWBot6tq466l_HPJAuyJK7g5PlQVBL7dGlxYMKB4wV79Qy4nc17YCStB13vp1a2uh7MN4aZEhxTgQJCtI66Fmxk_s2Iie7tAZwo73HCoP7ClIcTbkiU1Aht2CB7dvzez5wyYMIwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoPfgJu7pv9GueH7MhuEvoKPGkqSyaVq2098pEOb2xS7cbSxG_2xM%26sig%3DAOD64_0G3iSeJ8n4QjhgFGktUMQHUe4G8A%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-A5I5TSCCXPOFOPIddZUe_rF-0vwyPDql3uKTofhpUwfl9NmhxI_MCupMifmlb2ApZvOA2tTw_f4xsJLhxwYksPLWLW2g3iB5LA5C1mrrQrYO6vPYoN_HbAs_aO7T0f6EHWqZpWQkFp8FkItCAuJWCG-PaGYQ%26cry%3D1%26dbm_d%3DAKAmf-CoEPLvxiJZBBRgKS_q45bgh8qjk4_JAHICJHyyc3KAUmtUzpOv3BxJ9oIGpQkIyDzd64WGAu444sOLVBhyzrwE0Sh0GX4hQdUBbW6wZOcnySOMo6UdHIDKwGZ3qRg-JTeJV74wLAtReauYHPbHFjJTxNTZVPFHVsxn6w13Pk5cdEfMGF_aWpXwiBNJqUvZfPkCgjaXWbL0244mgZqoCp4FsQcaVc-B-G60ctKWt4YSzlIBpu4Crat86t1VzeGG7MgAOJWEfuqlnhPX0Ib3TRCGZQkBKEZ5YQY5oXy68-hADZl7qfbo4XCRMzivj4uFpRkdEF7aSvOEqdzogSob5p7VTICGVNzMkzsO1WR7EaB1NJibMfnFpIKUQSzRYvN2Q8hNeQYsAFukKPxNUx3p-MbjNMDOhAVJJMNz-vjS1MgsQ9PuiBhP3-hY-3AnW4te-TS-CLvYMmPjE7LcepYx5CP1pghDQz6KQfQHj0zpFNg7fvJRKIz9xDzeBAffi2UBvGAe_8l48OfW8hnYAGnw3A0gPyv3zQ8ch47fVukLG27pmsy-CNnwxu7PqLx_n0e08PuHpnpX%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=8333485531652&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 29 Aug 2022 01:46:01 +0200

GET
H/1.1

200
OK

request.php Show response
hal900027.redintelligence.net/ Frame 7C7C
Redirect Chain

https://hal900027.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=bc5b9da015&subid=&uid=503e1ae1638a110f&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900027.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=bc5b9da015&subid=&uid=503e1ae1638a110f&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

76ms
63ms

Script
application/x-javascript

78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=bc5b9da015&subid=&uid=503e1ae1638a110f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEMRdSAwMY7HnGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0Nnim2VANp8UR3sUoOM6m9aba0g2Wjq3Jk8URL-nbrJ6vz98hb1xR-Qo2ei2UskXxuR_WWA8dR9A4iG1KSnzQs7rxAyaNK-LJySPbUOlpDRPgiBJQQYcA1Pqg9GF6hCxfT9bxORl9ZZSo5kuJy1wSqzNRBgbAnOk6jPmh2Wrh6hYzJXLiyueiij51M1D2U0JGTuOQzkQiyosDdD2HZZjkjiC6Vxgd1HZ9pZPRcd8hQ7c1HKqw3nEwZ2CEWZ44Yq83PpO7hjlnAb-HfvLSH5m-vYuLf6BsQVG2As80qCGipUCFqRe3UyIVHCEwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoEDcKPyI5Sl8AqxUCzDgPJnMzL1oZBAnYuv4R-plGrTTr34zFmDk%26sig%3DAOD64_27gH6hY81Qs24LBJ_dbnsT6AQxSA%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-An0e7CPGuQGBVc8uyHXpwcvdXeSQY6moF7PvpP-0USDc_iPp97TbwGUM8DBVDKf5erX9Loll4sCt9hCNigtTiFKfZuDCI4CH6M3JBt6e0_UaeLuUJqW_0m3m-R5Ns11h0J9hFoNSJJkLVyZkk2P62q6pdW2g%26cry%3D1%26dbm_d%3DAKAmf-DVcrhS5R_rfQ2DFGSpdFAa0t1qsYUi6GQp9eOnbr0yxZoGUX6GlCSXcO-8hQlPzyrq1s8p6fkodeAaXXtAhHKyWjsET1RRUqFVXx5rZQO08fQON5BOah1Nq_gaucYMcOaHOtsbmMwddcmHBnx3MoBIH58zRiLSWRaI38lRBDhIFJJsuie9iXJTAwUW9VFVvGd_fhD_XZAyJEmvOLLHn2CEr5jK2L4QCKQmuh9za2ci-pRjW0bE9gQeTQ9t6CgjE8kdEPcmLwAA7FTCaQzdkwhlZN2EwDdIJ86NjfKlRy8i8jDfIUBy9dOiBTpvcNAIFLkXrhXLdAfmMkCDVbkhInzPCuaBo8zrs73_To8OaXb1a-x8ZtZ8Q7DRcpLiitqqhSU3WBAbHU4oQrwmkYPuw5pPk_0An2oRvADQ4Og8rYfFCN5GjOSZYzU2tGpu8zIs2QUP_W8a7piUIYVbDbSP4tPXqLlsc7W90JoXQkqp66gT-8QxXlf18NmqcS2nUcGtRkvHbjEJpBEzAcBiseAHajvvurs6mvzwP7z1uvxeUQYcjUNzQ0Zwp0VLjO1gKeJEzIlBQUOs%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=3129183823265&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: c5524fec1e5504c4154a12b6097b8ba03a366c961d625c0147f28dbc7b16a34b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 00:46:01 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 53753900006868500757597012066027
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1092
Expires: Mon, 29 Aug 2022 01:46:01 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 00:46:01 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=bc5b9da015&subid=&uid=503e1ae1638a110f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEMRdSAwMY7HnGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0Nnim2VANp8UR3sUoOM6m9aba0g2Wjq3Jk8URL-nbrJ6vz98hb1xR-Qo2ei2UskXxuR_WWA8dR9A4iG1KSnzQs7rxAyaNK-LJySPbUOlpDRPgiBJQQYcA1Pqg9GF6hCxfT9bxORl9ZZSo5kuJy1wSqzNRBgbAnOk6jPmh2Wrh6hYzJXLiyueiij51M1D2U0JGTuOQzkQiyosDdD2HZZjkjiC6Vxgd1HZ9pZPRcd8hQ7c1HKqw3nEwZ2CEWZ44Yq83PpO7hjlnAb-HfvLSH5m-vYuLf6BsQVG2As80qCGipUCFqRe3UyIVHCEwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoEDcKPyI5Sl8AqxUCzDgPJnMzL1oZBAnYuv4R-plGrTTr34zFmDk%26sig%3DAOD64_27gH6hY81Qs24LBJ_dbnsT6AQxSA%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-An0e7CPGuQGBVc8uyHXpwcvdXeSQY6moF7PvpP-0USDc_iPp97TbwGUM8DBVDKf5erX9Loll4sCt9hCNigtTiFKfZuDCI4CH6M3JBt6e0_UaeLuUJqW_0m3m-R5Ns11h0J9hFoNSJJkLVyZkk2P62q6pdW2g%26cry%3D1%26dbm_d%3DAKAmf-DVcrhS5R_rfQ2DFGSpdFAa0t1qsYUi6GQp9eOnbr0yxZoGUX6GlCSXcO-8hQlPzyrq1s8p6fkodeAaXXtAhHKyWjsET1RRUqFVXx5rZQO08fQON5BOah1Nq_gaucYMcOaHOtsbmMwddcmHBnx3MoBIH58zRiLSWRaI38lRBDhIFJJsuie9iXJTAwUW9VFVvGd_fhD_XZAyJEmvOLLHn2CEr5jK2L4QCKQmuh9za2ci-pRjW0bE9gQeTQ9t6CgjE8kdEPcmLwAA7FTCaQzdkwhlZN2EwDdIJ86NjfKlRy8i8jDfIUBy9dOiBTpvcNAIFLkXrhXLdAfmMkCDVbkhInzPCuaBo8zrs73_To8OaXb1a-x8ZtZ8Q7DRcpLiitqqhSU3WBAbHU4oQrwmkYPuw5pPk_0An2oRvADQ4Og8rYfFCN5GjOSZYzU2tGpu8zIs2QUP_W8a7piUIYVbDbSP4tPXqLlsc7W90JoXQkqp66gT-8QxXlf18NmqcS2nUcGtRkvHbjEJpBEzAcBiseAHajvvurs6mvzwP7z1uvxeUQYcjUNzQ0Zwp0VLjO1gKeJEzIlBQUOs%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=3129183823265&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 29 Aug 2022 01:46:01 +0200

GET
H/1.1

200
OK

request.php Show response
hal900025.redintelligence.net/ Frame 312F
Redirect Chain

https://hal900025.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=7d1a822ce8&subid=&uid=1d863a38a793666f&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900025.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=7d1a822ce8&subid=&uid=1d863a38a793666f&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

124ms
104ms

Script
application/x-javascript

138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=7d1a822ce8&subid=&uid=1d863a38a793666f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC14ovSAwMY6_nGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0FMNAUcpFMgxLicROmeAQcvju-x83Uv6Wm78nFNbC5srTgFVYOwyCbAUytfXpt_QchtL-0XtS3WA9sNNgl9SoNI4ci5euk8ZjK5imkiX4t3WxFjpbfbtb9rMxjmh7cfVtAlpJz7Tnj-z1tRw3vRFl0_aWJ1nn1qnRo8v1BL-777D3BOVXYHktqJ8cpsSZE1m5TLdldf52lSgZVBONydPrLfSV_z4-XNBLejlZXmDr4spljQ6UWKMgw-waUUXTlce7RgUcQaAjDLU1fRkQSX8Wc5kGNYsk9P8bPP1vj72SbIjKqbU8pRJSF6EwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoRLwXll7zDPGXA4HnhbTsyaqgZrcrB4sqOHchWh-kLIxKncuCZW0%26sig%3DAOD64_0M4d9nE6YTpLeFEiBJFWq1ukyzaQ%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-Aqu8Cy16bNNnIqrApL4CseCVqFdYvjZRAYmBwseir2I6cTwJnUvN-pFq5XBrXyCtxeRmQEema02HM_5KimcA-8btc_lox_sjzLvwebJomHvGNqeBO8u_3fmm3nDZ0T11-0EPVFI2YfnnT4tb807P_9m2KY-w%26cry%3D1%26dbm_d%3DAKAmf-BBuhDCsHqRZZhp-N_hszybgctr8KBbrOt24pzMzcuYG40COJ-3POUp7sGm2W-uvGz5K_NrxLrg7mpxc-aQ5ig1QRYXOY6mdmIIReMVfQSwOu3nKJF_aeKQU_P50WgkT_WoKDryV71npP59_G1cVmTAqQ9sQ5SFxJGyCMm30i4H0e9VAxsD9HYmK7ZfqWHQgtpdei-wuigBbEPpjYO2BOCUxWEcqeEsnXGEbpetIN0_UdOJZ0anrzgQ_GG5pJ0P4JFSuqraqEHm1AgDhX2ZRgXZK-futpb-ftdC1INV4eTW_1XSheiDFnV8WPtw65s-TCwxFcVa0l5bKj15yxIDdYz20kGvdn4h4nme1Liar6dBzOHCnAIDyxh299WbX3oLaqOr_58l_rcPPO-6uc24EGBrcL2jvcBN6Im4k07FHlTyu9I9QzU6K_RQTqycoYQo1xKsZ_94WvJgAj5rbbCPrrkIontjBS6jpPqlr9ObzEIey_a2n487mcwxay8Hthk2LOkgLyFxF2u_qiGhgCNNDxui5wKyPX8rzuo1zsl9svcI5AG2VUqGqmA8HVRQW-OpE0j2HjIk%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=9725977669492&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: c5450db47a29ecefc177e0971aebf148dc086bc2cb0cdeb1ce557638372113cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 00:46:01 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 88680000006069900757597012066025
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1093
Expires: Mon, 29 Aug 2022 01:46:01 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 00:46:01 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=7d1a822ce8&subid=&uid=1d863a38a793666f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC14ovSAwMY6_nGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0FMNAUcpFMgxLicROmeAQcvju-x83Uv6Wm78nFNbC5srTgFVYOwyCbAUytfXpt_QchtL-0XtS3WA9sNNgl9SoNI4ci5euk8ZjK5imkiX4t3WxFjpbfbtb9rMxjmh7cfVtAlpJz7Tnj-z1tRw3vRFl0_aWJ1nn1qnRo8v1BL-777D3BOVXYHktqJ8cpsSZE1m5TLdldf52lSgZVBONydPrLfSV_z4-XNBLejlZXmDr4spljQ6UWKMgw-waUUXTlce7RgUcQaAjDLU1fRkQSX8Wc5kGNYsk9P8bPP1vj72SbIjKqbU8pRJSF6EwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoRLwXll7zDPGXA4HnhbTsyaqgZrcrB4sqOHchWh-kLIxKncuCZW0%26sig%3DAOD64_0M4d9nE6YTpLeFEiBJFWq1ukyzaQ%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-Aqu8Cy16bNNnIqrApL4CseCVqFdYvjZRAYmBwseir2I6cTwJnUvN-pFq5XBrXyCtxeRmQEema02HM_5KimcA-8btc_lox_sjzLvwebJomHvGNqeBO8u_3fmm3nDZ0T11-0EPVFI2YfnnT4tb807P_9m2KY-w%26cry%3D1%26dbm_d%3DAKAmf-BBuhDCsHqRZZhp-N_hszybgctr8KBbrOt24pzMzcuYG40COJ-3POUp7sGm2W-uvGz5K_NrxLrg7mpxc-aQ5ig1QRYXOY6mdmIIReMVfQSwOu3nKJF_aeKQU_P50WgkT_WoKDryV71npP59_G1cVmTAqQ9sQ5SFxJGyCMm30i4H0e9VAxsD9HYmK7ZfqWHQgtpdei-wuigBbEPpjYO2BOCUxWEcqeEsnXGEbpetIN0_UdOJZ0anrzgQ_GG5pJ0P4JFSuqraqEHm1AgDhX2ZRgXZK-futpb-ftdC1INV4eTW_1XSheiDFnV8WPtw65s-TCwxFcVa0l5bKj15yxIDdYz20kGvdn4h4nme1Liar6dBzOHCnAIDyxh299WbX3oLaqOr_58l_rcPPO-6uc24EGBrcL2jvcBN6Im4k07FHlTyu9I9QzU6K_RQTqycoYQo1xKsZ_94WvJgAj5rbbCPrrkIontjBS6jpPqlr9ObzEIey_a2n487mcwxay8Hthk2LOkgLyFxF2u_qiGhgCNNDxui5wKyPX8rzuo1zsl9svcI5AG2VUqGqmA8HVRQW-OpE0j2HjIk%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=9725977669492&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 29 Aug 2022 01:46:01 +0200

GET
H/1.1

200
OK

request.php Show response
hal90006.redintelligence.net/ Frame 9868
Redirect Chain

https://hal90006.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=f8849963f7&subid=&uid=bd4a8fb040da1e2e&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90006.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=f8849963f7&subid=&uid=bd4a8fb040da1e2e&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

2 KB
1 KB

97ms
78ms

Script
application/x-javascript

138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=f8849963f7&subid=&uid=bd4a8fb040da1e2e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGtPPSAwMY63nGKqMx_AP7Oe8oAfdreioYLuP39SICvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0ALJTodBb37jEVHmjv1bYeJ6ul1304zTfkKze7-_7MwDAUKbSY5yaYaZ6hz2jvlyXYA60IQwEDTraWKuxk1U_s-WZ83bngqCfgHclKwuLIK4e44Q73obxCFj2AcIWnQuDrR3z0fUClbdqM_CSY5g81AxEigd56yaaFoSchZT69vU-2x7qHw0pmOQ4QCYn69vHUtbn_Xm4PH86rOtjOGG6rPmCYqMZKKyMWXj3v5ycgD8Uxtz0f8lNH6pEa_DolNIwefb2nhLEDVyM69kwsukNyAiXnFx0pzUKjq3d8t2bN8CWb1Bq8NNYQrfwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoJHFtfBuo6-xWww-GF8BaNl4Wsoh13394ptNzu7madzvzbOI6ZO0%26sig%3DAOD64_0cO9GpfH7BUl0qkSZdyrZnFWGH5A%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-D1izvSUkycX95t2dV0kVm38FOKQj0iF_tXNH6cyvhhZLJ-dYeDG-2OokiZrzp63AWUdMMyJ6NXlwYm2FoSht-7SQdX6mtv6n7ecNeyfIHJiA_9x8qvGTp2DBrnduPjsTBRpOVLTQm7z_Z5xcMqxJoi_XnTEg%26cry%3D1%26dbm_d%3DAKAmf-BhzE2vtN40GRsk7GqU6kQmBqaYj7qNQv4jEua_Z1i3UrdSeYpoIT29EZ8wqNyKAQzfgHrAlEOHQuMb0rr9n4ZtD3n3GocBxIhY54I-GxexJmSUr9wDwsAk82th6fY8OEkyi0anLHuj5WUHuadmuzIV-TzzUid0rwtGjL11PKu54T0lPHjW_mSVcizeRlqwt0qUbY32MAD2nyacrC8upJotVeHo9_t61Er_gjVROkoOogggcIMCu8oEVNy5mlCvctOE9w407nsBhcLdhbX74SRF9-X6ZfGhiLLAfYBH28zGBUDtB7sxZ4_DpoBmg0XMgn2Dz0H96V5Udo49ZPEgmMIYs1p4vbme3fPacQ5V69HoJTgnpL-DdjXP9DBk3cKLFAdIHHzL-IE0G4ZCYaxibXRfEOvUphpRjURZGpPm8xqpgdRuHAl9hTAfw1xdIgI92W5DF9OnGqF-lP_PsK_Fc_7jwgD59TYif1ogLbnigRhc45AnI5piKn0Ugv7u0DpPaMR7Wg1UE37HMEYCC6tM8mDRiqn0G7Zq98Zp0DwdGpHnx5KmGofaBBAr7LwXViAOW4gvnm2J%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=8990420258023&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.164 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 74f6e07677bbadba0d4f12ca87d592194535646d3bd7be6a687a51a35db94f5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 00:46:01 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 78214100005187700757589012066006
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 725
Expires: Mon, 29 Aug 2022 01:46:01 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 00:46:01 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=f8849963f7&subid=&uid=bd4a8fb040da1e2e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGtPPSAwMY63nGKqMx_AP7Oe8oAfdreioYLuP39SICvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0ALJTodBb37jEVHmjv1bYeJ6ul1304zTfkKze7-_7MwDAUKbSY5yaYaZ6hz2jvlyXYA60IQwEDTraWKuxk1U_s-WZ83bngqCfgHclKwuLIK4e44Q73obxCFj2AcIWnQuDrR3z0fUClbdqM_CSY5g81AxEigd56yaaFoSchZT69vU-2x7qHw0pmOQ4QCYn69vHUtbn_Xm4PH86rOtjOGG6rPmCYqMZKKyMWXj3v5ycgD8Uxtz0f8lNH6pEa_DolNIwefb2nhLEDVyM69kwsukNyAiXnFx0pzUKjq3d8t2bN8CWb1Bq8NNYQrfwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoJHFtfBuo6-xWww-GF8BaNl4Wsoh13394ptNzu7madzvzbOI6ZO0%26sig%3DAOD64_0cO9GpfH7BUl0qkSZdyrZnFWGH5A%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-D1izvSUkycX95t2dV0kVm38FOKQj0iF_tXNH6cyvhhZLJ-dYeDG-2OokiZrzp63AWUdMMyJ6NXlwYm2FoSht-7SQdX6mtv6n7ecNeyfIHJiA_9x8qvGTp2DBrnduPjsTBRpOVLTQm7z_Z5xcMqxJoi_XnTEg%26cry%3D1%26dbm_d%3DAKAmf-BhzE2vtN40GRsk7GqU6kQmBqaYj7qNQv4jEua_Z1i3UrdSeYpoIT29EZ8wqNyKAQzfgHrAlEOHQuMb0rr9n4ZtD3n3GocBxIhY54I-GxexJmSUr9wDwsAk82th6fY8OEkyi0anLHuj5WUHuadmuzIV-TzzUid0rwtGjL11PKu54T0lPHjW_mSVcizeRlqwt0qUbY32MAD2nyacrC8upJotVeHo9_t61Er_gjVROkoOogggcIMCu8oEVNy5mlCvctOE9w407nsBhcLdhbX74SRF9-X6ZfGhiLLAfYBH28zGBUDtB7sxZ4_DpoBmg0XMgn2Dz0H96V5Udo49ZPEgmMIYs1p4vbme3fPacQ5V69HoJTgnpL-DdjXP9DBk3cKLFAdIHHzL-IE0G4ZCYaxibXRfEOvUphpRjURZGpPm8xqpgdRuHAl9hTAfw1xdIgI92W5DF9OnGqF-lP_PsK_Fc_7jwgD59TYif1ogLbnigRhc45AnI5piKn0Ugv7u0DpPaMR7Wg1UE37HMEYCC6tM8mDRiqn0G7Zq98Zp0DwdGpHnx5KmGofaBBAr7LwXViAOW4gvnm2J%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=8990420258023&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 29 Aug 2022 01:46:01 +0200

GET
H/1.1

200
OK

request.php Show response
hal900020.redintelligence.net/ Frame EB3E
Redirect Chain

https://hal900020.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=82410ddfad&subid=&uid=cb0be608643a9e36&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900020.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=82410ddfad&subid=&uid=cb0be608643a9e36&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

101ms
80ms

Script
application/x-javascript

178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=82410ddfad&subid=&uid=cb0be608643a9e36&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbBjYSAwMY7DnGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0KxOMzwxg7rT45ySZpmjMkRtGJPxaeKTM01NJCOfrGk97iK8P5rNgxoC36bbvDOjUDhIoGJlCa-RS8yb_WgNfyGhOOQFGxyprjx-Rrr9bmbE0rabhIDq8MOwi96XcjyE4-DYWorTV132DZsVWq5sCXgvtTp1cEFZh9Fr--FJgskzTMZp-R6lS-Ee2BUkK1q6OBxbNp4-hWpGSupI967R-mPLuGBKnhmklllWyYFWEoP9ejFRd-jVFJAhIIct_ANzddvVxIYJp6iI07NKC8CESD4O5ehAS3d1Z8AI9fAz6xmyYXK2-1SL3OEywATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoEZW3D38_eWV20ioVVCOtoB7AM0dea2_H01GIAx3bfIwOEs9sTBA%26sig%3DAOD64_1j9vWMT3mOWUWYNKOVt-D4rNSCVQ%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-CSZRo2D66z62r2T7wfBbFHD5sULTdUMjvz8xKdhFZ770KKjAt3wCoJER5E1A3VNVcp-pHOKkkXS3CDtiXUbRnIV31FtwksnlIzZr5i8men6mHb6S5MaTdwojzBO1fevvy2twkK-pSkELM9wdftdE4mp6oguA%26cry%3D1%26dbm_d%3DAKAmf-CXIvbegyP--JYG5DfU09-os1ffZET-nukrMpskPcue-xO8fTpqT_VwtYuEdWcIIE9usEAbxCiRXVXc1pPBp-4unQ7ZN20LdrOcoaxEa97My5bFNx1uwoiR7ejfhH4NRD1Xuni1f0z4dgw-9RACpSnxw-SNwvBCQ8WQ7Us7RmEnIip5mgotv9UTPGxcomsJjDdcGby4LpMhN9pTZiAqXmXFHezWyI6Wy2VML-XIXxmsyYSH1vReTzdp87eN1tCSeAD3gW--7PtVSK6a_sdVPhZS8ceinAeyJrxgNQ442DbeJ60ZSUZOIZnzZ__LcUO6p8rwrMa6vWI7fVplAqu1v0PO-OmPaOcjYrnEtfZomaBZihiH9RvQmsyOTLwuz_se3-ZhrYiCH29TEBNC-uh3yFfm3BsQMqW4mXnlWD9G6Jhamc-2qrUxk7EsCzfx69feeqNwNSDT58XS9XIJ6E7elUVvqdYKJJXps_KJ3nN7tzC1XpfVHv88lsydDsblLi29soY0YNdeCr7j8PrxolJHDceT-7fj7I-7aOsPEzx32IpSqYHp-t3WhstpQXdu4OuCjE_NxW06%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=1982185133108&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: fbc2996447e9dca6dc4afaaff217feffd2e046c5a2811ef8c880fccf7a1df7df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 00:46:01 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 59070900006437100757597012066020
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1091
Expires: Mon, 29 Aug 2022 01:46:01 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 00:46:01 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=82410ddfad&subid=&uid=cb0be608643a9e36&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbBjYSAwMY7DnGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0KxOMzwxg7rT45ySZpmjMkRtGJPxaeKTM01NJCOfrGk97iK8P5rNgxoC36bbvDOjUDhIoGJlCa-RS8yb_WgNfyGhOOQFGxyprjx-Rrr9bmbE0rabhIDq8MOwi96XcjyE4-DYWorTV132DZsVWq5sCXgvtTp1cEFZh9Fr--FJgskzTMZp-R6lS-Ee2BUkK1q6OBxbNp4-hWpGSupI967R-mPLuGBKnhmklllWyYFWEoP9ejFRd-jVFJAhIIct_ANzddvVxIYJp6iI07NKC8CESD4O5ehAS3d1Z8AI9fAz6xmyYXK2-1SL3OEywATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoEZW3D38_eWV20ioVVCOtoB7AM0dea2_H01GIAx3bfIwOEs9sTBA%26sig%3DAOD64_1j9vWMT3mOWUWYNKOVt-D4rNSCVQ%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-CSZRo2D66z62r2T7wfBbFHD5sULTdUMjvz8xKdhFZ770KKjAt3wCoJER5E1A3VNVcp-pHOKkkXS3CDtiXUbRnIV31FtwksnlIzZr5i8men6mHb6S5MaTdwojzBO1fevvy2twkK-pSkELM9wdftdE4mp6oguA%26cry%3D1%26dbm_d%3DAKAmf-CXIvbegyP--JYG5DfU09-os1ffZET-nukrMpskPcue-xO8fTpqT_VwtYuEdWcIIE9usEAbxCiRXVXc1pPBp-4unQ7ZN20LdrOcoaxEa97My5bFNx1uwoiR7ejfhH4NRD1Xuni1f0z4dgw-9RACpSnxw-SNwvBCQ8WQ7Us7RmEnIip5mgotv9UTPGxcomsJjDdcGby4LpMhN9pTZiAqXmXFHezWyI6Wy2VML-XIXxmsyYSH1vReTzdp87eN1tCSeAD3gW--7PtVSK6a_sdVPhZS8ceinAeyJrxgNQ442DbeJ60ZSUZOIZnzZ__LcUO6p8rwrMa6vWI7fVplAqu1v0PO-OmPaOcjYrnEtfZomaBZihiH9RvQmsyOTLwuz_se3-ZhrYiCH29TEBNC-uh3yFfm3BsQMqW4mXnlWD9G6Jhamc-2qrUxk7EsCzfx69feeqNwNSDT58XS9XIJ6E7elUVvqdYKJJXps_KJ3nN7tzC1XpfVHv88lsydDsblLi29soY0YNdeCr7j8PrxolJHDceT-7fj7I-7aOsPEzx32IpSqYHp-t3WhstpQXdu4OuCjE_NxW06%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=1982185133108&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 29 Aug 2022 01:46:01 +0200

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5976478001652688715/ Frame 86F0 15 KB
2 KB 35ms
16ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=wd7gSRgWtS&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4a0b85cedb268e0a9ff2b7a5f6b4f6d97ff1fabcb8f68f95251b36fa924e4f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2285
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:01 GMT
expires: Tue, 29 Aug 2023 00:46:01 GMT
last-modified: Thu, 21 Jul 2022 07:04:52 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D652 0
64 B 98ms
54ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssBweAFDMLiKZzRLPQU0izo5Uom0-N-50v0ka-xN-NSmizLqvONoXPeL8-WRJlt1dupRMBDkRSHsg2l4ppK-_pjFkMmyklVhjuDE-2Go29JfnabsPc2oYDmssqa7DN93NQtwReClKvN6D9OqNKOOKJBG0igqBYTtUF3_qHfVJW8JhJ__Eq2P38CoCI1Y7Xvcl5J-BPwcZBT3_t4tBG37L98nbMQbuagyRdZCaUGKZmnZkXBcAsM9rnuu6eGtKl0LU5z-oeJPa2JSW2J-hgylHNqJXEdzVNBEsc_c5Yrjy6fqdjJmb_k8WLvm6eubsr_UscMzjedadeuRNFJ99vdLKcsJCnyZHzfDGrFbqORD36wu7CCJJ_9hCVrdjE3Y3sHF-n7CfcxTW9j_TIGfx_0kIwPrhYFkkat6ymAvEeyi7MLuMO0sQzn3NFtYzTed9PaZOetGTLr-GrWFhQwUh_ndxmS2joyqQnBYLl2SAq8J4wdE_fA0Sw9ZJga9Pq0t_khPPWVSS5LnStKak8rmjS_bBFckSNQQhrRKMWH2Yw50cmxnj1-Zeh-nST8lwlKEf6PDqvwjxA6X7396NbL7PDlyBQJWWsS1a1sZEmV_cFHj4Co04JRagd8E2eJUiz6TrS8TrFoZA7OBUN4ph2QgKyKpHWNxlVv8N49ykBGpQ342dhfZtlNJY3HUaSLyg9NHfW5YZTts-_vkigriOTCK792SuIlpkBwV6TPbdNxwZo-BxcKf9hidgPcaNrji6bhO4MihZILAAEpQvZ_iCpipr0jqEpvHPBB0owwcIe9GOLw0u0XTo7nVu_SqCWGBeG0y18x8hTjZeS10foWUeKfWEEnWj7p0cCVtKpXz2NqKjK66uhYZ1FpY0lMr87glW4j-liuME98Kd9JLoRK2tZRqdyjNnsz-6JX9ocFQQGjWFUUnT_q50H6kEcG2cX7AgTxWFLc2VQ5rEuesxJplqEhoZfJO7CkB7BHKj4x8ZqqcmHDRGH5z9vYVBmFKZ2mETcKjJKygYJeDsLMpCaUIBUgTTh4WYGGUIzI4gs7H9CQN04b6eiK0OYY-30HtgtxYQOxiO_7y1uLw83oMCFcjiS5mS0QC9ubs1qYXmK6fmepN_yR02AXwBKo9x3CXB0eKS79VKgO1Hel4d-25V5loBdd-fDoK2_Dxx3s2ox3h6UoCNUt8Jnud0R8dVBAX7XkYZVUabeyZkmhdwTrgseiSuGXL6NeGzVKKi_L&sai=AMfl-YQ-77cXujNca51zKYPtzb0Hs4Cn5GVAjKLbFEwDlYiQOSftWN2dBqobzMUcxoGQroc8MX5ddRP-YhcqnWKCTdFmxOcbyidBcvsDlfAkZjgC1pe2wtmgRomssVge01nnVD6_Mlhk2p8qi9Wka-aoH2JaSJ8CQET2HgY3ISHMTx_4SYdsLP3QgbfexfBNPIi2UbqrAe0Ax0OL4pWXlWy39Yw1kP7d2-NKag&sig=Cg0ArKJSzNmBkBmMQoYwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=240&cbvp=1&cstd=235&cisv=r20220822.14276&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 29 Aug 2022 00:46:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10725954732868190736/ Frame 67ED 15 KB
2 KB 29ms
16ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=TRmbYZI7qA&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10981f8f2382369aa0e2033491f5b532e3e238719185364406e3891ee7339f4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2285
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:01 GMT
expires: Tue, 29 Aug 2023 00:46:01 GMT
last-modified: Thu, 21 Jul 2022 06:39:27 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 387C 0
622 B 91ms
54ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstkMoyjKzFKHQkSwrPuzNvHkagVSgvo4y6S-mI7A2oaFZfvEloYfsjWcU81aBnQxxYS_68PBlMPUHv6y8HhB2aMa9f1__HVnyJt0EoDEAbfJGi-BJVUdjvqyWdwmNMDTnD-QFLrNxjpvRV-UVa6bAza-UOA2hM_DrqM1y9TzRQvwPGVXHC_4DYQnRJsL-sZfPjSqiHoC594w1SLsUrkwA4__PV_p8JKO276VS86RzC4uqJWnXsXMHlCEQQLNPsw3h-0tFPi0Ub-s48VoFZXndwAu8VvrjLWI3XU_Kx4_B2sts-Nao-f96AtHTfr67VD61VLL8Tfd6xtK2IzcZxpr1FhpsVrOpXzNKnjv_VCTms0zx061frlG97LoljXnwrQmJzw_iIAV8Ugt5q3QnMbLtV_lt6Bs0IWs47TwTeS9mqMTxtG-klgOkgYCqs960bkCrYwK7YJCnEJuYb91ISGasN_IleJ5nrCktf0Q4JSF21Bs86X_Y4IcBf5M3rxMdYo6kfjSdg1FdM3B5AfPPRJ2f8GUWfNP2ZGErIli9EzrJQ5aJcVSQGVFX5z_o7_vWwGsTRtwUtkKY2GTPcB_gzqx0FoASIMbgHvlrqiYJG_9GKHtEBYjOjHW240ivc4PgShCNDbUYPEd2Q47_-s_zEfW-B0mVdykHP0hkkvUHY50agvgJ2Ug3WBlC-0ZxDLUGfropqjcy95Y1CIEY3kQ0Qe_MneM_I3L0blJoOnWjH6mmXwSEd84lbo1JLFf-hGaBi8DEDydf0grjY3ZsDQgDiJTtLweXdxCwInee_50-OmQrFCEOokC0HikUyVpz-Y9ioN7CDvttyq4K8oothdqlJitNel9GEEhN9TrqJWa70pnD_iUxyKbhP-_b8PixUmEhI5bQptz8IS3TbOIjOlL_mVIrRlp6N9P5ydWlYMOC_aFm2u1-9xDFNo8Q9JX-DHDoeUSDt37WKZfrbKuVuVtTxvcEVKFwPTD_esEr_6gVEr0a282FrgnGcjkjLhYkAKUuJ2aUtp7kidzX2szuaaT8mIzKTfOUsvfiGmqymoTzxOdmbPY2iq4j7GUGyOOg3XCAuZlsknzy-A93pI5_76WY7HJp92g6xOzv83a29luwfPKzgZrTSbAWjWvX7uTh-165BYqc_89-i2zspqKTNr_SpKiP8mIFP56KPcqZJRNMSnGjVbSAMMigoTE17iACmUc6w0UobuGlaEieG36yrKO3dlrMZ0ZJC7&sai=AMfl-YQbS5BpxAKwEo9P0lWPQpQr23HuEE6hECXbKR46qVDTyduIdR4fVxbPVfhSOwyQUzrACNjW4vNpm99SPqzCwD_dZO6GIFq7xvgFUJWY5UDS-69FILjkWdOb-khfEs2hVKm-2ley0kg01FcZjLMrvFqqFJrEohu7fgrxs4V7dEYvV3h45DNQY-_eOFnMr18BnRVcEK_KmVDK8godRS-NDBr1z2qyQX2A-w&sig=Cg0ArKJSzIQAG_Ha1v46EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=241&cbvp=1&cstd=238&cisv=r20220822.41629&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 29 Aug 2022 00:46:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0506 22 KB
8 KB 10ms
10ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 387466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 13:08:15 GMT
expires: Thu, 24 Aug 2023 13:08:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5976478001652688715/ Frame 5ED0 15 KB
2 KB 19ms
16ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=6jueUSBsAc&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4a0b85cedb268e0a9ff2b7a5f6b4f6d97ff1fabcb8f68f95251b36fa924e4f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2285
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:01 GMT
expires: Tue, 29 Aug 2023 00:46:01 GMT
last-modified: Thu, 21 Jul 2022 07:04:52 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DB4C 0
64 B 83ms
54ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhrJi8kxNMtE7oT68OSEGhit51jyp2x8LGq09PfT1w9Xd2q0vHDHpAxqJX6XPY8Wr7YfCOixh63uYqXkXYZp5IsgSPMnJFqaUhJRpQ4zy8GZDD5ymPM34UiSHpW840GTzWgpzJkwHTIv7caOh8qbgoDK6pCTSpb8vNclYHmSYM3XNsGegb31ADlHJIMN9isjFPsJTzJ0-WA2UZ2yT0DDMl6fQhQqbKWPo2YWqFYkeirrpxKCv91jkdABC9zqAAVt6G82JBn6izoUgTkmsYq-ljKgXvI1hlnPCZij4cTdjAUbvYcDZ0PmYYC1E-2xlbar9S80ZpsA01MOpAKrWpj2kQGL0BT1XspcVqbp3yul0qsXEj7B-sRhajB_lTR1puErMG3BqaSaKY8Mip6Blk_YpAtg00TSeBRwiP9SGcRtVvjsDCgH2DKVNGhTVlqmUCq_cirukHeQiy71e1xMhj9chSRBPORnZITYTHe-h_FGURd_BbpYFepQ2LWkl6j_fU5Kl63TOmqdIXq1d13Usf2i3zrFXqCiqk5G6h7TFigol1F8PFeANG-YpAz9hskEWbJPhGmJ6kMk8QeCSvN5FKnco-WUS40UAx7_-rcdv89KNdCL-pIMV_-ECOPscDbgcTMFes3pABrWJ86SYRBZSz9Ti1VxC9N6j9lyu_sNjDiddrDjim81zDRsJtWeMosZiQ5lh8FPkshjHkfWBl-8TQYsGvAc4R5zUk6vjwu5BF3taKMgLIV_UKkzfmMnCmqYQ8s9D7jAa8Nkz7ePQCy8dUWTkZhEdEpzZBPti_xEqtcPxBFvQYOuKjqGW0UDX9j8_ldYd6Us8rmhjnWRU0MvPXL4j8gbWF631V_M1577llPsM3UPb4WOwCBlVHXD5E2pFZpSt7aExzj99SkBRZHKOc-gCe2bJTWUaDPz2onLrf1evQdMNmgG7T-hDXh_mOZqce-NJUXoLvBl4PsXt99zPOUj0rkYYArMny8Yb3JIiNwD6RX9bymD33XbSRLiLm_TuTQyMqQbEFOtbAmT-3eebeG2bK-R7Zz0YDjf-fMuFoi2ceinrk4jraEBt6zHduM6l4mQtxCR21DrnYsRSdbJw7IT-9AQjhySqD1kh2JXGl6IvwbWosC6_ha78-bTCG9H0hciT8Bmh1ZrF-RiznJsGo2hBxPs09_GzSWsO0GkKI7H7fyU9LwInZxdvuF667QxT3GIYMOCCkTaeShZBkNbdNVHOaSvI&sai=AMfl-YQ8DTZ7VBq8hftAraiDcYPLOcNfqk5VdYmPc81vxm5xyMeO-LjWJV3TyB8y1tw0D4FjqQhKGgUkn6UB2lwnMf-bMtGFzH2GdQ5VqqlSzHVzpawRE0BzMcDKqWLetwON-bI_wmfplbDeAfK9yRdZ8p151rQItVj3IXeNOpOdvaK3CMA2x5ly0zUMzdmmq2OfWeT5dUkuUjePhhisJsgeZpnXCbvIBPxMXQ&sig=Cg0ArKJSzIWJXXkJohx_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=243&cbvp=1&cstd=241&cisv=r20220822.85963&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 29 Aug 2022 00:46:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 admcoreext.js Show response
media1.admicro.vn/core/ 14 KB
5 KB 312ms
311ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/core/admcoreext.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcorearf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: 3153c27085802eefb01b348d02b285449539b7b2217dfe15bc38713cc143b166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:01 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 04:18:48 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Mon, 29 Aug 2022 00:56:01 GMT

GET
H2 200 genjs_ht26032019.js Show response
adi.admicro.vn/adt/cpc/tvcads/tracking/ 5 KB
2 KB 1258ms
209ms Script
application/javascript 42.112.37.35
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL

https://adi.admicro.vn/adt/cpc/tvcads/tracking/genjs_ht26032019.js?v=0.4575838281343587

Requested by

Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcorearf.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

42.112.37.35 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

Software

VCCloud CDN / 563.c8d697d0382742dd4b5460983df2adee /

Resource Hash

98bfc487823740fa3cf98756e8e62451867bfea08f8a6b8a848b2a74c4ef7ab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: VCCloud CDN / 563.c8d697d0382742dd4b5460983df2adee
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 playerInitScript.js Show response
adminplayer.sohatv.vn/resource/init-script/ 25 KB
10 KB 1210ms
275ms Script
application/javascript 14.225.10.21
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://adminplayer.sohatv.vn/resource/init-script/playerInitScript.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcorearf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.225.10.21 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: static.vnpt.vn
Software: / X3-PLAYER
Resource Hash: 2cffcfaacd57b1261f9528bf5cf177907f5dbfc64d5f39796a8bb329e8d1a430

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-response-time: 0.754ms
date: Mon, 29 Aug 2022 00:46:02 GMT
content-encoding: gzip
etag: W/"64e6-AlsgVvW/MvfywaUw1cv7LgBWh9A"
x-powered-by: X3-PLAYER
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public, max-age=120
x-content-length: 25830
x-host-name: SVR515R-NPS-16-40-55

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1043 22 KB
8 KB 9ms
9ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 387466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 13:08:15 GMT
expires: Thu, 24 Aug 2023 13:08:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1251 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 387466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 13:08:15 GMT
expires: Thu, 24 Aug 2023 13:08:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ssppage.js Show response
media1.admicro.vn/core/ 26 KB
7 KB 312ms
312ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/core/ssppage.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcorearf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: bb72b5f4123d51b4d7f486b834b4fef020000100a01afca311bc99822627dd4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:01 GMT
content-encoding: gzip
last-modified: Wed, 24 Aug 2022 07:40:23 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Mon, 29 Aug 2022 00:56:01 GMT

GET
H2 200 cpx_cms
lg1.logging.admicro.vn/ 35 B
458 B 498ms
290ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/cpx_cms?dmn=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&zid=ka3ek337&pli=ka3ek77e&cmpg=jofjk14v&items=ka3ek77o&cat=null&cov=0&pgid=1661733959664277231&uid=1661733959664277231
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
content-length: 35
content-type: image/gif

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame B0E1 36 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 20:47:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Aug 2023 20:47:52 GMT

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 69C5 36 KB
14 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 20:47:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Aug 2023 20:47:52 GMT

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 245D 36 KB
14 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 20:47:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Aug 2023 20:47:52 GMT

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 4AEA 36 KB
14 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 20:47:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Aug 2023 20:47:52 GMT

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 0A3B 36 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 20:47:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Aug 2023 20:47:52 GMT

GET
H3 200 1657637830060.css
s0.2mdn.net/sadbundle/5976478001652688715/ Frame 5ED0 10 KB
2 KB 10ms
9ms Stylesheet
text/css 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5976478001652688715/1657637830060.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=6jueUSBsAc&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58da44613a9d090da0f7e9bb34f12438468f119a4a559d857bfd46db0a7da627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=6jueUSBsAc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 07:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322837
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2383
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 07:04:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Aug 2023 07:05:24 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 5ED0 118 KB
40 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=6jueUSBsAc&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=6jueUSBsAc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 07:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 07:51:00 GMT

GET
H3 200 1657637830060.js Show response
s0.2mdn.net/sadbundle/5976478001652688715/ Frame 5ED0 34 KB
11 KB 14ms
13ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5976478001652688715/1657637830060.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=6jueUSBsAc&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a48498f5db8ae8a7624a0150932e184eb1de17b6e2407d237aba929a60102ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=6jueUSBsAc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 07:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322837
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11484
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 07:04:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Aug 2023 07:05:24 GMT

GET
H3 200 1657637830060.css
s0.2mdn.net/sadbundle/5976478001652688715/ Frame 86F0 10 KB
2 KB 14ms
13ms Stylesheet
text/css 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5976478001652688715/1657637830060.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=wd7gSRgWtS&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58da44613a9d090da0f7e9bb34f12438468f119a4a559d857bfd46db0a7da627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=wd7gSRgWtS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 07:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322837
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2383
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 07:04:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Aug 2023 07:05:24 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 86F0 118 KB
40 KB 15ms
10ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=wd7gSRgWtS&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=wd7gSRgWtS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 07:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 07:51:00 GMT

GET
H3 200 1657637830060.js Show response
s0.2mdn.net/sadbundle/5976478001652688715/ Frame 86F0 34 KB
11 KB 16ms
12ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5976478001652688715/1657637830060.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=wd7gSRgWtS&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a48498f5db8ae8a7624a0150932e184eb1de17b6e2407d237aba929a60102ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=wd7gSRgWtS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 07:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322837
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11484
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 07:04:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Aug 2023 07:05:24 GMT

GET
H3 200 1657637830060.css
s0.2mdn.net/sadbundle/10725954732868190736/ Frame 67ED 10 KB
2 KB 15ms
11ms Stylesheet
text/css 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=TRmbYZI7qA&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef0423678b64273b3ed7c54d42b196336fbf0d0114fd7b018fe3848fcc42478d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=TRmbYZI7qA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324357
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2409
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 06:39:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Aug 2023 06:40:04 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 67ED 118 KB
40 KB 17ms
12ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=TRmbYZI7qA&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=TRmbYZI7qA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 07:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 07:51:00 GMT

GET
H3 200 1657637830060.js Show response
s0.2mdn.net/sadbundle/10725954732868190736/ Frame 67ED 34 KB
11 KB 19ms
13ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=TRmbYZI7qA&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a48498f5db8ae8a7624a0150932e184eb1de17b6e2407d237aba929a60102ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=TRmbYZI7qA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324357
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11484
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 06:39:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Aug 2023 06:40:04 GMT

GET
H2 200 adm_tracking.js Show response
media1.admicro.vn/core/ 26 KB
8 KB 314ms
311ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/core/adm_tracking.js?id=1
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcorearf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: f61688005182d603aef2a4c6ef98f941f7337340e7b6db48c6b2bae62eec4a37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:01 GMT
content-encoding: gzip
last-modified: Wed, 24 Aug 2022 08:11:21 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Mon, 29 Aug 2022 00:56:01 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame AD81
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=53753900006868500757597012066027&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=53753900006868500757597012066027&actionid=981741&produktid=&dt_url=

0
606 B

60ms
16ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=53753900006868500757597012066027&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=bc5b9da015&subid=&uid=503e1ae1638a110f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEMRdSAwMY7HnGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0Nnim2VANp8UR3sUoOM6m9aba0g2Wjq3Jk8URL-nbrJ6vz98hb1xR-Qo2ei2UskXxuR_WWA8dR9A4iG1KSnzQs7rxAyaNK-LJySPbUOlpDRPgiBJQQYcA1Pqg9GF6hCxfT9bxORl9ZZSo5kuJy1wSqzNRBgbAnOk6jPmh2Wrh6hYzJXLiyueiij51M1D2U0JGTuOQzkQiyosDdD2HZZjkjiC6Vxgd1HZ9pZPRcd8hQ7c1HKqw3nEwZ2CEWZ44Yq83PpO7hjlnAb-HfvLSH5m-vYuLf6BsQVG2As80qCGipUCFqRe3UyIVHCEwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoEDcKPyI5Sl8AqxUCzDgPJnMzL1oZBAnYuv4R-plGrTTr34zFmDk%26sig%3DAOD64_27gH6hY81Qs24LBJ_dbnsT6AQxSA%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-An0e7CPGuQGBVc8uyHXpwcvdXeSQY6moF7PvpP-0USDc_iPp97TbwGUM8DBVDKf5erX9Loll4sCt9hCNigtTiFKfZuDCI4CH6M3JBt6e0_UaeLuUJqW_0m3m-R5Ns11h0J9hFoNSJJkLVyZkk2P62q6pdW2g%26cry%3D1%26dbm_d%3DAKAmf-DVcrhS5R_rfQ2DFGSpdFAa0t1qsYUi6GQp9eOnbr0yxZoGUX6GlCSXcO-8hQlPzyrq1s8p6fkodeAaXXtAhHKyWjsET1RRUqFVXx5rZQO08fQON5BOah1Nq_gaucYMcOaHOtsbmMwddcmHBnx3MoBIH58zRiLSWRaI38lRBDhIFJJsuie9iXJTAwUW9VFVvGd_fhD_XZAyJEmvOLLHn2CEr5jK2L4QCKQmuh9za2ci-pRjW0bE9gQeTQ9t6CgjE8kdEPcmLwAA7FTCaQzdkwhlZN2EwDdIJ86NjfKlRy8i8jDfIUBy9dOiBTpvcNAIFLkXrhXLdAfmMkCDVbkhInzPCuaBo8zrs73_To8OaXb1a-x8ZtZ8Q7DRcpLiitqqhSU3WBAbHU4oQrwmkYPuw5pPk_0An2oRvADQ4Og8rYfFCN5GjOSZYzU2tGpu8zIs2QUP_W8a7piUIYVbDbSP4tPXqLlsc7W90JoXQkqp66gT-8QxXlf18NmqcS2nUcGtRkvHbjEJpBEzAcBiseAHajvvurs6mvzwP7z1uvxeUQYcjUNzQ0Zwp0VLjO1gKeJEzIlBQUOs%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=3129183823265&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 29 Aug 2022 00:46:01 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 29 Aug 2022 02:46:01 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Mon, 29 Aug 2022 00:46:01 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=53753900006868500757597012066027&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: 515F052C:C4C4_91EFC182:01BB_630C0C49_513041D:2A46A

GET
H2 403 / Show response
adv.office-partner.de/ Frame 9135 1 KB
728 B 85ms
8ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=bc5b9da015&subid=&uid=503e1ae1638a110f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEMRdSAwMY7HnGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0Nnim2VANp8UR3sUoOM6m9aba0g2Wjq3Jk8URL-nbrJ6vz98hb1xR-Qo2ei2UskXxuR_WWA8dR9A4iG1KSnzQs7rxAyaNK-LJySPbUOlpDRPgiBJQQYcA1Pqg9GF6hCxfT9bxORl9ZZSo5kuJy1wSqzNRBgbAnOk6jPmh2Wrh6hYzJXLiyueiij51M1D2U0JGTuOQzkQiyosDdD2HZZjkjiC6Vxgd1HZ9pZPRcd8hQ7c1HKqw3nEwZ2CEWZ44Yq83PpO7hjlnAb-HfvLSH5m-vYuLf6BsQVG2As80qCGipUCFqRe3UyIVHCEwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoEDcKPyI5Sl8AqxUCzDgPJnMzL1oZBAnYuv4R-plGrTTr34zFmDk%26sig%3DAOD64_27gH6hY81Qs24LBJ_dbnsT6AQxSA%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-An0e7CPGuQGBVc8uyHXpwcvdXeSQY6moF7PvpP-0USDc_iPp97TbwGUM8DBVDKf5erX9Loll4sCt9hCNigtTiFKfZuDCI4CH6M3JBt6e0_UaeLuUJqW_0m3m-R5Ns11h0J9hFoNSJJkLVyZkk2P62q6pdW2g%26cry%3D1%26dbm_d%3DAKAmf-DVcrhS5R_rfQ2DFGSpdFAa0t1qsYUi6GQp9eOnbr0yxZoGUX6GlCSXcO-8hQlPzyrq1s8p6fkodeAaXXtAhHKyWjsET1RRUqFVXx5rZQO08fQON5BOah1Nq_gaucYMcOaHOtsbmMwddcmHBnx3MoBIH58zRiLSWRaI38lRBDhIFJJsuie9iXJTAwUW9VFVvGd_fhD_XZAyJEmvOLLHn2CEr5jK2L4QCKQmuh9za2ci-pRjW0bE9gQeTQ9t6CgjE8kdEPcmLwAA7FTCaQzdkwhlZN2EwDdIJ86NjfKlRy8i8jDfIUBy9dOiBTpvcNAIFLkXrhXLdAfmMkCDVbkhInzPCuaBo8zrs73_To8OaXb1a-x8ZtZ8Q7DRcpLiitqqhSU3WBAbHU4oQrwmkYPuw5pPk_0An2oRvADQ4Og8rYfFCN5GjOSZYzU2tGpu8zIs2QUP_W8a7piUIYVbDbSP4tPXqLlsc7W90JoXQkqp66gT-8QxXlf18NmqcS2nUcGtRkvHbjEJpBEzAcBiseAHajvvurs6mvzwP7z1uvxeUQYcjUNzQ0Zwp0VLjO1gKeJEzIlBQUOs%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=3129183823265&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 1d2009e4aea51a8e6a0f6404f282d8948f473e26f80e45c7ed9bbb12e470d661

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 29 Aug 2022 00:46:01 GMT
etag: W/"5ca0a75f-59f"
server: keycdn-engine
x-edge-location: defr

GET
H2

200

htlp Show response
futalis.de/ Frame 76FF
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=53753900006868500757597012066027&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844595

350 B
409 B

69ms
7ms

Document
text/html

167.233.14.134
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844595
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=bc5b9da015&subid=&uid=503e1ae1638a110f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEMRdSAwMY7HnGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0Nnim2VANp8UR3sUoOM6m9aba0g2Wjq3Jk8URL-nbrJ6vz98hb1xR-Qo2ei2UskXxuR_WWA8dR9A4iG1KSnzQs7rxAyaNK-LJySPbUOlpDRPgiBJQQYcA1Pqg9GF6hCxfT9bxORl9ZZSo5kuJy1wSqzNRBgbAnOk6jPmh2Wrh6hYzJXLiyueiij51M1D2U0JGTuOQzkQiyosDdD2HZZjkjiC6Vxgd1HZ9pZPRcd8hQ7c1HKqw3nEwZ2CEWZ44Yq83PpO7hjlnAb-HfvLSH5m-vYuLf6BsQVG2As80qCGipUCFqRe3UyIVHCEwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoEDcKPyI5Sl8AqxUCzDgPJnMzL1oZBAnYuv4R-plGrTTr34zFmDk%26sig%3DAOD64_27gH6hY81Qs24LBJ_dbnsT6AQxSA%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-An0e7CPGuQGBVc8uyHXpwcvdXeSQY6moF7PvpP-0USDc_iPp97TbwGUM8DBVDKf5erX9Loll4sCt9hCNigtTiFKfZuDCI4CH6M3JBt6e0_UaeLuUJqW_0m3m-R5Ns11h0J9hFoNSJJkLVyZkk2P62q6pdW2g%26cry%3D1%26dbm_d%3DAKAmf-DVcrhS5R_rfQ2DFGSpdFAa0t1qsYUi6GQp9eOnbr0yxZoGUX6GlCSXcO-8hQlPzyrq1s8p6fkodeAaXXtAhHKyWjsET1RRUqFVXx5rZQO08fQON5BOah1Nq_gaucYMcOaHOtsbmMwddcmHBnx3MoBIH58zRiLSWRaI38lRBDhIFJJsuie9iXJTAwUW9VFVvGd_fhD_XZAyJEmvOLLHn2CEr5jK2L4QCKQmuh9za2ci-pRjW0bE9gQeTQ9t6CgjE8kdEPcmLwAA7FTCaQzdkwhlZN2EwDdIJ86NjfKlRy8i8jDfIUBy9dOiBTpvcNAIFLkXrhXLdAfmMkCDVbkhInzPCuaBo8zrs73_To8OaXb1a-x8ZtZ8Q7DRcpLiitqqhSU3WBAbHU4oQrwmkYPuw5pPk_0An2oRvADQ4Og8rYfFCN5GjOSZYzU2tGpu8zIs2QUP_W8a7piUIYVbDbSP4tPXqLlsc7W90JoXQkqp66gT-8QxXlf18NmqcS2nUcGtRkvHbjEJpBEzAcBiseAHajvvurs6mvzwP7z1uvxeUQYcjUNzQ0Zwp0VLjO1gKeJEzIlBQUOs%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=3129183823265&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.233.14.134 Oberschleissheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-2.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 29 Aug 2022 00:46:01 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844595
p3p: policyref="https://www.retailads.net//w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache

GET
H2 200 link.html Show response
track.webgains.com/ Frame 7C7C 2 KB
2 KB 146ms
71ms Script
text/html 52.56.49.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=53753900006868500757597012066027&nw=1
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.49.215 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-49-215.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 7c804f59873212b2c2bc80375eb7bfe5574ce4115c35f3fd3ba04484d14a5f8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:01 GMT
last-modified: Mon, 29 Aug 2022 00:46:01 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 29 Aug 2022 00:47:01 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900027.redintelligence.net/ Frame D078 7 KB
2 KB 20ms
7ms Document
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request_content.php?s=53753900006868500757597012066027&a=f9b479f9
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=bc5b9da015&subid=&uid=503e1ae1638a110f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEMRdSAwMY7HnGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0Nnim2VANp8UR3sUoOM6m9aba0g2Wjq3Jk8URL-nbrJ6vz98hb1xR-Qo2ei2UskXxuR_WWA8dR9A4iG1KSnzQs7rxAyaNK-LJySPbUOlpDRPgiBJQQYcA1Pqg9GF6hCxfT9bxORl9ZZSo5kuJy1wSqzNRBgbAnOk6jPmh2Wrh6hYzJXLiyueiij51M1D2U0JGTuOQzkQiyosDdD2HZZjkjiC6Vxgd1HZ9pZPRcd8hQ7c1HKqw3nEwZ2CEWZ44Yq83PpO7hjlnAb-HfvLSH5m-vYuLf6BsQVG2As80qCGipUCFqRe3UyIVHCEwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoEDcKPyI5Sl8AqxUCzDgPJnMzL1oZBAnYuv4R-plGrTTr34zFmDk%26sig%3DAOD64_27gH6hY81Qs24LBJ_dbnsT6AQxSA%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-An0e7CPGuQGBVc8uyHXpwcvdXeSQY6moF7PvpP-0USDc_iPp97TbwGUM8DBVDKf5erX9Loll4sCt9hCNigtTiFKfZuDCI4CH6M3JBt6e0_UaeLuUJqW_0m3m-R5Ns11h0J9hFoNSJJkLVyZkk2P62q6pdW2g%26cry%3D1%26dbm_d%3DAKAmf-DVcrhS5R_rfQ2DFGSpdFAa0t1qsYUi6GQp9eOnbr0yxZoGUX6GlCSXcO-8hQlPzyrq1s8p6fkodeAaXXtAhHKyWjsET1RRUqFVXx5rZQO08fQON5BOah1Nq_gaucYMcOaHOtsbmMwddcmHBnx3MoBIH58zRiLSWRaI38lRBDhIFJJsuie9iXJTAwUW9VFVvGd_fhD_XZAyJEmvOLLHn2CEr5jK2L4QCKQmuh9za2ci-pRjW0bE9gQeTQ9t6CgjE8kdEPcmLwAA7FTCaQzdkwhlZN2EwDdIJ86NjfKlRy8i8jDfIUBy9dOiBTpvcNAIFLkXrhXLdAfmMkCDVbkhInzPCuaBo8zrs73_To8OaXb1a-x8ZtZ8Q7DRcpLiitqqhSU3WBAbHU4oQrwmkYPuw5pPk_0An2oRvADQ4Og8rYfFCN5GjOSZYzU2tGpu8zIs2QUP_W8a7piUIYVbDbSP4tPXqLlsc7W90JoXQkqp66gT-8QxXlf18NmqcS2nUcGtRkvHbjEJpBEzAcBiseAHajvvurs6mvzwP7z1uvxeUQYcjUNzQ0Zwp0VLjO1gKeJEzIlBQUOs%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=3129183823265&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 204d819ff1a70e015a9c14663beef905e6d60312d3b651510e15beb1be7b783d

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2028
Content-Type: text/html; charset=utf-8
Date: Mon, 29 Aug 2022 00:46:01 GMT
Expires: Mon, 29 Aug 2022 01:46:01 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 7C7C
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=53753900006868500757597012066027
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=53753900006868500757597012066027
https://ad-server.eu/wm/pb/native.png

68 B
312 B

140ms
28ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:50:13 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Mon, 29 Aug 2022 00:46:01 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 515F052C:C4D4_91EFC182:01BB_630C0C49_5153BB7:1F22D
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=15768000
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 0506 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 20:47:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Aug 2023 20:47:52 GMT

GET
DATA 200
OK truncated
/ Frame 7C7C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c08b4b19d3e685e573be8c23b4f455fc0ac3eb111530a13f0a2e73c7b88ed20b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 1043 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 20:47:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Aug 2023 20:47:52 GMT

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 1251 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 20:47:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Aug 2023 20:47:52 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 82D9
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=95808200007473000757597012066001&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95808200007473000757597012066001&actionid=981741&produktid=&dt_url=

0
89 B

15ms
14ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95808200007473000757597012066001&actionid=981741&produktid=&dt_url=

Requested by

Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=40f69bddc3&subid=&uid=ddbf13a54f2064e6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCg6vSSAwMY67nGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0LM3By6d4TEn4zHgTgiHutc6lH7jnb0HIU8njCRSarxtVY0A2Oaf7p70KnYK3xuBTOY2QpN3lPVfogSBnmS7bUR-Z8SKdDAA5E0BxsMul0M8fUeZ6j_27FQWzjL2p0tKNaYpyQORJ64yYsVLsx_SWjwzC0QVw8zr3PxadfpGR_tf5qKUVSoWBot6tq466l_HPJAuyJK7g5PlQVBL7dGlxYMKB4wV79Qy4nc17YCStB13vp1a2uh7MN4aZEhxTgQJCtI66Fmxk_s2Iie7tAZwo73HCoP7ClIcTbkiU1Aht2CB7dvzez5wyYMIwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoPfgJu7pv9GueH7MhuEvoKPGkqSyaVq2098pEOb2xS7cbSxG_2xM%26sig%3DAOD64_0G3iSeJ8n4QjhgFGktUMQHUe4G8A%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-A5I5TSCCXPOFOPIddZUe_rF-0vwyPDql3uKTofhpUwfl9NmhxI_MCupMifmlb2ApZvOA2tTw_f4xsJLhxwYksPLWLW2g3iB5LA5C1mrrQrYO6vPYoN_HbAs_aO7T0f6EHWqZpWQkFp8FkItCAuJWCG-PaGYQ%26cry%3D1%26dbm_d%3DAKAmf-CoEPLvxiJZBBRgKS_q45bgh8qjk4_JAHICJHyyc3KAUmtUzpOv3BxJ9oIGpQkIyDzd64WGAu444sOLVBhyzrwE0Sh0GX4hQdUBbW6wZOcnySOMo6UdHIDKwGZ3qRg-JTeJV74wLAtReauYHPbHFjJTxNTZVPFHVsxn6w13Pk5cdEfMGF_aWpXwiBNJqUvZfPkCgjaXWbL0244mgZqoCp4FsQcaVc-B-G60ctKWt4YSzlIBpu4Crat86t1VzeGG7MgAOJWEfuqlnhPX0Ib3TRCGZQkBKEZ5YQY5oXy68-hADZl7qfbo4XCRMzivj4uFpRkdEF7aSvOEqdzogSob5p7VTICGVNzMkzsO1WR7EaB1NJibMfnFpIKUQSzRYvN2Q8hNeQYsAFukKPxNUx3p-MbjNMDOhAVJJMNz-vjS1MgsQ9PuiBhP3-hY-3AnW4te-TS-CLvYMmPjE7LcepYx5CP1pghDQz6KQfQHj0zpFNg7fvJRKIz9xDzeBAffi2UBvGAe_8l48OfW8hnYAGnw3A0gPyv3zQ8ch47fVukLG27pmsy-CNnwxu7PqLx_n0e08PuHpnpX%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=8333485531652&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 29 Aug 2022 00:46:01 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 29 Aug 2022 02:46:01 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Mon, 29 Aug 2022 00:46:01 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95808200007473000757597012066001&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: 515F052C:C4C4_91EFC182:01BB_630C0C49_5130420:2A46A

GET
H2 403 / Show response
adv.office-partner.de/ Frame CA41 1 KB
727 B 8ms
7ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=40f69bddc3&subid=&uid=ddbf13a54f2064e6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCg6vSSAwMY67nGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0LM3By6d4TEn4zHgTgiHutc6lH7jnb0HIU8njCRSarxtVY0A2Oaf7p70KnYK3xuBTOY2QpN3lPVfogSBnmS7bUR-Z8SKdDAA5E0BxsMul0M8fUeZ6j_27FQWzjL2p0tKNaYpyQORJ64yYsVLsx_SWjwzC0QVw8zr3PxadfpGR_tf5qKUVSoWBot6tq466l_HPJAuyJK7g5PlQVBL7dGlxYMKB4wV79Qy4nc17YCStB13vp1a2uh7MN4aZEhxTgQJCtI66Fmxk_s2Iie7tAZwo73HCoP7ClIcTbkiU1Aht2CB7dvzez5wyYMIwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoPfgJu7pv9GueH7MhuEvoKPGkqSyaVq2098pEOb2xS7cbSxG_2xM%26sig%3DAOD64_0G3iSeJ8n4QjhgFGktUMQHUe4G8A%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-A5I5TSCCXPOFOPIddZUe_rF-0vwyPDql3uKTofhpUwfl9NmhxI_MCupMifmlb2ApZvOA2tTw_f4xsJLhxwYksPLWLW2g3iB5LA5C1mrrQrYO6vPYoN_HbAs_aO7T0f6EHWqZpWQkFp8FkItCAuJWCG-PaGYQ%26cry%3D1%26dbm_d%3DAKAmf-CoEPLvxiJZBBRgKS_q45bgh8qjk4_JAHICJHyyc3KAUmtUzpOv3BxJ9oIGpQkIyDzd64WGAu444sOLVBhyzrwE0Sh0GX4hQdUBbW6wZOcnySOMo6UdHIDKwGZ3qRg-JTeJV74wLAtReauYHPbHFjJTxNTZVPFHVsxn6w13Pk5cdEfMGF_aWpXwiBNJqUvZfPkCgjaXWbL0244mgZqoCp4FsQcaVc-B-G60ctKWt4YSzlIBpu4Crat86t1VzeGG7MgAOJWEfuqlnhPX0Ib3TRCGZQkBKEZ5YQY5oXy68-hADZl7qfbo4XCRMzivj4uFpRkdEF7aSvOEqdzogSob5p7VTICGVNzMkzsO1WR7EaB1NJibMfnFpIKUQSzRYvN2Q8hNeQYsAFukKPxNUx3p-MbjNMDOhAVJJMNz-vjS1MgsQ9PuiBhP3-hY-3AnW4te-TS-CLvYMmPjE7LcepYx5CP1pghDQz6KQfQHj0zpFNg7fvJRKIz9xDzeBAffi2UBvGAe_8l48OfW8hnYAGnw3A0gPyv3zQ8ch47fVukLG27pmsy-CNnwxu7PqLx_n0e08PuHpnpX%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=8333485531652&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 1d2009e4aea51a8e6a0f6404f282d8948f473e26f80e45c7ed9bbb12e470d661

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 29 Aug 2022 00:46:01 GMT
etag: W/"5ca0a75f-59f"
server: keycdn-engine
x-edge-location: defr

GET
H2

200

htlp Show response
futalis.de/ Frame 682D
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=95808200007473000757597012066001&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844596

350 B
409 B

69ms
6ms

Document
text/html

167.233.14.134
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844596
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=40f69bddc3&subid=&uid=ddbf13a54f2064e6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCg6vSSAwMY67nGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0LM3By6d4TEn4zHgTgiHutc6lH7jnb0HIU8njCRSarxtVY0A2Oaf7p70KnYK3xuBTOY2QpN3lPVfogSBnmS7bUR-Z8SKdDAA5E0BxsMul0M8fUeZ6j_27FQWzjL2p0tKNaYpyQORJ64yYsVLsx_SWjwzC0QVw8zr3PxadfpGR_tf5qKUVSoWBot6tq466l_HPJAuyJK7g5PlQVBL7dGlxYMKB4wV79Qy4nc17YCStB13vp1a2uh7MN4aZEhxTgQJCtI66Fmxk_s2Iie7tAZwo73HCoP7ClIcTbkiU1Aht2CB7dvzez5wyYMIwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoPfgJu7pv9GueH7MhuEvoKPGkqSyaVq2098pEOb2xS7cbSxG_2xM%26sig%3DAOD64_0G3iSeJ8n4QjhgFGktUMQHUe4G8A%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-A5I5TSCCXPOFOPIddZUe_rF-0vwyPDql3uKTofhpUwfl9NmhxI_MCupMifmlb2ApZvOA2tTw_f4xsJLhxwYksPLWLW2g3iB5LA5C1mrrQrYO6vPYoN_HbAs_aO7T0f6EHWqZpWQkFp8FkItCAuJWCG-PaGYQ%26cry%3D1%26dbm_d%3DAKAmf-CoEPLvxiJZBBRgKS_q45bgh8qjk4_JAHICJHyyc3KAUmtUzpOv3BxJ9oIGpQkIyDzd64WGAu444sOLVBhyzrwE0Sh0GX4hQdUBbW6wZOcnySOMo6UdHIDKwGZ3qRg-JTeJV74wLAtReauYHPbHFjJTxNTZVPFHVsxn6w13Pk5cdEfMGF_aWpXwiBNJqUvZfPkCgjaXWbL0244mgZqoCp4FsQcaVc-B-G60ctKWt4YSzlIBpu4Crat86t1VzeGG7MgAOJWEfuqlnhPX0Ib3TRCGZQkBKEZ5YQY5oXy68-hADZl7qfbo4XCRMzivj4uFpRkdEF7aSvOEqdzogSob5p7VTICGVNzMkzsO1WR7EaB1NJibMfnFpIKUQSzRYvN2Q8hNeQYsAFukKPxNUx3p-MbjNMDOhAVJJMNz-vjS1MgsQ9PuiBhP3-hY-3AnW4te-TS-CLvYMmPjE7LcepYx5CP1pghDQz6KQfQHj0zpFNg7fvJRKIz9xDzeBAffi2UBvGAe_8l48OfW8hnYAGnw3A0gPyv3zQ8ch47fVukLG27pmsy-CNnwxu7PqLx_n0e08PuHpnpX%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=8333485531652&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.233.14.134 Oberschleissheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-2.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 29 Aug 2022 00:46:01 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844596
p3p: policyref="https://www.retailads.net//w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache

GET
H2 200 link.html Show response
track.webgains.com/ Frame 9A6A 2 KB
2 KB 53ms
52ms Script
text/html 52.56.49.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=95808200007473000757597012066001&nw=1
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.49.215 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-49-215.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 7dbf3e1e6ab3244c06fb7cf5515e130b38eae37473dce4f8e279c3dcee192275

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:01 GMT
last-modified: Mon, 29 Aug 2022 00:46:01 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 29 Aug 2022 00:47:01 GMT

GET
H/1.1 200
OK request_content.php Show response
hal90001.redintelligence.net/ Frame C995 7 KB
2 KB 21ms
7ms Document
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/request_content.php?s=95808200007473000757597012066001&a=02bc593f
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=40f69bddc3&subid=&uid=ddbf13a54f2064e6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCg6vSSAwMY67nGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0LM3By6d4TEn4zHgTgiHutc6lH7jnb0HIU8njCRSarxtVY0A2Oaf7p70KnYK3xuBTOY2QpN3lPVfogSBnmS7bUR-Z8SKdDAA5E0BxsMul0M8fUeZ6j_27FQWzjL2p0tKNaYpyQORJ64yYsVLsx_SWjwzC0QVw8zr3PxadfpGR_tf5qKUVSoWBot6tq466l_HPJAuyJK7g5PlQVBL7dGlxYMKB4wV79Qy4nc17YCStB13vp1a2uh7MN4aZEhxTgQJCtI66Fmxk_s2Iie7tAZwo73HCoP7ClIcTbkiU1Aht2CB7dvzez5wyYMIwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoPfgJu7pv9GueH7MhuEvoKPGkqSyaVq2098pEOb2xS7cbSxG_2xM%26sig%3DAOD64_0G3iSeJ8n4QjhgFGktUMQHUe4G8A%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-A5I5TSCCXPOFOPIddZUe_rF-0vwyPDql3uKTofhpUwfl9NmhxI_MCupMifmlb2ApZvOA2tTw_f4xsJLhxwYksPLWLW2g3iB5LA5C1mrrQrYO6vPYoN_HbAs_aO7T0f6EHWqZpWQkFp8FkItCAuJWCG-PaGYQ%26cry%3D1%26dbm_d%3DAKAmf-CoEPLvxiJZBBRgKS_q45bgh8qjk4_JAHICJHyyc3KAUmtUzpOv3BxJ9oIGpQkIyDzd64WGAu444sOLVBhyzrwE0Sh0GX4hQdUBbW6wZOcnySOMo6UdHIDKwGZ3qRg-JTeJV74wLAtReauYHPbHFjJTxNTZVPFHVsxn6w13Pk5cdEfMGF_aWpXwiBNJqUvZfPkCgjaXWbL0244mgZqoCp4FsQcaVc-B-G60ctKWt4YSzlIBpu4Crat86t1VzeGG7MgAOJWEfuqlnhPX0Ib3TRCGZQkBKEZ5YQY5oXy68-hADZl7qfbo4XCRMzivj4uFpRkdEF7aSvOEqdzogSob5p7VTICGVNzMkzsO1WR7EaB1NJibMfnFpIKUQSzRYvN2Q8hNeQYsAFukKPxNUx3p-MbjNMDOhAVJJMNz-vjS1MgsQ9PuiBhP3-hY-3AnW4te-TS-CLvYMmPjE7LcepYx5CP1pghDQz6KQfQHj0zpFNg7fvJRKIz9xDzeBAffi2UBvGAe_8l48OfW8hnYAGnw3A0gPyv3zQ8ch47fVukLG27pmsy-CNnwxu7PqLx_n0e08PuHpnpX%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=8333485531652&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 8046842cee252ba6b023a341edf49e091df274268bf1e816db3ac2fdccf0f863

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2043
Content-Type: text/html; charset=utf-8
Date: Mon, 29 Aug 2022 00:46:01 GMT
Expires: Mon, 29 Aug 2022 01:46:01 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 9A6A
Redirect Chain

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=95808200007473000757597012066001
https://ad-server.eu/wm/pb/native.png

68 B
312 B

179ms
29ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:50:13 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Mon, 29 Aug 2022 00:46:01 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 515F052C:C4CE_91EFC182:01BB_630C0C49_51584B3:1F22E
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=15768000
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/5976478001652688715/ Frame 86F0 3 KB
1 KB 8ms
8ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5976478001652688715/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5976478001652688715/1657637830060.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5976478001652688715/1657637830060.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 07:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322835
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1365
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 07:04:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Aug 2023 07:05:26 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/5976478001652688715/ Frame 5ED0 3 KB
1 KB 8ms
8ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5976478001652688715/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5976478001652688715/1657637830060.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5976478001652688715/1657637830060.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 07:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322835
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1365
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 07:04:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Aug 2023 07:05:26 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/10725954732868190736/ Frame 67ED 3 KB
1 KB 8ms
8ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10725954732868190736/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324355
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1365
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 06:39:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Aug 2023 06:40:06 GMT

GET
H2 200 vbl.gif
pre.glotgrx.com/ 26 B
134 B 13ms
13ms Image
image/gif 2606:4700::6810:75c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1661733961578&rnd=vsdutm7ei9ni&ifm=0&uai=1&cid=954&s=bongdaplus.vn&p=1488783944&x=gammassp&adtg=1488784986&ats=1600x1200&atf=&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=1488783994&icp=https%253A//bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&impid=&idl=&ttduid=&id5=&emh=
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:75c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:01 GMT
cf-cache-status: HIT
last-modified: Fri, 26 Aug 2022 17:37:39 GMT
server: cloudflare
age: 2112
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7421446be8d29a18-FRA
content-length: 26
expires: Mon, 29 Aug 2022 02:46:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D078 4 KB
1 KB 41ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=53753900006868500757597012066027&a=f9b479f9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 28 Aug 2022 23:34:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 29 Aug 2022 00:46:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Aug 2022 00:46:01 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D078 92 KB
92 KB 99ms
84ms Image
image/png 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=53753900006868500757597012066027&a=f9b479f9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: b9f237c470e5f7e47ebcd83e623e923b39fae432ebf49c6e04710bb056562761

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D078 76 KB
77 KB 74ms
59ms Image
image/png 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=53753900006868500757597012066027&a=f9b479f9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e8cef7681505748235ee32368c0fa14d0f63ef2163d50208bc0369df3912770d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D078 64 KB
64 KB 127ms
111ms Image
image/png 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=53753900006868500757597012066027&a=f9b479f9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 7dd34ce243727d4e17f47d507e0ab9de119f3be68ac893710ca75f42c21621b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:01 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 65255
Vary: Accept-Encoding
Content-Type: image/png

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 0B69
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873b94a5452a6696367?subid=78214100005187700757589012066006&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78214100005187700757589012066006&actionid=981741&produktid=&dt_url=

0
201 B

16ms
14ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78214100005187700757589012066006&actionid=981741&produktid=&dt_url=

Requested by

Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=f8849963f7&subid=&uid=bd4a8fb040da1e2e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGtPPSAwMY63nGKqMx_AP7Oe8oAfdreioYLuP39SICvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0ALJTodBb37jEVHmjv1bYeJ6ul1304zTfkKze7-_7MwDAUKbSY5yaYaZ6hz2jvlyXYA60IQwEDTraWKuxk1U_s-WZ83bngqCfgHclKwuLIK4e44Q73obxCFj2AcIWnQuDrR3z0fUClbdqM_CSY5g81AxEigd56yaaFoSchZT69vU-2x7qHw0pmOQ4QCYn69vHUtbn_Xm4PH86rOtjOGG6rPmCYqMZKKyMWXj3v5ycgD8Uxtz0f8lNH6pEa_DolNIwefb2nhLEDVyM69kwsukNyAiXnFx0pzUKjq3d8t2bN8CWb1Bq8NNYQrfwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoJHFtfBuo6-xWww-GF8BaNl4Wsoh13394ptNzu7madzvzbOI6ZO0%26sig%3DAOD64_0cO9GpfH7BUl0qkSZdyrZnFWGH5A%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-D1izvSUkycX95t2dV0kVm38FOKQj0iF_tXNH6cyvhhZLJ-dYeDG-2OokiZrzp63AWUdMMyJ6NXlwYm2FoSht-7SQdX6mtv6n7ecNeyfIHJiA_9x8qvGTp2DBrnduPjsTBRpOVLTQm7z_Z5xcMqxJoi_XnTEg%26cry%3D1%26dbm_d%3DAKAmf-BhzE2vtN40GRsk7GqU6kQmBqaYj7qNQv4jEua_Z1i3UrdSeYpoIT29EZ8wqNyKAQzfgHrAlEOHQuMb0rr9n4ZtD3n3GocBxIhY54I-GxexJmSUr9wDwsAk82th6fY8OEkyi0anLHuj5WUHuadmuzIV-TzzUid0rwtGjL11PKu54T0lPHjW_mSVcizeRlqwt0qUbY32MAD2nyacrC8upJotVeHo9_t61Er_gjVROkoOogggcIMCu8oEVNy5mlCvctOE9w407nsBhcLdhbX74SRF9-X6ZfGhiLLAfYBH28zGBUDtB7sxZ4_DpoBmg0XMgn2Dz0H96V5Udo49ZPEgmMIYs1p4vbme3fPacQ5V69HoJTgnpL-DdjXP9DBk3cKLFAdIHHzL-IE0G4ZCYaxibXRfEOvUphpRjURZGpPm8xqpgdRuHAl9hTAfw1xdIgI92W5DF9OnGqF-lP_PsK_Fc_7jwgD59TYif1ogLbnigRhc45AnI5piKn0Ugv7u0DpPaMR7Wg1UE37HMEYCC6tM8mDRiqn0G7Zq98Zp0DwdGpHnx5KmGofaBBAr7LwXViAOW4gvnm2J%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=8990420258023&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 29 Aug 2022 00:46:01 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 29 Aug 2022 02:46:02 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Mon, 29 Aug 2022 00:46:01 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78214100005187700757589012066006&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40028
X-IPLB-Request-ID: 515F052C:C4CE_91EFC182:01BB_630C0C49_51584B5:1F22E

GET
H/1.1 200
OK request_content.php Show response
hal90006.redintelligence.net/ Frame 0BD7 7 KB
3 KB 21ms
7ms Document
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/request_content.php?s=78214100005187700757589012066006&a=583bdfce
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=f8849963f7&subid=&uid=bd4a8fb040da1e2e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGtPPSAwMY63nGKqMx_AP7Oe8oAfdreioYLuP39SICvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0ALJTodBb37jEVHmjv1bYeJ6ul1304zTfkKze7-_7MwDAUKbSY5yaYaZ6hz2jvlyXYA60IQwEDTraWKuxk1U_s-WZ83bngqCfgHclKwuLIK4e44Q73obxCFj2AcIWnQuDrR3z0fUClbdqM_CSY5g81AxEigd56yaaFoSchZT69vU-2x7qHw0pmOQ4QCYn69vHUtbn_Xm4PH86rOtjOGG6rPmCYqMZKKyMWXj3v5ycgD8Uxtz0f8lNH6pEa_DolNIwefb2nhLEDVyM69kwsukNyAiXnFx0pzUKjq3d8t2bN8CWb1Bq8NNYQrfwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoJHFtfBuo6-xWww-GF8BaNl4Wsoh13394ptNzu7madzvzbOI6ZO0%26sig%3DAOD64_0cO9GpfH7BUl0qkSZdyrZnFWGH5A%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-D1izvSUkycX95t2dV0kVm38FOKQj0iF_tXNH6cyvhhZLJ-dYeDG-2OokiZrzp63AWUdMMyJ6NXlwYm2FoSht-7SQdX6mtv6n7ecNeyfIHJiA_9x8qvGTp2DBrnduPjsTBRpOVLTQm7z_Z5xcMqxJoi_XnTEg%26cry%3D1%26dbm_d%3DAKAmf-BhzE2vtN40GRsk7GqU6kQmBqaYj7qNQv4jEua_Z1i3UrdSeYpoIT29EZ8wqNyKAQzfgHrAlEOHQuMb0rr9n4ZtD3n3GocBxIhY54I-GxexJmSUr9wDwsAk82th6fY8OEkyi0anLHuj5WUHuadmuzIV-TzzUid0rwtGjL11PKu54T0lPHjW_mSVcizeRlqwt0qUbY32MAD2nyacrC8upJotVeHo9_t61Er_gjVROkoOogggcIMCu8oEVNy5mlCvctOE9w407nsBhcLdhbX74SRF9-X6ZfGhiLLAfYBH28zGBUDtB7sxZ4_DpoBmg0XMgn2Dz0H96V5Udo49ZPEgmMIYs1p4vbme3fPacQ5V69HoJTgnpL-DdjXP9DBk3cKLFAdIHHzL-IE0G4ZCYaxibXRfEOvUphpRjURZGpPm8xqpgdRuHAl9hTAfw1xdIgI92W5DF9OnGqF-lP_PsK_Fc_7jwgD59TYif1ogLbnigRhc45AnI5piKn0Ugv7u0DpPaMR7Wg1UE37HMEYCC6tM8mDRiqn0G7Zq98Zp0DwdGpHnx5KmGofaBBAr7LwXViAOW4gvnm2J%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=8990420258023&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a68fcee04f6a1d6cfb2379cb7abf3cadad924ecca77c51f57dd191e7897e1a66

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2341
Content-Type: text/html; charset=utf-8
Date: Mon, 29 Aug 2022 00:46:01 GMT
Expires: Mon, 29 Aug 2022 01:46:01 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 6A34
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=59070900006437100757597012066020&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=59070900006437100757597012066020&actionid=981741&produktid=&dt_url=

0
89 B

13ms
13ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=59070900006437100757597012066020&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=82410ddfad&subid=&uid=cb0be608643a9e36&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbBjYSAwMY7DnGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0KxOMzwxg7rT45ySZpmjMkRtGJPxaeKTM01NJCOfrGk97iK8P5rNgxoC36bbvDOjUDhIoGJlCa-RS8yb_WgNfyGhOOQFGxyprjx-Rrr9bmbE0rabhIDq8MOwi96XcjyE4-DYWorTV132DZsVWq5sCXgvtTp1cEFZh9Fr--FJgskzTMZp-R6lS-Ee2BUkK1q6OBxbNp4-hWpGSupI967R-mPLuGBKnhmklllWyYFWEoP9ejFRd-jVFJAhIIct_ANzddvVxIYJp6iI07NKC8CESD4O5ehAS3d1Z8AI9fAz6xmyYXK2-1SL3OEywATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoEZW3D38_eWV20ioVVCOtoB7AM0dea2_H01GIAx3bfIwOEs9sTBA%26sig%3DAOD64_1j9vWMT3mOWUWYNKOVt-D4rNSCVQ%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-CSZRo2D66z62r2T7wfBbFHD5sULTdUMjvz8xKdhFZ770KKjAt3wCoJER5E1A3VNVcp-pHOKkkXS3CDtiXUbRnIV31FtwksnlIzZr5i8men6mHb6S5MaTdwojzBO1fevvy2twkK-pSkELM9wdftdE4mp6oguA%26cry%3D1%26dbm_d%3DAKAmf-CXIvbegyP--JYG5DfU09-os1ffZET-nukrMpskPcue-xO8fTpqT_VwtYuEdWcIIE9usEAbxCiRXVXc1pPBp-4unQ7ZN20LdrOcoaxEa97My5bFNx1uwoiR7ejfhH4NRD1Xuni1f0z4dgw-9RACpSnxw-SNwvBCQ8WQ7Us7RmEnIip5mgotv9UTPGxcomsJjDdcGby4LpMhN9pTZiAqXmXFHezWyI6Wy2VML-XIXxmsyYSH1vReTzdp87eN1tCSeAD3gW--7PtVSK6a_sdVPhZS8ceinAeyJrxgNQ442DbeJ60ZSUZOIZnzZ__LcUO6p8rwrMa6vWI7fVplAqu1v0PO-OmPaOcjYrnEtfZomaBZihiH9RvQmsyOTLwuz_se3-ZhrYiCH29TEBNC-uh3yFfm3BsQMqW4mXnlWD9G6Jhamc-2qrUxk7EsCzfx69feeqNwNSDT58XS9XIJ6E7elUVvqdYKJJXps_KJ3nN7tzC1XpfVHv88lsydDsblLi29soY0YNdeCr7j8PrxolJHDceT-7fj7I-7aOsPEzx32IpSqYHp-t3WhstpQXdu4OuCjE_NxW06%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=1982185133108&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 29 Aug 2022 00:46:01 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 29 Aug 2022 02:46:02 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Mon, 29 Aug 2022 00:46:01 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=59070900006437100757597012066020&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: 515F052C:C4C4_91EFC182:01BB_630C0C49_5130423:2A46A

GET
H2 403 / Show response
adv.office-partner.de/ Frame A234 1 KB
727 B 9ms
8ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=82410ddfad&subid=&uid=cb0be608643a9e36&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbBjYSAwMY7DnGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0KxOMzwxg7rT45ySZpmjMkRtGJPxaeKTM01NJCOfrGk97iK8P5rNgxoC36bbvDOjUDhIoGJlCa-RS8yb_WgNfyGhOOQFGxyprjx-Rrr9bmbE0rabhIDq8MOwi96XcjyE4-DYWorTV132DZsVWq5sCXgvtTp1cEFZh9Fr--FJgskzTMZp-R6lS-Ee2BUkK1q6OBxbNp4-hWpGSupI967R-mPLuGBKnhmklllWyYFWEoP9ejFRd-jVFJAhIIct_ANzddvVxIYJp6iI07NKC8CESD4O5ehAS3d1Z8AI9fAz6xmyYXK2-1SL3OEywATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoEZW3D38_eWV20ioVVCOtoB7AM0dea2_H01GIAx3bfIwOEs9sTBA%26sig%3DAOD64_1j9vWMT3mOWUWYNKOVt-D4rNSCVQ%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-CSZRo2D66z62r2T7wfBbFHD5sULTdUMjvz8xKdhFZ770KKjAt3wCoJER5E1A3VNVcp-pHOKkkXS3CDtiXUbRnIV31FtwksnlIzZr5i8men6mHb6S5MaTdwojzBO1fevvy2twkK-pSkELM9wdftdE4mp6oguA%26cry%3D1%26dbm_d%3DAKAmf-CXIvbegyP--JYG5DfU09-os1ffZET-nukrMpskPcue-xO8fTpqT_VwtYuEdWcIIE9usEAbxCiRXVXc1pPBp-4unQ7ZN20LdrOcoaxEa97My5bFNx1uwoiR7ejfhH4NRD1Xuni1f0z4dgw-9RACpSnxw-SNwvBCQ8WQ7Us7RmEnIip5mgotv9UTPGxcomsJjDdcGby4LpMhN9pTZiAqXmXFHezWyI6Wy2VML-XIXxmsyYSH1vReTzdp87eN1tCSeAD3gW--7PtVSK6a_sdVPhZS8ceinAeyJrxgNQ442DbeJ60ZSUZOIZnzZ__LcUO6p8rwrMa6vWI7fVplAqu1v0PO-OmPaOcjYrnEtfZomaBZihiH9RvQmsyOTLwuz_se3-ZhrYiCH29TEBNC-uh3yFfm3BsQMqW4mXnlWD9G6Jhamc-2qrUxk7EsCzfx69feeqNwNSDT58XS9XIJ6E7elUVvqdYKJJXps_KJ3nN7tzC1XpfVHv88lsydDsblLi29soY0YNdeCr7j8PrxolJHDceT-7fj7I-7aOsPEzx32IpSqYHp-t3WhstpQXdu4OuCjE_NxW06%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=1982185133108&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 1d2009e4aea51a8e6a0f6404f282d8948f473e26f80e45c7ed9bbb12e470d661

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 29 Aug 2022 00:46:01 GMT
etag: W/"5ca0a75f-59f"
server: keycdn-engine
x-edge-location: defr

GET
H2

200

htlp Show response
futalis.de/ Frame 630E
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=59070900006437100757597012066020&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844597

350 B
409 B

29ms
11ms

Document
text/html

167.233.14.134
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844597
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=82410ddfad&subid=&uid=cb0be608643a9e36&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbBjYSAwMY7DnGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0KxOMzwxg7rT45ySZpmjMkRtGJPxaeKTM01NJCOfrGk97iK8P5rNgxoC36bbvDOjUDhIoGJlCa-RS8yb_WgNfyGhOOQFGxyprjx-Rrr9bmbE0rabhIDq8MOwi96XcjyE4-DYWorTV132DZsVWq5sCXgvtTp1cEFZh9Fr--FJgskzTMZp-R6lS-Ee2BUkK1q6OBxbNp4-hWpGSupI967R-mPLuGBKnhmklllWyYFWEoP9ejFRd-jVFJAhIIct_ANzddvVxIYJp6iI07NKC8CESD4O5ehAS3d1Z8AI9fAz6xmyYXK2-1SL3OEywATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoEZW3D38_eWV20ioVVCOtoB7AM0dea2_H01GIAx3bfIwOEs9sTBA%26sig%3DAOD64_1j9vWMT3mOWUWYNKOVt-D4rNSCVQ%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-CSZRo2D66z62r2T7wfBbFHD5sULTdUMjvz8xKdhFZ770KKjAt3wCoJER5E1A3VNVcp-pHOKkkXS3CDtiXUbRnIV31FtwksnlIzZr5i8men6mHb6S5MaTdwojzBO1fevvy2twkK-pSkELM9wdftdE4mp6oguA%26cry%3D1%26dbm_d%3DAKAmf-CXIvbegyP--JYG5DfU09-os1ffZET-nukrMpskPcue-xO8fTpqT_VwtYuEdWcIIE9usEAbxCiRXVXc1pPBp-4unQ7ZN20LdrOcoaxEa97My5bFNx1uwoiR7ejfhH4NRD1Xuni1f0z4dgw-9RACpSnxw-SNwvBCQ8WQ7Us7RmEnIip5mgotv9UTPGxcomsJjDdcGby4LpMhN9pTZiAqXmXFHezWyI6Wy2VML-XIXxmsyYSH1vReTzdp87eN1tCSeAD3gW--7PtVSK6a_sdVPhZS8ceinAeyJrxgNQ442DbeJ60ZSUZOIZnzZ__LcUO6p8rwrMa6vWI7fVplAqu1v0PO-OmPaOcjYrnEtfZomaBZihiH9RvQmsyOTLwuz_se3-ZhrYiCH29TEBNC-uh3yFfm3BsQMqW4mXnlWD9G6Jhamc-2qrUxk7EsCzfx69feeqNwNSDT58XS9XIJ6E7elUVvqdYKJJXps_KJ3nN7tzC1XpfVHv88lsydDsblLi29soY0YNdeCr7j8PrxolJHDceT-7fj7I-7aOsPEzx32IpSqYHp-t3WhstpQXdu4OuCjE_NxW06%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=1982185133108&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.233.14.134 Oberschleissheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-2.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 29 Aug 2022 00:46:01 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844597
p3p: policyref="https://www.retailads.net//w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache

GET
H2 200 link.html Show response
track.webgains.com/ Frame EB3E 2 KB
2 KB 77ms
76ms Script
text/html 52.56.49.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=59070900006437100757597012066020&nw=1
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.49.215 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-49-215.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 4519661bd0fd038549723cf4e4c0771a020c37054a0640773c578b71d3940b7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:01 GMT
last-modified: Mon, 29 Aug 2022 00:46:01 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 29 Aug 2022 00:47:01 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900020.redintelligence.net/ Frame 43B8 7 KB
2 KB 21ms
8ms Document
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/request_content.php?s=59070900006437100757597012066020&a=ee12f33f
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=82410ddfad&subid=&uid=cb0be608643a9e36&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbBjYSAwMY7DnGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0KxOMzwxg7rT45ySZpmjMkRtGJPxaeKTM01NJCOfrGk97iK8P5rNgxoC36bbvDOjUDhIoGJlCa-RS8yb_WgNfyGhOOQFGxyprjx-Rrr9bmbE0rabhIDq8MOwi96XcjyE4-DYWorTV132DZsVWq5sCXgvtTp1cEFZh9Fr--FJgskzTMZp-R6lS-Ee2BUkK1q6OBxbNp4-hWpGSupI967R-mPLuGBKnhmklllWyYFWEoP9ejFRd-jVFJAhIIct_ANzddvVxIYJp6iI07NKC8CESD4O5ehAS3d1Z8AI9fAz6xmyYXK2-1SL3OEywATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoEZW3D38_eWV20ioVVCOtoB7AM0dea2_H01GIAx3bfIwOEs9sTBA%26sig%3DAOD64_1j9vWMT3mOWUWYNKOVt-D4rNSCVQ%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-CSZRo2D66z62r2T7wfBbFHD5sULTdUMjvz8xKdhFZ770KKjAt3wCoJER5E1A3VNVcp-pHOKkkXS3CDtiXUbRnIV31FtwksnlIzZr5i8men6mHb6S5MaTdwojzBO1fevvy2twkK-pSkELM9wdftdE4mp6oguA%26cry%3D1%26dbm_d%3DAKAmf-CXIvbegyP--JYG5DfU09-os1ffZET-nukrMpskPcue-xO8fTpqT_VwtYuEdWcIIE9usEAbxCiRXVXc1pPBp-4unQ7ZN20LdrOcoaxEa97My5bFNx1uwoiR7ejfhH4NRD1Xuni1f0z4dgw-9RACpSnxw-SNwvBCQ8WQ7Us7RmEnIip5mgotv9UTPGxcomsJjDdcGby4LpMhN9pTZiAqXmXFHezWyI6Wy2VML-XIXxmsyYSH1vReTzdp87eN1tCSeAD3gW--7PtVSK6a_sdVPhZS8ceinAeyJrxgNQ442DbeJ60ZSUZOIZnzZ__LcUO6p8rwrMa6vWI7fVplAqu1v0PO-OmPaOcjYrnEtfZomaBZihiH9RvQmsyOTLwuz_se3-ZhrYiCH29TEBNC-uh3yFfm3BsQMqW4mXnlWD9G6Jhamc-2qrUxk7EsCzfx69feeqNwNSDT58XS9XIJ6E7elUVvqdYKJJXps_KJ3nN7tzC1XpfVHv88lsydDsblLi29soY0YNdeCr7j8PrxolJHDceT-7fj7I-7aOsPEzx32IpSqYHp-t3WhstpQXdu4OuCjE_NxW06%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=1982185133108&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: 19bc4b53ced6b52c0de571b8ae0d0b8fb09188ffe9c4251b8f62506b2d812b75

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2018
Content-Type: text/html; charset=utf-8
Date: Mon, 29 Aug 2022 00:46:01 GMT
Expires: Mon, 29 Aug 2022 01:46:01 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame EB3E
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=59070900006437100757597012066020
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=59070900006437100757597012066020
https://ad-server.eu/wm/pb/native.png

68 B
312 B

28ms
28ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:50:13 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Mon, 29 Aug 2022 00:46:01 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 515F052C:C4D4_91EFC182:01BB_630C0C49_5153BBC:1F22D
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=15768000
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D652 0
26 B 62ms
45ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssBweAFDMLiKZzRLPQU0izo5Uom0-N-50v0ka-xN-NSmizLqvONoXPeL8-WRJlt1dupRMBDkRSHsg2l4ppK-_pjFkMmyklVhjuDE-2Go29JfnabsPc2oYDmssqa7DN93NQtwReClKvN6D9OqNKOOKJBG0igqBYTtUF3_qHfVJW8JhJ__Eq2P38CoCI1Y7Xvcl5J-BPwcZBT3_t4tBG37L98nbMQbuagyRdZCaUGKZmnZkXBcAsM9rnuu6eGtKl0LU5z-oeJPa2JSW2J-hgylHNqJXEdzVNBEsc_c5Yrjy6fqdjJmb_k8WLvm6eubsr_UscMzjedadeuRNFJ99vdLKcsJCnyZHzfDGrFbqORD36wu7CCJJ_9hCVrdjE3Y3sHF-n7CfcxTW9j_TIGfx_0kIwPrhYFkkat6ymAvEeyi7MLuMO0sQzn3NFtYzTed9PaZOetGTLr-GrWFhQwUh_ndxmS2joyqQnBYLl2SAq8J4wdE_fA0Sw9ZJga9Pq0t_khPPWVSS5LnStKak8rmjS_bBFckSNQQhrRKMWH2Yw50cmxnj1-Zeh-nST8lwlKEf6PDqvwjxA6X7396NbL7PDlyBQJWWsS1a1sZEmV_cFHj4Co04JRagd8E2eJUiz6TrS8TrFoZA7OBUN4ph2QgKyKpHWNxlVv8N49ykBGpQ342dhfZtlNJY3HUaSLyg9NHfW5YZTts-_vkigriOTCK792SuIlpkBwV6TPbdNxwZo-BxcKf9hidgPcaNrji6bhO4MihZILAAEpQvZ_iCpipr0jqEpvHPBB0owwcIe9GOLw0u0XTo7nVu_SqCWGBeG0y18x8hTjZeS10foWUeKfWEEnWj7p0cCVtKpXz2NqKjK66uhYZ1FpY0lMr87glW4j-liuME98Kd9JLoRK2tZRqdyjNnsz-6JX9ocFQQGjWFUUnT_q50H6kEcG2cX7AgTxWFLc2VQ5rEuesxJplqEhoZfJO7CkB7BHKj4x8ZqqcmHDRGH5z9vYVBmFKZ2mETcKjJKygYJeDsLMpCaUIBUgTTh4WYGGUIzI4gs7H9CQN04b6eiK0OYY-30HtgtxYQOxiO_7y1uLw83oMCFcjiS5mS0QC9ubs1qYXmK6fmepN_yR02AXwBKo9x3CXB0eKS79VKgO1Hel4d-25V5loBdd-fDoK2_Dxx3s2ox3h6UoCNUt8Jnud0R8dVBAX7XkYZVUabeyZkmhdwTrgseiSuGXL6NeGzVKKi_L&sai=AMfl-YQ-77cXujNca51zKYPtzb0Hs4Cn5GVAjKLbFEwDlYiQOSftWN2dBqobzMUcxoGQroc8MX5ddRP-YhcqnWKCTdFmxOcbyidBcvsDlfAkZjgC1pe2wtmgRomssVge01nnVD6_Mlhk2p8qi9Wka-aoH2JaSJ8CQET2HgY3ISHMTx_4SYdsLP3QgbfexfBNPIi2UbqrAe0Ax0OL4pWXlWy39Yw1kP7d2-NKag&sig=Cg0ArKJSzNmBkBmMQoYwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=665&vt=11&dtpt=425&dett=3&cstd=235&cisv=r20220822.14276&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Aug 2022 00:46:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame DB4C 0
26 B 52ms
47ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhrJi8kxNMtE7oT68OSEGhit51jyp2x8LGq09PfT1w9Xd2q0vHDHpAxqJX6XPY8Wr7YfCOixh63uYqXkXYZp5IsgSPMnJFqaUhJRpQ4zy8GZDD5ymPM34UiSHpW840GTzWgpzJkwHTIv7caOh8qbgoDK6pCTSpb8vNclYHmSYM3XNsGegb31ADlHJIMN9isjFPsJTzJ0-WA2UZ2yT0DDMl6fQhQqbKWPo2YWqFYkeirrpxKCv91jkdABC9zqAAVt6G82JBn6izoUgTkmsYq-ljKgXvI1hlnPCZij4cTdjAUbvYcDZ0PmYYC1E-2xlbar9S80ZpsA01MOpAKrWpj2kQGL0BT1XspcVqbp3yul0qsXEj7B-sRhajB_lTR1puErMG3BqaSaKY8Mip6Blk_YpAtg00TSeBRwiP9SGcRtVvjsDCgH2DKVNGhTVlqmUCq_cirukHeQiy71e1xMhj9chSRBPORnZITYTHe-h_FGURd_BbpYFepQ2LWkl6j_fU5Kl63TOmqdIXq1d13Usf2i3zrFXqCiqk5G6h7TFigol1F8PFeANG-YpAz9hskEWbJPhGmJ6kMk8QeCSvN5FKnco-WUS40UAx7_-rcdv89KNdCL-pIMV_-ECOPscDbgcTMFes3pABrWJ86SYRBZSz9Ti1VxC9N6j9lyu_sNjDiddrDjim81zDRsJtWeMosZiQ5lh8FPkshjHkfWBl-8TQYsGvAc4R5zUk6vjwu5BF3taKMgLIV_UKkzfmMnCmqYQ8s9D7jAa8Nkz7ePQCy8dUWTkZhEdEpzZBPti_xEqtcPxBFvQYOuKjqGW0UDX9j8_ldYd6Us8rmhjnWRU0MvPXL4j8gbWF631V_M1577llPsM3UPb4WOwCBlVHXD5E2pFZpSt7aExzj99SkBRZHKOc-gCe2bJTWUaDPz2onLrf1evQdMNmgG7T-hDXh_mOZqce-NJUXoLvBl4PsXt99zPOUj0rkYYArMny8Yb3JIiNwD6RX9bymD33XbSRLiLm_TuTQyMqQbEFOtbAmT-3eebeG2bK-R7Zz0YDjf-fMuFoi2ceinrk4jraEBt6zHduM6l4mQtxCR21DrnYsRSdbJw7IT-9AQjhySqD1kh2JXGl6IvwbWosC6_ha78-bTCG9H0hciT8Bmh1ZrF-RiznJsGo2hBxPs09_GzSWsO0GkKI7H7fyU9LwInZxdvuF667QxT3GIYMOCCkTaeShZBkNbdNVHOaSvI&sai=AMfl-YQ8DTZ7VBq8hftAraiDcYPLOcNfqk5VdYmPc81vxm5xyMeO-LjWJV3TyB8y1tw0D4FjqQhKGgUkn6UB2lwnMf-bMtGFzH2GdQ5VqqlSzHVzpawRE0BzMcDKqWLetwON-bI_wmfplbDeAfK9yRdZ8p151rQItVj3IXeNOpOdvaK3CMA2x5ly0zUMzdmmq2OfWeT5dUkuUjePhhisJsgeZpnXCbvIBPxMXQ&sig=Cg0ArKJSzIWJXXkJohx_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=665&vt=11&dtpt=422&dett=3&cstd=241&cisv=r20220822.85963&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Aug 2022 00:46:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 tracking_info.gif Show response
lg1.logging.admicro.vn/ 238 B
1 KB 290ms
290ms Script
application/javascript 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://lg1.logging.admicro.vn/tracking_info.gif?&ce=1&lc=&cr=&ui=
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcorearf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: e07e37efcbafd74604f163c877247e93fa0fc269891026f386670427743474f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:01 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
content-length: 238
content-type: application/javascript

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 387C 0
26 B 46ms
46ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstkMoyjKzFKHQkSwrPuzNvHkagVSgvo4y6S-mI7A2oaFZfvEloYfsjWcU81aBnQxxYS_68PBlMPUHv6y8HhB2aMa9f1__HVnyJt0EoDEAbfJGi-BJVUdjvqyWdwmNMDTnD-QFLrNxjpvRV-UVa6bAza-UOA2hM_DrqM1y9TzRQvwPGVXHC_4DYQnRJsL-sZfPjSqiHoC594w1SLsUrkwA4__PV_p8JKO276VS86RzC4uqJWnXsXMHlCEQQLNPsw3h-0tFPi0Ub-s48VoFZXndwAu8VvrjLWI3XU_Kx4_B2sts-Nao-f96AtHTfr67VD61VLL8Tfd6xtK2IzcZxpr1FhpsVrOpXzNKnjv_VCTms0zx061frlG97LoljXnwrQmJzw_iIAV8Ugt5q3QnMbLtV_lt6Bs0IWs47TwTeS9mqMTxtG-klgOkgYCqs960bkCrYwK7YJCnEJuYb91ISGasN_IleJ5nrCktf0Q4JSF21Bs86X_Y4IcBf5M3rxMdYo6kfjSdg1FdM3B5AfPPRJ2f8GUWfNP2ZGErIli9EzrJQ5aJcVSQGVFX5z_o7_vWwGsTRtwUtkKY2GTPcB_gzqx0FoASIMbgHvlrqiYJG_9GKHtEBYjOjHW240ivc4PgShCNDbUYPEd2Q47_-s_zEfW-B0mVdykHP0hkkvUHY50agvgJ2Ug3WBlC-0ZxDLUGfropqjcy95Y1CIEY3kQ0Qe_MneM_I3L0blJoOnWjH6mmXwSEd84lbo1JLFf-hGaBi8DEDydf0grjY3ZsDQgDiJTtLweXdxCwInee_50-OmQrFCEOokC0HikUyVpz-Y9ioN7CDvttyq4K8oothdqlJitNel9GEEhN9TrqJWa70pnD_iUxyKbhP-_b8PixUmEhI5bQptz8IS3TbOIjOlL_mVIrRlp6N9P5ydWlYMOC_aFm2u1-9xDFNo8Q9JX-DHDoeUSDt37WKZfrbKuVuVtTxvcEVKFwPTD_esEr_6gVEr0a282FrgnGcjkjLhYkAKUuJ2aUtp7kidzX2szuaaT8mIzKTfOUsvfiGmqymoTzxOdmbPY2iq4j7GUGyOOg3XCAuZlsknzy-A93pI5_76WY7HJp92g6xOzv83a29luwfPKzgZrTSbAWjWvX7uTh-165BYqc_89-i2zspqKTNr_SpKiP8mIFP56KPcqZJRNMSnGjVbSAMMigoTE17iACmUc6w0UobuGlaEieG36yrKO3dlrMZ0ZJC7&sai=AMfl-YQbS5BpxAKwEo9P0lWPQpQr23HuEE6hECXbKR46qVDTyduIdR4fVxbPVfhSOwyQUzrACNjW4vNpm99SPqzCwD_dZO6GIFq7xvgFUJWY5UDS-69FILjkWdOb-khfEs2hVKm-2ley0kg01FcZjLMrvFqqFJrEohu7fgrxs4V7dEYvV3h45DNQY-_eOFnMr18BnRVcEK_KmVDK8godRS-NDBr1z2qyQX2A-w&sig=Cg0ArKJSzIQAG_Ha1v46EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=675&vt=11&dtpt=434&dett=3&cstd=238&cisv=r20220822.41629&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Aug 2022 00:46:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame B639
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=88680000006069900757597012066025&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=88680000006069900757597012066025&actionid=981741&produktid=&dt_url=

0
90 B

15ms
15ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=88680000006069900757597012066025&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=7d1a822ce8&subid=&uid=1d863a38a793666f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC14ovSAwMY6_nGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0FMNAUcpFMgxLicROmeAQcvju-x83Uv6Wm78nFNbC5srTgFVYOwyCbAUytfXpt_QchtL-0XtS3WA9sNNgl9SoNI4ci5euk8ZjK5imkiX4t3WxFjpbfbtb9rMxjmh7cfVtAlpJz7Tnj-z1tRw3vRFl0_aWJ1nn1qnRo8v1BL-777D3BOVXYHktqJ8cpsSZE1m5TLdldf52lSgZVBONydPrLfSV_z4-XNBLejlZXmDr4spljQ6UWKMgw-waUUXTlce7RgUcQaAjDLU1fRkQSX8Wc5kGNYsk9P8bPP1vj72SbIjKqbU8pRJSF6EwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoRLwXll7zDPGXA4HnhbTsyaqgZrcrB4sqOHchWh-kLIxKncuCZW0%26sig%3DAOD64_0M4d9nE6YTpLeFEiBJFWq1ukyzaQ%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-Aqu8Cy16bNNnIqrApL4CseCVqFdYvjZRAYmBwseir2I6cTwJnUvN-pFq5XBrXyCtxeRmQEema02HM_5KimcA-8btc_lox_sjzLvwebJomHvGNqeBO8u_3fmm3nDZ0T11-0EPVFI2YfnnT4tb807P_9m2KY-w%26cry%3D1%26dbm_d%3DAKAmf-BBuhDCsHqRZZhp-N_hszybgctr8KBbrOt24pzMzcuYG40COJ-3POUp7sGm2W-uvGz5K_NrxLrg7mpxc-aQ5ig1QRYXOY6mdmIIReMVfQSwOu3nKJF_aeKQU_P50WgkT_WoKDryV71npP59_G1cVmTAqQ9sQ5SFxJGyCMm30i4H0e9VAxsD9HYmK7ZfqWHQgtpdei-wuigBbEPpjYO2BOCUxWEcqeEsnXGEbpetIN0_UdOJZ0anrzgQ_GG5pJ0P4JFSuqraqEHm1AgDhX2ZRgXZK-futpb-ftdC1INV4eTW_1XSheiDFnV8WPtw65s-TCwxFcVa0l5bKj15yxIDdYz20kGvdn4h4nme1Liar6dBzOHCnAIDyxh299WbX3oLaqOr_58l_rcPPO-6uc24EGBrcL2jvcBN6Im4k07FHlTyu9I9QzU6K_RQTqycoYQo1xKsZ_94WvJgAj5rbbCPrrkIontjBS6jpPqlr9ObzEIey_a2n487mcwxay8Hthk2LOkgLyFxF2u_qiGhgCNNDxui5wKyPX8rzuo1zsl9svcI5AG2VUqGqmA8HVRQW-OpE0j2HjIk%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=9725977669492&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 29 Aug 2022 00:46:01 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 29 Aug 2022 02:46:02 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Mon, 29 Aug 2022 00:46:01 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=88680000006069900757597012066025&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40028
X-IPLB-Request-ID: 515F052C:C4D4_91EFC182:01BB_630C0C49_5153BB9:1F22D

GET
H2 403 / Show response
adv.office-partner.de/ Frame 1694 1 KB
727 B 8ms
7ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=7d1a822ce8&subid=&uid=1d863a38a793666f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC14ovSAwMY6_nGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0FMNAUcpFMgxLicROmeAQcvju-x83Uv6Wm78nFNbC5srTgFVYOwyCbAUytfXpt_QchtL-0XtS3WA9sNNgl9SoNI4ci5euk8ZjK5imkiX4t3WxFjpbfbtb9rMxjmh7cfVtAlpJz7Tnj-z1tRw3vRFl0_aWJ1nn1qnRo8v1BL-777D3BOVXYHktqJ8cpsSZE1m5TLdldf52lSgZVBONydPrLfSV_z4-XNBLejlZXmDr4spljQ6UWKMgw-waUUXTlce7RgUcQaAjDLU1fRkQSX8Wc5kGNYsk9P8bPP1vj72SbIjKqbU8pRJSF6EwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoRLwXll7zDPGXA4HnhbTsyaqgZrcrB4sqOHchWh-kLIxKncuCZW0%26sig%3DAOD64_0M4d9nE6YTpLeFEiBJFWq1ukyzaQ%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-Aqu8Cy16bNNnIqrApL4CseCVqFdYvjZRAYmBwseir2I6cTwJnUvN-pFq5XBrXyCtxeRmQEema02HM_5KimcA-8btc_lox_sjzLvwebJomHvGNqeBO8u_3fmm3nDZ0T11-0EPVFI2YfnnT4tb807P_9m2KY-w%26cry%3D1%26dbm_d%3DAKAmf-BBuhDCsHqRZZhp-N_hszybgctr8KBbrOt24pzMzcuYG40COJ-3POUp7sGm2W-uvGz5K_NrxLrg7mpxc-aQ5ig1QRYXOY6mdmIIReMVfQSwOu3nKJF_aeKQU_P50WgkT_WoKDryV71npP59_G1cVmTAqQ9sQ5SFxJGyCMm30i4H0e9VAxsD9HYmK7ZfqWHQgtpdei-wuigBbEPpjYO2BOCUxWEcqeEsnXGEbpetIN0_UdOJZ0anrzgQ_GG5pJ0P4JFSuqraqEHm1AgDhX2ZRgXZK-futpb-ftdC1INV4eTW_1XSheiDFnV8WPtw65s-TCwxFcVa0l5bKj15yxIDdYz20kGvdn4h4nme1Liar6dBzOHCnAIDyxh299WbX3oLaqOr_58l_rcPPO-6uc24EGBrcL2jvcBN6Im4k07FHlTyu9I9QzU6K_RQTqycoYQo1xKsZ_94WvJgAj5rbbCPrrkIontjBS6jpPqlr9ObzEIey_a2n487mcwxay8Hthk2LOkgLyFxF2u_qiGhgCNNDxui5wKyPX8rzuo1zsl9svcI5AG2VUqGqmA8HVRQW-OpE0j2HjIk%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=9725977669492&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 1d2009e4aea51a8e6a0f6404f282d8948f473e26f80e45c7ed9bbb12e470d661

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 29 Aug 2022 00:46:01 GMT
etag: W/"5ca0a75f-59f"
server: keycdn-engine
x-edge-location: defr

GET
H2

200

htlp Show response
futalis.de/ Frame 35B8
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=88680000006069900757597012066025&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844598

350 B
409 B

7ms
7ms

Document
text/html

167.233.14.134
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844598
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=7d1a822ce8&subid=&uid=1d863a38a793666f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC14ovSAwMY6_nGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0FMNAUcpFMgxLicROmeAQcvju-x83Uv6Wm78nFNbC5srTgFVYOwyCbAUytfXpt_QchtL-0XtS3WA9sNNgl9SoNI4ci5euk8ZjK5imkiX4t3WxFjpbfbtb9rMxjmh7cfVtAlpJz7Tnj-z1tRw3vRFl0_aWJ1nn1qnRo8v1BL-777D3BOVXYHktqJ8cpsSZE1m5TLdldf52lSgZVBONydPrLfSV_z4-XNBLejlZXmDr4spljQ6UWKMgw-waUUXTlce7RgUcQaAjDLU1fRkQSX8Wc5kGNYsk9P8bPP1vj72SbIjKqbU8pRJSF6EwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoRLwXll7zDPGXA4HnhbTsyaqgZrcrB4sqOHchWh-kLIxKncuCZW0%26sig%3DAOD64_0M4d9nE6YTpLeFEiBJFWq1ukyzaQ%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-Aqu8Cy16bNNnIqrApL4CseCVqFdYvjZRAYmBwseir2I6cTwJnUvN-pFq5XBrXyCtxeRmQEema02HM_5KimcA-8btc_lox_sjzLvwebJomHvGNqeBO8u_3fmm3nDZ0T11-0EPVFI2YfnnT4tb807P_9m2KY-w%26cry%3D1%26dbm_d%3DAKAmf-BBuhDCsHqRZZhp-N_hszybgctr8KBbrOt24pzMzcuYG40COJ-3POUp7sGm2W-uvGz5K_NrxLrg7mpxc-aQ5ig1QRYXOY6mdmIIReMVfQSwOu3nKJF_aeKQU_P50WgkT_WoKDryV71npP59_G1cVmTAqQ9sQ5SFxJGyCMm30i4H0e9VAxsD9HYmK7ZfqWHQgtpdei-wuigBbEPpjYO2BOCUxWEcqeEsnXGEbpetIN0_UdOJZ0anrzgQ_GG5pJ0P4JFSuqraqEHm1AgDhX2ZRgXZK-futpb-ftdC1INV4eTW_1XSheiDFnV8WPtw65s-TCwxFcVa0l5bKj15yxIDdYz20kGvdn4h4nme1Liar6dBzOHCnAIDyxh299WbX3oLaqOr_58l_rcPPO-6uc24EGBrcL2jvcBN6Im4k07FHlTyu9I9QzU6K_RQTqycoYQo1xKsZ_94WvJgAj5rbbCPrrkIontjBS6jpPqlr9ObzEIey_a2n487mcwxay8Hthk2LOkgLyFxF2u_qiGhgCNNDxui5wKyPX8rzuo1zsl9svcI5AG2VUqGqmA8HVRQW-OpE0j2HjIk%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=9725977669492&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.233.14.134 Oberschleissheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-2.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 29 Aug 2022 00:46:01 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844598
p3p: policyref="https://www.retailads.net//w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache

GET
H2 200 link.html Show response
track.webgains.com/ Frame 312F 2 KB
2 KB 95ms
95ms Script
text/html 52.56.49.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=88680000006069900757597012066025&nw=1
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.49.215 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-49-215.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 15696c3b9e96e562441097f54828730fce55e3ceecacc05aee2a7d3e7650f6b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:01 GMT
last-modified: Mon, 29 Aug 2022 00:46:01 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 29 Aug 2022 00:47:01 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900025.redintelligence.net/ Frame CB7F 7 KB
2 KB 21ms
7ms Document
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/request_content.php?s=88680000006069900757597012066025&a=df55a675
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=07kjbl94dsnm&nw=20&renderingType=javascript&namespace=7d1a822ce8&subid=&uid=1d863a38a793666f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC14ovSAwMY6_nGKqMx_AP7Oe8oAfdreioYJSm-eLFCvAuEAEgs7OgkQFglYKAgKAHyAEJqQJUqVXC_LewPqgDAaoE6wFP0FMNAUcpFMgxLicROmeAQcvju-x83Uv6Wm78nFNbC5srTgFVYOwyCbAUytfXpt_QchtL-0XtS3WA9sNNgl9SoNI4ci5euk8ZjK5imkiX4t3WxFjpbfbtb9rMxjmh7cfVtAlpJz7Tnj-z1tRw3vRFl0_aWJ1nn1qnRo8v1BL-777D3BOVXYHktqJ8cpsSZE1m5TLdldf52lSgZVBONydPrLfSV_z4-XNBLejlZXmDr4spljQ6UWKMgw-waUUXTlce7RgUcQaAjDLU1fRkQSX8Wc5kGNYsk9P8bPP1vj72SbIjKqbU8pRJSF6EwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoRLwXll7zDPGXA4HnhbTsyaqgZrcrB4sqOHchWh-kLIxKncuCZW0%26sig%3DAOD64_0M4d9nE6YTpLeFEiBJFWq1ukyzaQ%26client%3Dca-pub-9418193717673860%26dbm_c%3DAKAmf-Aqu8Cy16bNNnIqrApL4CseCVqFdYvjZRAYmBwseir2I6cTwJnUvN-pFq5XBrXyCtxeRmQEema02HM_5KimcA-8btc_lox_sjzLvwebJomHvGNqeBO8u_3fmm3nDZ0T11-0EPVFI2YfnnT4tb807P_9m2KY-w%26cry%3D1%26dbm_d%3DAKAmf-BBuhDCsHqRZZhp-N_hszybgctr8KBbrOt24pzMzcuYG40COJ-3POUp7sGm2W-uvGz5K_NrxLrg7mpxc-aQ5ig1QRYXOY6mdmIIReMVfQSwOu3nKJF_aeKQU_P50WgkT_WoKDryV71npP59_G1cVmTAqQ9sQ5SFxJGyCMm30i4H0e9VAxsD9HYmK7ZfqWHQgtpdei-wuigBbEPpjYO2BOCUxWEcqeEsnXGEbpetIN0_UdOJZ0anrzgQ_GG5pJ0P4JFSuqraqEHm1AgDhX2ZRgXZK-futpb-ftdC1INV4eTW_1XSheiDFnV8WPtw65s-TCwxFcVa0l5bKj15yxIDdYz20kGvdn4h4nme1Liar6dBzOHCnAIDyxh299WbX3oLaqOr_58l_rcPPO-6uc24EGBrcL2jvcBN6Im4k07FHlTyu9I9QzU6K_RQTqycoYQo1xKsZ_94WvJgAj5rbbCPrrkIontjBS6jpPqlr9ObzEIey_a2n487mcwxay8Hthk2LOkgLyFxF2u_qiGhgCNNDxui5wKyPX8rzuo1zsl9svcI5AG2VUqGqmA8HVRQW-OpE0j2HjIk%26adurl%3D&documentReferer=https%3A%2F%2Fbongdaplus.vn%2F&ancestorOrigins=https%3A%2F%2Fbongdaplus.vn&random=9725977669492&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 0b284304decd4ca4db4053be5ee8676a496bd0212a3a341eae024259ddb070f9

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2044
Content-Type: text/html; charset=utf-8
Date: Mon, 29 Aug 2022 00:46:01 GMT
Expires: Mon, 29 Aug 2022 01:46:01 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 312F
Redirect Chain

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=88680000006069900757597012066025
https://ad-server.eu/wm/pb/native.png

68 B
312 B

29ms
29ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:50:13 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Mon, 29 Aug 2022 00:46:01 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 515F052C:C4F0_91EFC182:01BB_630C0C49_514860D:1F22B
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=15768000
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H3 200 css
fonts.googleapis.com/ Frame C995 4 KB
651 B 35ms
19ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=95808200007473000757597012066001&a=02bc593f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 28 Aug 2022 23:29:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 29 Aug 2022 00:46:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Aug 2022 00:46:01 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C995 80 KB
80 KB 100ms
87ms Image
image/png 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=95808200007473000757597012066001&a=02bc593f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 152b60c20455b294efc6aec5478a38b9d21ee458d02fe411b7eb87bc76c3f67e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C995 81 KB
81 KB 117ms
103ms Image
image/png 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=95808200007473000757597012066001&a=02bc593f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 18fd0b51f81d75aec6bffa80211b2aa409afabbd946453e6063f000a2151b17f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C995 69 KB
69 KB 136ms
122ms Image
image/png 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=95808200007473000757597012066001&a=02bc593f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 53397e8cb7876e489ba3d1083644f5b222625c2c680b345d72518e43ab00866c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 7C7C 85 KB
85 KB 59ms
7ms Script
text/javascript 65.9.66.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=53753900006868500757597012066027&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-42.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 14:19:26 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 13:40:24 GMT
server: AmazonS3
age: 37595
etag: "42f12532a1be9c2d028e26e9b82a99a2"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA56-C1
content-length: 86537
x-amz-cf-id: WIryOENmk9DfVAaOfj0ZjnGWM6OfuwNlUtPuqIREdRtQ3ri4BRa-7w==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 7C7C 3 KB
3 KB 90ms
7ms Image
image/png 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1661734261&Signature=JmNcr9JtYgaty9z20UkkJ~KCYPnG0ShgnjHWKx1OI05yLCPz~xy7~DgtU~Ssz21jjsowJKrg6MIFLirOh9KlZSJ-yu2sjhKcI1pAP2uVEyn1PIDGGkpn4YbbnBrxGuwReKGudBVVDAz2UTUreBzxLba7AC2xfkGd2NBZxbKCtCvmNag4DZZUI9qBRkc7neeye~Kh5oUczM4fSkG~F-6MnclJs0kGzsvKmctk30opDHFL43tq5p6wLtO~rzRV3VnkWXYD~465i4QXvdDpP5wuYgCD9lfycOQHm7pNDLHrTs7bLM5ZC-NFIXfJoH~ywbNk-UaF~q4EtND-zVtxmhp1Bg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
age: 73084
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
date: Sun, 28 Aug 2022 04:28:54 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: tqCP587dDYEFArLJl5ucslds9RHnSbAxrKfO0IWyPfv-72ICkKjwzQ==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 0BD7 89 KB
32 KB 45ms
8ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=78214100005187700757589012066006&a=583bdfce

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 14:32:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 14:32:35 GMT

GET
H/1.1

200
OK

pb_ratenkredit_300x250.jpg
ad-server.eu/wm/pb/rate/aktion/ Frame 0BD7
Redirect Chain

https://pv.medialead.de/trck/eview/e99aace94e6e5873c65e55b1331dd3d1?subid=78214100005187700757589012066006
https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_300x250.jpg

373 KB
374 KB

57ms
56ms

Image
image/jpeg

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_300x250.jpg
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=78214100005187700757589012066006&a=583bdfce
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93299e37dcef382ea69e3e4e6fab10fc010ac2127e45e8b3874cbc28a8bf4fb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:50:13 GMT
Last-Modified: Mon, 22 Aug 2022 10:27:11 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "630359ff-5d511"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 382225

Redirect headers

Date: Mon, 29 Aug 2022 00:46:01 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 515F052C:C4D4_91EFC182:01BB_630C0C49_5153BC2:1F22D
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=15768000
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_300x250.jpg
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 86F0 13 KB
5 KB 50ms
15ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5976478001652688715/1657637830060.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 477017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 12:15:44 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 86F0 7 KB
5 KB 35ms
18ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8121fc0108df78656b87370d403b619235f07ab18d720d8795529a85f67f1b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Aug 2022 00:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5520
x-xss-protection: 0

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 67ED 13 KB
5 KB 49ms
16ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 477017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 12:15:44 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 67ED 7 KB
6 KB 35ms
19ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce4b251fccd0768f59398f76e9f0f22d0d1d875ea8b745c2c7248713034d814c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Aug 2022 00:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5631
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 43B8 4 KB
651 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=59070900006437100757597012066020&a=ee12f33f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 28 Aug 2022 23:49:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 29 Aug 2022 00:46:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Aug 2022 00:46:01 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 43B8 100 KB
100 KB 125ms
111ms Image
image/png 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=59070900006437100757597012066020&a=ee12f33f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 4c67498e61b4fd83b2afc6b79ad322bf5f8a2d75478d29c71953e957f3b2e005

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 43B8 81 KB
81 KB 22ms
8ms Image
image/png 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=59070900006437100757597012066020&a=ee12f33f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 18fd0b51f81d75aec6bffa80211b2aa409afabbd946453e6063f000a2151b17f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 43B8 0
135 B 21ms
7ms Image
image/png 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=59070900006437100757597012066020&a=ee12f33f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:02 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: image/png

GET Ad
ads.novanet.vn/ Frame A51D 0
0

GET
H/1.1 200
OK viewability Show response
hal900027.redintelligence.net/ Frame D078 0
150 B 20ms
7ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/viewability?s=53753900006868500757597012066027&a=fe9d4e19&vb=m
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=53753900006868500757597012066027&a=f9b479f9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/request_content.php?s=53753900006868500757597012066027&a=f9b479f9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:01 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 5ED0 13 KB
5 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5976478001652688715/1657637830060.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 477017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 12:15:44 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5ED0 7 KB
5 KB 22ms
19ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acd9d4cd7d0cb85abe0411ae9419a6edaebfc178ee733ac1b42f4159f1207342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Aug 2022 00:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5558
x-xss-protection: 0

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 9A6A 85 KB
85 KB 10ms
8ms Script
text/javascript 65.9.66.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=95808200007473000757597012066001&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-42.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 14:19:26 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 13:40:24 GMT
server: AmazonS3
age: 37595
etag: "42f12532a1be9c2d028e26e9b82a99a2"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA56-C1
content-length: 86537
x-amz-cf-id: qVclDko_65g4AzYEOlbBzAn0GprZCnzsFEuJLgsme2HRypJuBFpo1Q==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame 9A6A 85 B
435 B 16ms
8ms Image
image/gif 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1661734261&Signature=PP4KDnTL9OqrFF8CqO7Uz1yhWgNxO-7IK-C5-vEFuTMZFSP6jr1RXOUrl~8rvaRePC1mtxhexe4czsMwHsaZjGN618NB5Ry5MMxfKoRUJTIwezJsB~jlsNXWsuclSyhHm~BUCXlFPgZixus1-xEw2nma4QRbtBlUi~EjkCvgnlcMwGdvk5hsRY2IBpx5ESvaWksCKhH7H4M2UQgmUKl1k0OZmC6V0XC88vGdidgkYgDGNLQEWCs-HNNVTCYmuZo2Ki-AXzw08tJnIhdymrzYmgwFHFafvVS6AUjg8V8Nry4e6dTBxqERkjJp8RNS8-ySU2HHeJm1PxwG9QOF5pY2JA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
age: 75815
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
date: Sun, 28 Aug 2022 03:43:05 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 85
x-amz-cf-id: K9ub2R6WMzAciL2yLZZ3kVgtZOziQ9wu-k3V5yePIe9ljYnTKt9o9A==

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 682D 5 KB
5 KB 6ms
5ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844596
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:01 GMT
last-modified: Fri, 21 Jan 2022 14:35:51 GMT
server: Apache
accept-ranges: bytes
etag: "14aa-5d6188919baaa"
content-length: 5290
content-type: application/javascript

GET
H2 200 v2 Show response
sspapi.admicro.vn/ssp_page_request/pc/ 429 B
692 B 1094ms
301ms XHR
application/json 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://sspapi.admicro.vn/ssp_page_request/pc/v2?refer=&dg=&cw=1000&sw=1600&sh=1200&w=980&h=250&i=&u=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&l=0&ads=6151&isdetail=1&lsn=1661733961229&ce=1&lc=&cr=&ui=&uuid=&ga=GA1.1.1419012330.1661733957
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/ssppage.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: /
Resource Hash: 3f11ea09f5d7b9464f844fbe86016d22b3f2ea36ceec91993ae01c61e301a723

Request headers

Referer: https://bongdaplus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, X-Requested-With
content-length: 429

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 76FF 5 KB
5 KB 5ms
4ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844595
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:01 GMT
last-modified: Fri, 21 Jan 2022 14:35:51 GMT
server: Apache
accept-ranges: bytes
etag: "14aa-5d6188919baaa"
content-length: 5290
content-type: application/javascript

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 630E 5 KB
5 KB 5ms
4ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844597
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:01 GMT
last-modified: Fri, 21 Jan 2022 14:35:51 GMT
server: Apache
accept-ranges: bytes
etag: "14aa-5d6188919baaa"
content-length: 5290
content-type: application/javascript

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 35B8 5 KB
5 KB 5ms
5ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1566844598
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:01 GMT
last-modified: Fri, 21 Jan 2022 14:35:51 GMT
server: Apache
accept-ranges: bytes
etag: "14aa-5d6188919baaa"
content-length: 5290
content-type: application/javascript

GET
H3 200 css
fonts.googleapis.com/ Frame CB7F 4 KB
651 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=88680000006069900757597012066025&a=df55a675

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 00:19:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 29 Aug 2022 00:46:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Aug 2022 00:46:01 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame CB7F 80 KB
80 KB 23ms
9ms Image
image/png 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=88680000006069900757597012066025&a=df55a675
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 152b60c20455b294efc6aec5478a38b9d21ee458d02fe411b7eb87bc76c3f67e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame CB7F 81 KB
81 KB 23ms
8ms Image
image/png 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=88680000006069900757597012066025&a=df55a675
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 18fd0b51f81d75aec6bffa80211b2aa409afabbd946453e6063f000a2151b17f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame CB7F 69 KB
69 KB 23ms
9ms Image
image/png 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=88680000006069900757597012066025&a=df55a675
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 53397e8cb7876e489ba3d1083644f5b222625c2c680b345d72518e43ab00866c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal90001.redintelligence.net/ Frame C995 0
150 B 27ms
12ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/viewability?s=95808200007473000757597012066001&a=f56c4ce4&vb=m
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=95808200007473000757597012066001&a=02bc593f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/request_content.php?s=95808200007473000757597012066001&a=02bc593f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:02 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 asyncjs.php Show response
delivery.lavamedia.vn/www/delivery/ 4 KB
2 KB 1551ms
293ms Script
text/javascript 123.30.139.73
VNPT-AS-VN Vietna...

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.lavamedia.vn/www/delivery/asyncjs.php
Requested by: Host: pub.lavamedia.vn
URL: https://pub.lavamedia.vn/sites/bongdaplus.vn_Zmedia/bongdaplus.vn_nativeinimage.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.139.73 , Viet Nam, ASN7643 (VNPT-AS-VN Vietnam Posts and Telecommunications VNPT, VN),
Reverse DNS: betteabs.net
Software: nginx /
Resource Hash: 5865a4baadddae629b47e608ee23e84e913529a966d0951026cf68e038f01a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
content-encoding: gzip
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: private, max-age=3600
expire: Mon, 29 Aug 2022 01:46:03 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/ 343 KB
120 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5230701648443988&plah=bongdaplus.vn&bust=31069108

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1f3432e50849a4441e0ed30b773a7b5cab00716a62fb4cde1af95cd094d04da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123236
x-xss-protection: 0
server: cafe
etag: 4946512336755621879
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 00:46:02 GMT

GET
H2 200 kib_bongdaplus_desktop Show response
player.gliacloud.com/player/ 263 KB
32 KB 1296ms
1245ms Script
application/javascript 2606:4700:3038::6815:eb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.gliacloud.com/player/kib_bongdaplus_desktop
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e6f8318b9d9b1766bac67f67543acca790025702cc4f565b4db01de19963548

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: Public
last-modified: Sun, 28 Aug 2022 19:23:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bkiyEdz3%2BjOWgxykTjp87mNoDHxX53qa9ewFvS9kEpcsnnZQpeG3r4f2iQ2PdG7qSjkJyuUS%2Bm2z9Z1%2BJ6N3bIwGXLbO89QzqFMi3z2hn76bk5CVQsI6lYXZ25RmUTQPQtIEw57JI%2BFJsZoJDeEU7G8nA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-cloud-trace-context: f8416c311e14fe59a5124fa01a96c3bd
cache-control: public, max-age=900
cf-ray: 7421446f0a060052-LHR
expires: Mon, 29 Aug 2022 01:01:03 GMT

GET
H2 200 ads_code_1.ads Show response
media1.admicro.vn/ads_codes/ 0
236 B 329ms
329ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/ads_codes/ads_code_1.ads
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/adm_tracking.js?id=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
content-encoding: gzip
last-modified: Tue, 27 Apr 2021 04:47:24 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
content-length: 23
expires: Mon, 29 Aug 2022 00:56:02 GMT

GET
H2 200 lgnews.js Show response
static.contineljs.com/core/ 10 KB
4 KB 1219ms
318ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.contineljs.com/core/lgnews.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/adm_tracking.js?id=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: cd2294234d033ddfaf66ae3a7d45f5ff0636294cd0df1a9b36c863a6ba409626

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 08:09:55 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Mon, 29 Aug 2022 00:56:03 GMT

GET
H2 200 benchmark.js Show response
js.aiservice.vn/recbm/ 6 KB
2 KB 1442ms
317ms Script
text/javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.aiservice.vn/recbm/benchmark.js

Requested by

Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/adm_tracking.js?id=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

Software

Resource Hash

b38605a757493a1c40b44fba5067fc91d45e1fcba2005381bc9a1a8c16ebd05d

Security Headers

Name	Value
X-Frame-Options	allowall

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 01:57:15 GMT
x-frame-options: allowall
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age:600, must-revalidate, proxy-revalidate
content-length: 2003
expires: Mon, 29 Aug 2022 00:56:03 GMT

GET
H2 200 ftest
amcdn.vn/ 35 B
458 B 1513ms
305ms Image
image/gif 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amcdn.vn/ftest?lsn=b7ba1c1e4c54b4a41c44986e6dd206e7&dg=b7ba1c1e4c54b4a41c44986e6dd206e7&ui=&url=http%3A%2F%2F1bongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&rd=0.6492688418421451
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: aws/a1564 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/a1564
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ftest
lg1.logging.admicro.vn/ 35 B
601 B 291ms
290ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/ftest?lsn=b7ba1c1e4c54b4a41c44986e6dd206e7&dg=b7ba1c1e4c54b4a41c44986e6dd206e7&ui=&url=http%3A%2F%2F2bongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&rd=0.8813588923977471
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:02 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
content-length: 35
content-type: image/gif

GET
H2 200 _tracking1.gif
lg1.logging.admicro.vn/ 35 B
484 B 290ms
289ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg1.logging.admicro.vn/_tracking1.gif?dg=b7ba1c1e4c54b4a41c44986e6dd206e7&fl=-1.-1.&je=0&sr=1600x1200&sc=24&hn=bongdaplus.vn&cat=&g=0&i=v%3B1661733961229%3B0%3B0%3B1%3B0%3B0%3B1600x1200%3B0%3B1%3Bb7ba1c1e4c54b4a41c44986e6dd206e7%3Bb7ba1c1e4c54b4a41c44986e6dd206e7%3BGA1.1.1419012330.1661733957%3B-1661733956173%3B244%3B465%3B355%3B230%3B0%3B-1661733956173%3B-1661733956173&rdm=0.9395110388539851&p=%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&r=&ce=1&lc=&cr=&ui=

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Frame-Options	allowall

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
x-frame-options: allowall
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mapid
lg.nanda.vn/ 35 B
464 B 1374ms
298ms Image
image/gif 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg.nanda.vn/mapid?src=admicro&dguid=b7ba1c1e4c54b4a41c44986e6dd206e7&3guid=
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: aws/n2392 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/n2392
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame EB3E 85 KB
85 KB 10ms
7ms Script
text/javascript 65.9.66.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=59070900006437100757597012066020&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-42.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 14:19:26 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 13:40:24 GMT
server: AmazonS3
age: 37596
etag: "42f12532a1be9c2d028e26e9b82a99a2"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA56-C1
content-length: 86537
x-amz-cf-id: v7W-gPBbEN3s4CJyQ-2bKn3-kdi2Cx-v0NJgDyIEFGMXG6nen58bpw==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame EB3E 3 KB
3 KB 10ms
8ms Image
image/png 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1661734261&Signature=BIOQDgjrz7VSz3pBFoMd~vs0yBs2jMPEjZe8CYVeQGFHIw3iwJq0X2DYTtv8AjVblW1sklU~FbLcOpJw3gZBcSYmPRHfDN5zMcMa2VmyGcjferMdUYCbVaq1mhf34cXL97kwfJ8zdK2jDyTYaPIQnVXQZHoH7FXMmu3z6nltwmTZd7P6KkZkEa6g0HIfokUqFkdHi~HBOhUrKJXQtK4Cf8XRajMz4PNw74~Q8INttzVkNP9LY3ngHHUJk8vn7Luhd9sBcTZr~U9crDTYy8mIvskLoSgJfWH7uICCoJZ17NrGdn~1lKSxbiq3zSfsa-6kbc4Jzp8g5uhQS1x3v4Uo2g__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
age: 74128
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
date: Sun, 28 Aug 2022 05:38:03 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: o7fnjQJxOEpQpbV8dlNV5-zQXr-e2WDNrmsIs-yrhrupjdg5kVuRtQ==

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 312F 85 KB
85 KB 8ms
7ms Script
text/javascript 65.9.66.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=88680000006069900757597012066025&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-42.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 14:19:26 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 13:40:24 GMT
server: AmazonS3
age: 37596
etag: "42f12532a1be9c2d028e26e9b82a99a2"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA56-C1
content-length: 86537
x-amz-cf-id: mF4rB_kONJt-zydFcViZe_PajFwnw48SpedOCejAkDKVYfeZqjSJRw==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame 312F 85 B
434 B 8ms
7ms Image
image/gif 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1661734261&Signature=PP4KDnTL9OqrFF8CqO7Uz1yhWgNxO-7IK-C5-vEFuTMZFSP6jr1RXOUrl~8rvaRePC1mtxhexe4czsMwHsaZjGN618NB5Ry5MMxfKoRUJTIwezJsB~jlsNXWsuclSyhHm~BUCXlFPgZixus1-xEw2nma4QRbtBlUi~EjkCvgnlcMwGdvk5hsRY2IBpx5ESvaWksCKhH7H4M2UQgmUKl1k0OZmC6V0XC88vGdidgkYgDGNLQEWCs-HNNVTCYmuZo2Ki-AXzw08tJnIhdymrzYmgwFHFafvVS6AUjg8V8Nry4e6dTBxqERkjJp8RNS8-ySU2HHeJm1PxwG9QOF5pY2JA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=88680000006069900757597012066025&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
age: 75816
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
date: Sun, 28 Aug 2022 03:43:05 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 85
x-amz-cf-id: ui5tiAUZOosJhI9L9hjFDgVoCnIGWylpT3eoXHgktcbmoPJLkE9J8g==

GET
H/1.1 200
OK viewability Show response
hal900020.redintelligence.net/ Frame 43B8 0
150 B 21ms
7ms Script
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/viewability?s=59070900006437100757597012066020&a=d16efc45&vb=m
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=59070900006437100757597012066020&a=ee12f33f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/request_content.php?s=59070900006437100757597012066020&a=ee12f33f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:02 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK b4abfe3067054b76 Show response
ssp.tenmax.io/supply/loaders/ 295 B
666 B 2592ms
242ms XHR
application/json 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.tenmax.io/supply/loaders/b4abfe3067054b76?device=PERSONAL_COMPUTER&cacheBuster=70e9c479-64b7-4135-a8f9-0aad2ec1d118
Requested by: Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/loader/prod/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.hinet-ip.hinet.net
Software: nginx /
Resource Hash: 2b00dc2e691d20fa1a7a9d0d2f1c6331fce115ad78ce7b70152cdf5f25466758

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:04 GMT
Server: nginx
Vary: Origin
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: https://bongdaplus.vn
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 295
X-Application-Context: application:prod,aggregator,build-ext:58070

GET
H3 200 like.php Show response
www.facebook.com/v5.0/plugins/ Frame 984B 0
20 B 38ms
27ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v5.0/plugins/like.php?action=like&app_id=322171506365362&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1061b56305a7%26domain%3Dbongdaplus.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbongdaplus.vn%252Ff4c62d8fc218%26relation%3Dparent.parent&container_width=104&href=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a9d5aa629f2ec5743b97feb8a9678338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 29 Aug 2022 00:46:02 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: Z8yVokGoDEBUbzatQFfXBSb3e2u+apRBqOTKyJS+TNPcN9Mb+6bwrkxrEZeg65C8Cq0fxuMZbAi9Stu0AVA+Wg==
x-xss-protection: 0

GET
H3 200 like.php Show response
www.facebook.com/v5.0/plugins/ Frame 884E 0
22 B 32ms
30ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v5.0/plugins/like.php?action=like&app_id=322171506365362&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df364d48c5f4c944%26domain%3Dbongdaplus.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbongdaplus.vn%252Ff4c62d8fc218%26relation%3Dparent.parent&container_width=480&href=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&size=small&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a9d5aa629f2ec5743b97feb8a9678338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 29 Aug 2022 00:46:02 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: dH4MFt1RUkg0SKwfSxPaK7uvND74g2Nsn7U+ui0zaZhvwWAgmPFUmM3IqF9iV4gJ0wnRxPYTK3sPsm5peOlh9A==
x-xss-protection: 0

GET
H2 200 bundle.js Show response
static.philacct.com/ngvmfg/static/js/ 45 KB
14 KB 2021ms
308ms Script
application/x-javascript 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.philacct.com/ngvmfg/static/js/bundle.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcorearf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: e61fd45407ec94fcaf4f11a2a4cb98fc514a45a56d73be14ed0cbe8d896a4f4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 08:39:52 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Mon, 29 Aug 2022 00:56:03 GMT

GET
H2 200 _tracking1.gif Show response
lg1.logging.admicro.vn/ Frame 3967 720 B
1 KB 289ms
289ms Document
text/html 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://lg1.logging.admicro.vn/_tracking1.gif?dg=b7ba1c1e4c54b4a41c44986e6dd206e7&fl=-1.-1.&je=0&sr=1600x1200&sc=24&hn=bongdaplus.vn&cat=&g=0&i=s%3B1661733961229%3B0%3B0%3B1%3B0%3B0%3B1600x1200%3B0%3B1%3Bb7ba1c1e4c54b4a41c44986e6dd206e7%3Bb7ba1c1e4c54b4a41c44986e6dd206e7%3BGA1.1.1419012330.1661733957%3B-1661733956173%3B244%3B465%3B355%3B230%3B0%3B-1661733956173%3B-1661733956173&rdm=0.750710073728313&p=%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&r=&ce=1&lc=&cr=&ui=

Requested by

Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/adm_tracking.js?id=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

Resource Hash

c9b64e51e10a124f9295d53e256465d2cf2db9060a7099ec9f9f4e064ec0d8f2

Security Headers

Name	Value
X-Frame-Options	allowall

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 720
content-type: text/html; charset=utf-8
date: Mon, 29 Aug 2022 00:46:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
pragma: no-cache
x-frame-options: allowall

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame D078 13 KB
13 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900027.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 19:24:52 GMT
x-content-type-options: nosniff
age: 364870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 19:24:52 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame D078 13 KB
13 KB 32ms
10ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900027.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 16:24:40 GMT
x-content-type-options: nosniff
age: 462082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 16:24:40 GMT

GET
H/1.1 200
OK viewability Show response
hal900025.redintelligence.net/ Frame CB7F 0
150 B 28ms
13ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/viewability?s=88680000006069900757597012066025&a=344a4102&vb=m
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=88680000006069900757597012066025&a=df55a675
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/request_content.php?s=88680000006069900757597012066025&a=df55a675
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:02 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 86F0 17 KB
6 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Aug 2022 00:46:02 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 67ED 17 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Aug 2022 00:46:02 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4384 15 KB
6 KB 8ms
7ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/bundles/jquery?v=2svGaZRvs0AaMYTOAHSweCa27ehCpILIM0fY4jeMdDs1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=103532
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 29 Aug 2022 00:46:02 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 30 Aug 2022 05:31:34 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1 200
OK Ad Show response
ads.novanet.vn/ Frame E8FF 200 B
943 B 1347ms
218ms Document
text/html 171.244.15.69
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.novanet.vn/Ad?ssl=true&v=1661733961923&ssl=true&zone=10484&url=https%3A%2F%2Fbongdaplus%2Evn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208%2Ehtml&host=bongdaplus%2Evn&ref=&hl=2&br=3&brver=104&osname=1&osver=0&width=300&height=250&time=923&h5e=true&nnc=null&cenable=true&newnnc=false

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/bundles/jquery?v=2svGaZRvs0AaMYTOAHSweCa27ehCpILIM0fY4jeMdDs1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

171.244.15.69 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

cf80cc40303fc66454d523ddf9b9601674cc19f699bd840091af34f6ad23332b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: *
cache-control: private
content-encoding: gzip
content-length: 275
content-type: text/html; charset=utf-8
date: Mon, 29 Aug 2022 00:46:01 GMT
expires: 0
pragma: no-cache
processtime: 3.2074 ms.
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 4.0
x-powered-by: ASP.NET

GET
H2 200 viet-nam.gif
bongdaplus.vn/img/ 3 KB
3 KB 474ms
464ms Image
image/gif 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/viet-nam.gif
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 592981d629b8f6c7c30f896845758fb14dcf9ae3f19970d6a16659187cb3ae74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Sat, 17 Oct 2020 03:36:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "f7d84cc236a4d61:0"
content-type: image/gif
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 3134

GET
H2 200 thai-lan.gif
bongdaplus.vn/img/ 2 KB
2 KB 474ms
462ms Image
image/gif 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/thai-lan.gif
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7b7159dee0b40d71f0bdb76ede03089892368ac691e0e13bcf96bdfeb2173b24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Sat, 17 Oct 2020 03:36:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "42e9f0c136a4d61:0"
content-type: image/gif
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 1586

GET
H2 200 indonesia.gif
bongdaplus.vn/img/ 1 KB
1 KB 475ms
462ms Image
image/gif 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/indonesia.gif
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 21a961491939d0b6f101f6a5f69d1afe54f51abf212a1430c7d92df5b0ad7b61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Sat, 17 Oct 2020 03:36:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "6fbdb5bf36a4d61:0"
content-type: image/gif
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 1425

GET
H2 200 philippines.gif
bongdaplus.vn/img/ 4 KB
4 KB 475ms
463ms Image
image/gif 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/philippines.gif
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b42a8f061d537e435665bdaff50d139a57e2e9cea90aaca41d0e29d535358245

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Sat, 17 Oct 2020 03:36:53 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "b49164c136a4d61:0"
content-type: image/gif
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 4136

GET
H2 200 singapore.gif
bongdaplus.vn/img/ 3 KB
3 KB 475ms
463ms Image
image/gif 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/singapore.gif
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 37672244a52270ade85c05501cf9a3d50c2417542537815c61e4bfc73a08be04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Sat, 17 Oct 2020 03:36:53 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "ed35bec136a4d61:0"
content-type: image/gif
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 3098

GET
H2 200 malaysia.gif
bongdaplus.vn/img/ 5 KB
5 KB 476ms
464ms Image
image/gif 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/malaysia.gif
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e1ddb0bd4f279f24d00dee6fd0d2c188384b92a99dddfae587f7f0cea876a7e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Sat, 17 Oct 2020 03:36:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "6260cdc036a4d61:0"
content-type: image/gif
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 4674

GET
H2 200 myanmar.gif
bongdaplus.vn/img/ 3 KB
3 KB 476ms
464ms Image
image/gif 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/myanmar.gif
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e17b6ed8992591c71226d4fabf3e3c950fd4fffc596f865ad4dd6f9762ce96c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Sat, 17 Oct 2020 03:36:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "b5e2fac036a4d61:0"
content-type: image/gif
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 3084

GET
H2 200 campuchia.gif
bongdaplus.vn/img/ 4 KB
4 KB 476ms
464ms Image
image/gif 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/campuchia.gif
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7e993eb98db05849910d8e25caa269e19ce18f74f846fc095c4cf3c7553e7c78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Sat, 17 Oct 2020 03:36:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "dcb433bf36a4d61:0"
content-type: image/gif
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 4457

GET
H2 200 lao.gif
bongdaplus.vn/img/ 3 KB
3 KB 476ms
465ms Image
image/gif 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/lao.gif
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 019287946d95dcc710607119492284d7910f93b4d27b4e61cb46f09e91055205

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Sat, 17 Oct 2020 03:36:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "e95af6bf36a4d61:0"
content-type: image/gif
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 2695

GET
H2 200 brunei.gif
bongdaplus.vn/img/ 5 KB
5 KB 476ms
465ms Image
image/gif 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/brunei.gif
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 51c3f4f3ef2984e833ae4a6307f53355051d3ba02625259f30dff89305f82991

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Sat, 17 Oct 2020 03:36:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "832aebbe36a4d61:0"
content-type: image/gif
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 5068

GET
H2 200 dong-timor.gif
bongdaplus.vn/img/ 4 KB
4 KB 477ms
466ms Image
image/gif 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/dong-timor.gif
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8ee8cc3524ef2f28cbdcedf01c900a453b41b2ac8406f74023fe5cb8fcdcb308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Sat, 17 Oct 2020 03:36:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "15ac71bf36a4d61:0"
content-type: image/gif
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 3640

GET
H2 200 aerobic.png
bongdaplus.vn/img/sg31-games/ 61 KB
61 KB 477ms
466ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/aerobic.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99a4bbac12ba61a36d59f8b3decba8f90deec6e5c13dfa28a4d2cd65e9f48b7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Wed, 23 Mar 2022 14:37:38 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "025f8bc33ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 62821

GET
H2 200 ban-cung.png
bongdaplus.vn/img/sg31-games/ 61 KB
61 KB 478ms
468ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/ban-cung.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b2d748a7780ad4718cc34e8fa177ad0b9cddf64a0d106d4fc8ff40df51891c62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Wed, 23 Mar 2022 14:02:22 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "02bd39dbe3ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 62752

GET
H2 200 ban-sung.png
bongdaplus.vn/img/sg31-games/ 58 KB
58 KB 479ms
468ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/ban-sung.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6d5465f63253cc001e8237f3bc77e74c4a6321fa19e0c9f7f4cf879a7595aebe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Wed, 23 Mar 2022 14:01:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "088f18bbe3ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 59406

GET
H2 200 billard.png
bongdaplus.vn/img/sg31-games/ 59 KB
59 KB 479ms
469ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/billard.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 39ee71f05150c53a8511411e4878bf30cfced16c6e0f5a51794fe40ca5886274

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Wed, 23 Mar 2022 14:18:06 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0237ed0c03ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 60609

GET
H2 200 boi-loi.png
bongdaplus.vn/img/sg31-games/ 56 KB
56 KB 480ms
469ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/boi-loi.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 82303473e3c990acccc11d4bbdd6f0d9a5debdeb9d9717074bbab023d5164cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Wed, 23 Mar 2022 14:33:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0e38ce6c23ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 57306

GET
H2 200 bong-ban.png
bongdaplus.vn/img/sg31-games/ 61 KB
61 KB 480ms
470ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/bong-ban.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4d11136fe675c8b5f7c4d9702eb08c13349d3e441c65c6373d07798823dd8a7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Wed, 23 Mar 2022 14:44:24 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0d4d7dc43ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 62034

GET
H2 200 bong-chuyen.png
bongdaplus.vn/img/sg31-games/ 66 KB
66 KB 481ms
471ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/bong-chuyen.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 768677966f6b20ae9277176c55d6142241d084bf03fcf00e38820b415e6b3981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Wed, 23 Mar 2022 14:50:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0898446c53ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 67456

GET
H2 200 bong-da.png
bongdaplus.vn/img/sg31-games/ 50 KB
50 KB 700ms
691ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/bong-da.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f32cf2bda124e2ae84d14dfeee3ae15a41f45797cafb30253a1b30375346e23f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Wed, 23 Mar 2022 13:59:48 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a2842be3ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 51226

GET
H2 200 bong-nem.png
bongdaplus.vn/img/sg31-games/ 69 KB
69 KB 701ms
692ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/bong-nem.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2e221305ae28c6a194cbc72d3555dfb5cc4e0a4da5205a0295d004d68bacfca6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Wed, 23 Mar 2022 14:47:48 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0c2a5f6c43ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 70726

GET
H2 200 bong-ro.png
bongdaplus.vn/img/sg31-games/ 58 KB
59 KB 702ms
693ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/bong-ro.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d82e79f001a8e94fe29d762e62e6cb4297738e3a9f5373e74248630a360fa0c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Wed, 23 Mar 2022 14:15:44 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a8da7bc03ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 59831

GET
H2 200 bowling.png
bongdaplus.vn/img/sg31-games/ 56 KB
56 KB 703ms
694ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/bowling.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a4e05606b9ebdfed1222f72aba2bf464fb426c565c04f95db25e31f275872cc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Wed, 23 Mar 2022 14:16:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0c16c9ec03ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 57703

GET
H2 200 boxing.png
bongdaplus.vn/img/sg31-games/ 61 KB
61 KB 705ms
696ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/boxing.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c0adfe08302c6aca5a6134a34b1fe705d888f08a12a4d4aa3102c9c07a08d825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Wed, 23 Mar 2022 14:43:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0cc5e4dc43ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 62466

GET
H2 200 cau-long.png
bongdaplus.vn/img/sg31-games/ 71 KB
71 KB 708ms
699ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/cau-long.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 55b29652aff63528d8418d2d54265fbb0662fc581f2c786a6da062e8daf30103

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
last-modified: Wed, 23 Mar 2022 14:41:26 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "02ff512c43ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 72738

GET
H2 200 cau-may.png
bongdaplus.vn/img/sg31-games/ 61 KB
61 KB 709ms
700ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/cau-may.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5d8d79b7f6c7888019b2fc878d9cafaa8b32a99d72ac2f33f1cf3d1b693efe38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:16:14 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "04bbc8dc03ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 62376

GET
H2 200 co-tuong.png
bongdaplus.vn/img/sg31-games/ 75 KB
75 KB 710ms
701ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/co-tuong.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f1abb286d1717fdf74dde53c804db0e079607143466de5a8873782d973a9965c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:51:34 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "09f5a7dc53ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 77134

GET
H2 200 co-vua.png
bongdaplus.vn/img/sg31-games/ 60 KB
60 KB 710ms
702ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/co-vua.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f9047b80e8f427e88ee89204e2425aacb25d3916a00faa2a536e328fcafec318

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:52:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0423c8fc53ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 61780

GET
H2 200 cu-ta.png
bongdaplus.vn/img/sg31-games/ 56 KB
56 KB 918ms
910ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/cu-ta.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b6cf400994136752808f6b55a50068d1743f1b38409f349504b55adbea3e5511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:20:06 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0af418c13ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 57159

GET
H2 200 dance-sport.png
bongdaplus.vn/img/sg31-games/ 56 KB
56 KB 923ms
915ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/dance-sport.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2a8280fc86d184a0864eb033ea1b563a8f0e238b52d51c3c604c901b9fc7343e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:10:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "06cd0aebf3ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 57235

GET
H2 200 dau-kiem.png
bongdaplus.vn/img/sg31-games/ 45 KB
45 KB 924ms
916ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/dau-kiem.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d2aba43b2f7dc73a8f138c5b6f2380b61a1ce4d706c1b625e896b9c909083555

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:11:18 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0474eddbf3ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 46038

GET
H2 200 dien-kinh.png
bongdaplus.vn/img/sg31-games/ 63 KB
63 KB 925ms
917ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/dien-kinh.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ec67132e5c9bf3970bb1fd7ff7d1af523ef919c33a0aad70bf3076aff2e5e89d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:00:56 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "09c906abe3ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 64649

GET
H2 200 esport.png
bongdaplus.vn/img/sg31-games/ 66 KB
66 KB 926ms
918ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/esport.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 35c97e4cca560f7c02ee0447ec25b97f0a04ceb1271829f9f037222530c0792b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:17:30 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0f98bbc03ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 67543

GET
H2 200 futsal.png
bongdaplus.vn/img/sg31-games/ 63 KB
63 KB 927ms
919ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/futsal.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 226da9f48ebc9864e8b739b01e030df91f4719e6848913a53ee56fd0598e6f32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:45:28 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "07433a3c43ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 64438

GET
H2 200 golf.png
bongdaplus.vn/img/sg31-games/ 63 KB
63 KB 928ms
921ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/golf.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d20b4da129f642804459f05f5a0b911d92c3257796e9e77d51e3fad52d17e5ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:42:06 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0b3cc2ac43ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 64635

GET
H2 200 judo.png
bongdaplus.vn/img/sg31-games/ 51 KB
51 KB 929ms
921ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/judo.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 242a54d4a8bd00e2f1068568a9d678b6079a32d04deb018459c6897723c402f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:12:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "052b9f8bf3ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 52332

GET
H2 200 jujitsu.png
bongdaplus.vn/img/sg31-games/ 55 KB
55 KB 929ms
922ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/jujitsu.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bb3a0b14d2820bcc0d3ebb3aaa6164286aa6bcdee11adf95905e76a75d9fd274

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:10:26 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0b54fbebf3ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 56376

GET
H2 404 karatedo.png
bongdaplus.vn/img/sg31-games/ 1 KB
1 KB 930ms
923ms Image
text/html 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/karatedo.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
cache-control: no-cache
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 1245
content-type: text/html

GET
H2 200 kayak.png
bongdaplus.vn/img/sg31-games/ 66 KB
66 KB 931ms
924ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/kayak.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ee0b4a263c36dbbfa3074ac082822dfb8edbdb4aeaaa3b0c39b755ead4bf3110

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:47:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0e46bdcc43ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 67308

GET
H2 404 kick-boxing.png
bongdaplus.vn/img/sg31-games/ 1 KB
1 KB 931ms
924ms Image
text/html 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/kick-boxing.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
cache-control: no-cache
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 1245
content-type: text/html

GET
H2 200 kurrash.png
bongdaplus.vn/img/sg31-games/ 70 KB
70 KB 932ms
925ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/kurrash.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d64ede886a459dc3475ba66135c45fba44d7d68e9a0ecc161af98f1087090822

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:12:48 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "030f312c03ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 71486

GET
H2 200 lan.png
bongdaplus.vn/img/sg31-games/ 54 KB
54 KB 932ms
926ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/lan.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: aa8cc6a5990d8b1b22a60cce1a006516706feaefdc09e5db8d94f41e85097be1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:33:32 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0866ef8c23ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 55437

GET
H2 404 muay.png
bongdaplus.vn/img/sg31-games/ 1 KB
1 KB 933ms
927ms Image
text/html 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/muay.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
cache-control: no-cache
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 1245
content-type: text/html

GET
H2 200 nhay-cau.png
bongdaplus.vn/img/sg31-games/ 54 KB
54 KB 934ms
927ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/nhay-cau.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1145a041a43236c0d117e84adfab62d062938676efefd7288201219fb3c8e680

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:34:20 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0bea15c33ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 55668

GET
H2 200 pencak-silat.png
bongdaplus.vn/img/sg31-games/ 54 KB
54 KB 935ms
929ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/pencak-silat.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e5390516c1911fd1e0621b9736946759a56f0d0cff9671e5d4fa2aa11e80b846

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:08:48 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "018e683bf3ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 55652

GET
H2 200 taekwondo.png
bongdaplus.vn/img/sg31-games/ 45 KB
45 KB 935ms
930ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/taekwondo.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8d8d5648a9f1b36dd14faf9950380d6cc10fdb4434ef137af8a1b2032660dc2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:07:48 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0d22260bf3ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 46271

GET
H2 200 tennis.png
bongdaplus.vn/img/sg31-games/ 69 KB
70 KB 936ms
930ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/tennis.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2b21a27575a54a68c3c294d2be79283d07127f078d53e694281de9d2e3929124

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:41:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "013a74c43ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 71142

GET
H2 200 the-duc-dung-cu.png
bongdaplus.vn/img/sg31-games/ 52 KB
52 KB 936ms
931ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/the-duc-dung-cu.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5574bf574baf4cd30f7d688072fe81de2ca3d4ae41a552e95597feae9eb1689d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:38:38 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "06bd2aec33ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 52947

GET
H2 200 the-duc-nghe-thuat.png
bongdaplus.vn/img/sg31-games/ 52 KB
53 KB 937ms
932ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/the-duc-nghe-thuat.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d06bb96a2fa14b24dc3007fa87dc1cbd3031fdc6baca346081f57614568482ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:38:06 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "09bbf9bc33ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 53749

GET
H2 200 the-hinh.png
bongdaplus.vn/img/sg31-games/ 61 KB
61 KB 938ms
933ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/the-hinh.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4bd5260ea90808ac18a3ffde781c62f61e4c398b42d8d26e0a580a07f1db7834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:18:28 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0129bddc03ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 62594

GET
H2 200 vat.png
bongdaplus.vn/img/sg31-games/ 51 KB
51 KB 939ms
934ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/vat.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e536a158a9991e43e482c7b26796cb761f79a9e9fdf23c1274f8b9c30caecaa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:09:10 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "07391bf3ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 52507

GET
H2 200 vovinam.png
bongdaplus.vn/img/sg31-games/ 55 KB
56 KB 940ms
935ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/vovinam.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b570ff0b65addb8846c8058012feebb8042ed02092ba8ccf8c104a9947899203

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:09:34 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "023519fbf3ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 56755

GET
H2 200 wushu.png
bongdaplus.vn/img/sg31-games/ 59 KB
59 KB 1145ms
1141ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/wushu.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fc375e5895482c998a5d2df369d3e4fa035e4d5df110a75bf343da53d713ace7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:08:10 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0c13f6dbf3ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 60042

GET
H2 200 xe-dap.png
bongdaplus.vn/img/sg31-games/ 63 KB
63 KB 1147ms
1142ms Image
image/png 42.117.1.227
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bongdaplus.vn/img/sg31-games/xe-dap.png
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.117.1.227 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7e2cce7f73bc3f83060d91ca36fd92c07d5ecab40efa798a00e7526aa1e2e972

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
last-modified: Wed, 23 Mar 2022 14:49:24 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "032de2fc53ed81:0"
content-type: image/png
cache-control: no-cache,public,max-age=31536000
accept-ranges: bytes
content-length: 64425

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5ED0 17 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Aug 2022 00:46:02 GMT

GET
DATA 200
OK truncated
/ Frame 9868 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 261075f38268ed40d6f8f02ea07b25a81975243b44f6a66f54b4af6749beae01

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9A6A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4ad7e9484f6692604b3f655fbaea24510d150f8711629b400e3df608e8ee587

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame C995 13 KB
13 KB 29ms
13ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90001.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 19:24:52 GMT
x-content-type-options: nosniff
age: 364870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 19:24:52 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame C995 13 KB
13 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90001.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 16:24:40 GMT
x-content-type-options: nosniff
age: 462082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 16:24:40 GMT

GET
DATA 200
OK truncated
/ Frame 312F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1fd7e40db07cda820fb7de71f1d901dff4dea6b042433d39277ce581962fd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EB3E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d60e74c119ae8e90c0d9b9937eaa88ab56782bc9acaa597d0e972e872c8bf87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 43B8 13 KB
13 KB 28ms
13ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900020.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 19:24:52 GMT
x-content-type-options: nosniff
age: 364870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 19:24:52 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 43B8 13 KB
13 KB 26ms
12ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900020.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 16:24:40 GMT
x-content-type-options: nosniff
age: 462082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 16:24:40 GMT

GET
H/1.1 200
OK viewability Show response
hal90006.redintelligence.net/ Frame 0BD7 0
150 B 26ms
12ms Script
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/viewability?s=78214100005187700757589012066006&a=0ff6f678&vb=m
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=78214100005187700757589012066006&a=583bdfce
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/request_content.php?s=78214100005187700757589012066006&a=583bdfce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:02 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 0BD7 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D652 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6MWDBAEWRb3vrYo8Bis0YykIqNoXt9Mnpc5M9UJEwZ0CA85Idd90ud8WArXj4WZgQ9qU2mkXqrjF7KQ2JYOIf0SphXqFgXPqeiAa9RUFpbelegtWIwNgpXFCQPt_ZBVq9fuqVSuw&sai=AMfl-YRonLMCj3rCDIVW2rFWmAWCzQzEa1XPHp-rrawpN1BuCHFvNO0t9d-tzu44F6TfNLwZFLCaVy5LXFUpCJ7H5t7Lxju1uBB9RiOYqUnydrgjaepfHfFRWblhIMORBetU&sig=Cg0ArKJSzKbQXO43l2WsEAE&cid=CAASKORoVjinLopX1Mntx5fgghY26MTbrSCcXPuSPaBbmnXGpgsUYmq2oUw&id=lidar2&mcvt=1114&p=120,79,160,120&mtos=1114,1114,1114,1114,1114&tos=1114,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3219569482&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661733960729&rpt=323&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DB4C 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCLhMaB0PCYAorjqS5gKtPMyv6UVb_0WsDKGGlzYCWFGpSSdKoEqYBBA33m99pFtIVNnn8KizW9o2gQcqx-UDaInrd9YJSrPdpVwcyf7BOeZyZzCWL5skM1-I7w3evP6HyaHTdnIw&sai=AMfl-YT5qPZ_YSD7ORiHuff0tl7S3qXCQ2L317bXH9bXx9BYWiGKP1kIlUN9bZfklqoCzI4V7daOxoFYsEn873cANQE2o_VfLd-HBjBe_TVEwjZ4HgEvmr7YACIghfn0zQgM&sig=Cg0ArKJSzDkKt8hjl6QxEAE&cid=CAASKORogClGphZV7TcTEMBIq3z-x2VSAT7lH65aM50o7E6YLA9OUloER0s&id=lidar2&mcvt=1116&p=120,1559,160,1600&mtos=1116,1116,1116,1116,1116&tos=1116,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3565502267&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661733960732&rpt=359&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 86F0 98 KB
98 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5976478001652688715/1657637830060.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5976478001652688715/1657637830060.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:44:38 GMT
x-content-type-options: nosniff
age: 84
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 00:59:38 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 86F0 57 KB
57 KB 9ms
8ms Font
font/woff 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5976478001652688715/1657637830060.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5976478001652688715/1657637830060.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:03 GMT
x-content-type-options: nosniff
age: 59
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 01:00:03 GMT

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 67ED 98 KB
98 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:44:38 GMT
x-content-type-options: nosniff
age: 84
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 00:59:38 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 67ED 57 KB
57 KB 11ms
10ms Font
font/woff 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:03 GMT
x-content-type-options: nosniff
age: 59
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 01:00:03 GMT

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 5ED0 98 KB
98 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5976478001652688715/1657637830060.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5976478001652688715/1657637830060.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:44:38 GMT
x-content-type-options: nosniff
age: 84
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 00:59:38 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 5ED0 57 KB
57 KB 14ms
13ms Font
font/woff 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5976478001652688715/1657637830060.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5976478001652688715/1657637830060.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:45:03 GMT
x-content-type-options: nosniff
age: 59
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 01:00:03 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame CB7F 13 KB
13 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900025.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 19:24:52 GMT
x-content-type-options: nosniff
age: 364870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 19:24:52 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame CB7F 13 KB
13 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900025.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 16:24:40 GMT
x-content-type-options: nosniff
age: 462082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 16:24:40 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
476 B 89ms
15ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bongdaplus.vn&callback=_gfp_s_&client=ca-pub-5230701648443988&cookie=ID%3Dea40787c55c69d63-225cb19e0ace006b%3AT%3D1661733960%3AS%3DALNI_Ma2-t7MnWOjS1c_Rg1UIYlq5cUN9w

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5230701648443988&plah=bongdaplus.vn&bust=31069108

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 32ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bongdaplus.vn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Aug 2022 00:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 34ms
17ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bongdaplus.vn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Aug 2022 00:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&tn=DIV&id=ub-left-ad&cls=ub-left-ad&ign=false&pw=1600&ph=1200&x=0&y=139.2

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 44FE 0
16 B 115ms
115ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5230701648443988&output=html&adk=1812271804&adf=3025194257&lmt=1661733962&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661733962099&bpp=1&bdt=4859&idt=372&shv=r20220822&mjsv=m202208220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dea40787c55c69d63-225cb19e0ace006b%3AT%3D1661733960%3AS%3DALNI_Ma2-t7MnWOjS1c_Rg1UIYlq5cUN9w&nras=1&correlator=8594868465618&frm=20&pv=2&ga_vid=1419012330.1661733957&ga_sid=1661733960&ga_hid=1119592781&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44768832%2C31069108%2C21065724%2C31064018&oid=2&pvsid=1105031247096242&tmod=399087720&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=10&uci=a!a&fsb=1&dtd=389

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B0E1 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7FjlSAwMY-qWM63G7_UPubUIAAAAADgB4AQC&bg=!CwilCEzNAAYUOm8VNDo7ACkAdvg8WjDXqXM0BUzrbMK5zAYFioxxW1UrdIvSIYyBiTLZk5amBHwWVQIAAAOBUgAAAAJoAQcKAFlLn3qLidr-8OvOYJOQzVWiulV-eIsfV4Qo03ZazgkabtDcBoPv89ScaScwOj_T8ndD7RvCLeihKs6Tz1KxdqX8ngMYQuryqfHNQ-Ej5jP8V1Z4nPVtEquFd5kDJin7Qc7y8BPlFNpH8roJYcLFoToiwFowRHLO85vNuV1_4T6FO-cjg4efYe7hSGucO6F6t8jsOXpbt0TMHQHFzAEYI27LRTF2vL62cd3ec06N06wsudRYm8rgR_O6Ek0hgvSvlEWVzvLahjQNmFYYTmtlQeQ7DCw-Fidlu7l8GbUPnsJswuf2poaVktnDezjj1DHs_a9db16Ncn8W2FLyLefvtC1ACpUw8oMUsy3ZUaCavVJMFWjS0ttJLG9J_IoD4BISFIlPWE_MSdUVEevnttKynwn6vFCf9GQvlnrKptoXV3JNIi76-DlCrOxxfHQR4q8RC-PGUsla8IqcctJhnfxSbUKFbVoPMCM-gf-Z7LURY8A_Six0lL4BwTc0WV2J4gxRfpgIlcHFQfwuiQmwPhxRNgIXgydQWRhOacmCU1e5hpu_twumlSt1aK7TRdcT8MsdTUwiv4Bj2HotQWvYY5lR-jWSoLl71LXsbXxiQV-JRRdRQn8sx5kwafrGfgHWcqQPQTRyR6hDCajt1BNsP8eHez594iuys3RCaQJZHiXtpja7iBVQr1RGwOoSvtC4BtYaxBODHrHTDB_LW8fYHqRPxzprRfJO8qQ120kxZickUbyNbRHFH2akQmMbjQvklQZ_9Ce-NCdwRwaHCOaTh-qtbgO2KilOol0PtNnZ73Vj2S26MowkqUcZNB4HQStFd3taqlQwnLYpbDWqC9MKFu3BjeCd7uQ4UEIlxEFKYpDwDfMWplkxSJikL39KOmWWDRi3e81kBRuh6NZC4ZACAlZege0a7a8L6Q3VJjh7MzhzeclsVCElw-3xDFAkDMyLH4D0eF_rww_8w7imdcQDbDiOJWng2txDCC0zNrH0Z9tKeACkiJmhqsdXbY7ltkqW8EUXd-7aUllKFRylyoOF2YU8vBeKr0DDOll_q34OxVu6qBhoxuR98eD5SG58Z8mDdMKjixiwtysjWQkY8K3HMqH57VC55JENZsqOyLZ_yvkkZkvuUDeAEVGuUpeQExZLYfRs3YO7JUSSy9maGlFvDqa7YLW4lEIkCleCs9vToHDVH8UQbiOS

Requested by

Host: 5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
URL: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 69C5 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwrjZSAwMY46_M9aWx_AP57qEkAMAAAAAOAHgBAI&bg=!v7ylvPjNAAYUOm8VNDo7ACkAdvg8WuBAu5Ob9asMxAPdF3lRWdIQ0WDJd469NcFll1zPUg9dteK9UgIAAAN-UgAAAAJoAQeZAzCjbq8DG61S87_j1GFdCm6qCkVYAtPGvLAsNYYqtM01--O-DIany1YubcHQ0vvjFevYvU06SH0FyMHpIX1jtfs15d83z2RMMFAcYWV9fuQR82WYigMC8QLw2DOQ08m526bKS7iPAtoUi0jXWA4Rxe0R3TXBLW6KimqNPPCH1BvtG4Oqy_hUrKUWn2DjFrty5pxgfQ7SZ6yo8dbqMQqbACDEOUFQWfpyM-dMG_ucjjKJOy4jrgg6DBP9wDD7KyyrwCgjVx99jJdIDk1boUwJJ3gsiSL0EnwYMWcUm3Zh4z-GrsEjo3e0MWrlj6IV0-UxKGkQeZC-kXlys-0bLP82cimXZK1gtbsSeXeFkyA02XK4LuP5wx9zzrxZpNlhDJVoADhoiqEGk7QQwfY4BM4e7IvJLtXkxr7tERLELBjc_-Jfn0ln03t15-ocNyu1ftyrqQeQzckuODacyimeNPFMZ5o5m41NJbw0--840uTUVBQGiBAFky1iSAlYDf_yVKc9bQ68DUSktPU52cESknqvFY1LsxYsza06B1isUXOqvTfJsnDOak9Cp4ZuBC1h-H-vR31RTAK5hgun3CyIWqcXuXadGYyQom0sdrqLbwnRAM3YEZ4TIi07AEOiRf03dZLaFKikF8_FXPrTtGSc8wYVsDc1AjP3BpmOma6eakUiV5xZwXAR_5caLLYUXC-i4yTXh9Hnzy_Gf8IU8pe6C9w6YkfjACLdlt9DV1oWktAs3wFuCfSDz9hB4Z9L7vFPA5ebCThyg_99KVZi0Ke9GWA06r2ul3mfuu9IGaT6FpIIgOsAtpWLtg9QVDrXCihVNmNXSkDG1c-mSjtAWjJ8FnuwJXFdhnkQPNyxtrqzgPKwbO-3jr94cluA750Q_riQdLAZR0CpR2YuQlsgPRGRS2wGRE2j1zzjwhSqkndzHtIdTFQHyFyirP0eWDiw3vaSD68YwY-l05z-4dwQ3wbXZW7xqaS8E9lqv_e6fWsWvPH4W6PnMtPPnrm5bzTyIvEQR-XXU7AgRH8GVqlUBhgr2VXIDkuyM9EYuK4wXiUuh90gs9X0oRWfZRjTbNgkmQULHQfxzp8

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 245D 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrLxISAwMY6jINMC49u8Plq6GuAgAAAAAOAHgBAI&bg=!JySlJGDNAAYUOm8VNDo7ACkAdvg8WgqDjXuVl175Uwms9mehZC3dqAiEBRqQZ_ZNPszvfpFY0Ja-1AIAAANoUgAAAAJoAQcKAAkd5kL3EZoe1ZeZAxUoqKwkm_48WcRBdYZRg7d9mq1c7It5eYzE6O_vhLY_TC7EOJvLKEn4aTICEWIApHIdLGtFCOsg-f3oKb2mf1zkNiCtP8kihuRkmKxPS-Y059Y7eq3qSnSyBCbFNpUI0nNEEGQ6L-RYpd81HC8rxY51BySnYPCX1D9ewNfzN8JbGvH10QEBco8ul81ECjbDSoYtStB9iSz6BShHeLr-Et9zjGskHZ8m0IO7YayyHEl-6o8Zv6x-x74qFtG4FK1-QthgijWsgahzPCmkOZl1R3cKf1X5MsCceWOBlbGnXLDdbPPy33127GE7dtqJ41bLl355_8AXEtrdsLDDUDIunk78MRlfpM-TSSJqrX0ehsdwwy2vBTYwgj_qNE2IjkHCSoTouDFovlSImRTv5TRvjLUoqsRIbjSDIDGp61aqCCnaZFUPMrlNV7zxN3ECislGZAaMzNcpcJ4dV0O7VebAu4rbqifHz7yjtXqXKUba81pZS4p40j2nUUuTbTkxZp4k7eFzp0H64PwfjLlACwSDy3M8tIxzq1-4ZwrxlmlJeAb1cONhh-8eFlWSemG6XAnocCamYvdCxPnDJYs4WoconeUdnqGb5uR2ciP2gRO3yLyFl9gId4fUj7YDEFxOTTbmDUNd5M71B_0DEWu3tirUTjp32cEzVtvFb-d-gKOnEASjhT0_6iIG1TWBWqvch6cZcSCWuDyKVwnxeBjmTGObET_5bWMGbeUUBdKxbtb5QBfL--ifplVAB0ybtmkLoEqKZW7xPo94mzrI-dADpREi74wOKpi0FYoayqo9Cw8AqY52uPgN0c7B8LkQPXDviLu3cyGJWfMsz7cCKCMx8GzlhrbFnn6Fc6pfujNHygrLGgnrVci1RuNcaGflpZTkKSQPSDSKqk7p2Ibjq5paUUqrhynbq91hPsgDg4h42GyMcyWUgrA6KBJQqtCwe3rkMkyq28wD0qcvLGuaaqVtQ8zhbQQfB8CyDrbhPLcwpMy9Rsw6Wjz9uv1qHR4uc_sqWoW5R3fNmtQ612AN1yPzdmClIXld9Xp26ts

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js Show response
pagead2.googlesyndication.com/bg/ Frame F67B 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 17:27:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 199132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 17:27:10 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 4384 0
39 B 14ms
13ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32326580&p=158212&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
content-length: 0

GET
H3 200 BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js Show response
pagead2.googlesyndication.com/bg/ Frame 3341 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 17:27:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 199132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 17:27:10 GMT

GET
H3 200 BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js Show response
pagead2.googlesyndication.com/bg/ Frame 9018 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 17:27:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 199132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 17:27:10 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A3B 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYjUHSAwMY-yxNLr87_UPz-e8kAIAAAAAOAHgBAI&bg=!0NOl05fNAAYUOm8VNDo7ACkAdvg8WuG0pMI4hRPRQHXgTkXUDa3Ru4FNU9i-kogK6tcycnqJMsTS9wIAAANvUgAAAAJoAQeZAyc_IPMhdL8Uq8UFaUpshSSHfnE-ej6cobjSJvWCy7p5bpuZrvfai4jHcYCcyFrPoPvLfl3pkz8UpJTNqCfjeaEuQOoDXeCkVLkivqjMGUCDhlNyVXHe0ZOua1OjM9bN7Sd-cqohEHkso3A5VLvjvtAUO_PHRzNgvf_-3gZyEjIZFwKJ2lE_nd4UNSGyRMhmgFlo57nJ6M940JM0Gl3WSjHmRmtVouDUHW_K9Ddd2PKv29O_BxCSgohPgdYh0j3F6VCWaBFFOK3XiIA4T1mjm6bDty7QaIB9Fq8MBKRcZjjZbmU8fPk1WLywi35L_BgBcGQKQk6VyHg8reRx25RLiiZjtRUiWomEX6Xdn9ov4BbcPO2myaL2PQFw0YbyYQNdyvL_-sTOFPvrbe4Sfs7wLhDMqO25Gz-SncADFEnXIWotfePKRrN7B_qg5tTwOLqJnVsdhxGBRkbvSYUyLUtHVIZmddW087Dn2By23BCOam-hCxO9UNMqpXiJPD64KcnfZCERrSHCV6-E9i_Tw41eyvbf5TN0Hi7MyxPnucOH5f9C2VnSxMT39LqeVUTmrgzryXUUG2oAjmi8QgpR7VnpVvXbkmrlNyjAsCQH-EVrK3H4OQ7IXd9-SteRg9kd2yW-0nP5IbGGq5J40dg-olUZGUQXPVse42_Ypo_2FZeaVUiE_5-qYAk9tNC-Xkjon60n01nIP09FVXtRBobSjOcYXP9mrG2-QmG7McF2jBNQBpBtIqrgXvicC152k9ndENsxqMXkUcyLCeA8svPc5R8Gxq4b0x5wiOgxqI89uERdBuGdzOyiKuhxvFOUQCNBdu-C0kR39q-OqHp8nad_AHbc3ybJNR-GOniqNPNreCZjWqVl3FMfSNl01IK82gxz2rtNied-7BlvNwrCOEErT7Lpity-Iw7L10OlBedz31NQLIMm867C24uWe-PB-xaqIMwKFFXGjJfOfcQSNqUXvw11YWIrYk_MYsdXCR6kyQ1tT43AIceX0jCHQH1EdUBvXT4S97TkizeWP_AYf9kMq0EuxG8n4LD8vVHWKTZWDILy8M1Cz-kvy1Wn-P4

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 persist.js Show response
static.amcdn.vn/core/ Frame 3967 26 KB
8 KB 1272ms
520ms Script
application/x-javascript 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.amcdn.vn/core/persist.js
Requested by: Host: lg1.logging.admicro.vn
URL: https://lg1.logging.admicro.vn/_tracking1.gif?dg=b7ba1c1e4c54b4a41c44986e6dd206e7&fl=-1.-1.&je=0&sr=1600x1200&sc=24&hn=bongdaplus.vn&cat=&g=0&i=s%3B1661733961229%3B0%3B0%3B1%3B0%3B0%3B1600x1200%3B0%3B1%3Bb7ba1c1e4c54b4a41c44986e6dd206e7%3Bb7ba1c1e4c54b4a41c44986e6dd206e7%3BGA1.1.1419012330.1661733957%3B-1661733956173%3B244%3B465%3B355%3B230%3B0%3B-1661733956173%3B-1661733956173&rdm=0.750710073728313&p=%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&r=&ce=1&lc=&cr=&ui=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: 9e9efcb83c65b19c1e5beda26cfd017576e8ed57bd67876ca87f7634ffc8bf8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lg1.logging.admicro.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
content-encoding: gzip
last-modified: Tue, 04 Jan 2022 06:49:30 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Mon, 29 Aug 2022 00:56:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AEA 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLzQtSAwMY6OQNMeQ7_UPzsGzyAwAAAAAOAHgBAI&bg=!o6CloOTNAAYUOm8VNDo7ACkAdvg8WuZC_gEP-pmX6_zyqNnKlBIk11tqXzgR8QeigLQC-R-xSQubBwIAAAOuUgAAAAFoAQeZAzaCspr62Qw4zEad-D41DD-nnXaIOOXPI_ZRM7X_k23au8BlHck19T8f2jhSLGbaM28Aju6-Je1xuja-d8h7_L8LfLSYV4XKf258GYlrx1mZhhbiTOZfBb9M2EfGGipv9jY09mcagEmrnB3ZyVA5G8Ec2lL-HDX3933efu_IogFMVNXNWF5As2D2Slj5Z-Kju5yc-hamtu55bnNGa1k4u9IGXq98ZjXx-zP6UchMqpaxw3WMJbqXe1lYCDDvKQZOkev8VKhl0MpK9SENLOTpKFotxvAuZGvcIrFS7ziUd85U5QcMAkUBEILQxg5OqLjXyftqrNLxA39XAyL9b409VYCmS2rIxGam4pD9Kjm5CSJMSCSazXU1V-jt9dzpUP4utmnQBhIUkU8tpKs2rBIH9OuXDX1wq72ms2DjzP5wCtadlBc4ro0sXabV3EN8XKYxzUbB2Nnt7_l8ELXGqt5EwznbpPPnGEibpSg5xhF4yPODtq4M8zEmUrSlwDYVtuJBPBpWI4xFZ0qjS63CZ-u-cwe-5otVg-IQ-gVYDWOz3C7XjcURFXpcxgJJmS3eIZ74oWSGdCRZX5uQkJJ8xtX3SPvXmTnAa4o9yji3kqysr0i3uvGVEs1NyzOeuXe74VhMgqc1Zn1niHiH0QPThh3bu9-K_UtEBtPdAq_26Ob33czDdsBIwpXmP9UktHInX5ipCqEfNUAnjv1hzB7HlNRh6peZODahG7SGaUSrtceGwrLdoucWCm5dz8x79YqiAcHbZzJ6-1AHnWZYK-lBgxN0bKjZu-8f9R9cw3ds5qb4K0pljjok-EqCMPu1JYw4TJjEWbDhxpnl0tyDHstv3DFSCN-UM0xVl09KHzI7Mw5xcLvJ5HWZuF082lFGzNjLE5aErI7W2cC0UAHzPwioswjdEZzFZVZDP88romX1g8AldAhw2yFf5PvhioI6ZJJICd5c-4AAiUwhX0MBzTxUfJfBqo_T4CzJEHvatT2I03j7_Zk8vI1mUYHtZ5FawFhP4l5WKZ6P0Z8FUtWP66jVtYMIoUSwBdRc6iU0IsamLj5e12xDg8b3nRouNQypdREoRs6zhZZ2QSOrvyI

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 l18gb-tacho_fairflat9991d849-ba8e-45c7-82a1-eaa84a1b997b.png
s0.2mdn.net/4528404/ Frame 86F0 45 KB
45 KB 21ms
20ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/l18gb-tacho_fairflat9991d849-ba8e-45c7-82a1-eaa84a1b997b.png

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8d1432f818ce537e575b7808c6df7cec1a9137a78251d477e347a3982c1adc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=wd7gSRgWtS&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 08:45:50 GMT
x-content-type-options: nosniff
age: 57612
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45596
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:14:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 08:45:50 GMT

GET
H3 200 l5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png
s0.2mdn.net/4528404/ Frame 86F0 35 KB
35 KB 8ms
7ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/l5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e92131580be33adc0f7f3e63a86eb2fda7a504d599e1347cef2dba0ddb5ffa45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=wd7gSRgWtS&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 13:19:21 GMT
x-content-type-options: nosniff
age: 41201
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36233
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:14:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 13:19:21 GMT

GET
H3 200 lv_700x1605_2207-anf-s-liebe0963119f-6c90-4a07-8443-e783c7906658.png
s0.2mdn.net/4528404/ Frame 67ED 157 KB
157 KB 23ms
22ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/lv_700x1605_2207-anf-s-liebe0963119f-6c90-4a07-8443-e783c7906658.png

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c095218a41f63c1fc5a108346fa31503577aa41fc00a9fb99bcd6e942b2ee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=TRmbYZI7qA&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 17:05:14 GMT
x-content-type-options: nosniff
age: 27648
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160522
x-xss-protection: 0
last-modified: Tue, 05 Jul 2022 09:10:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 17:05:14 GMT

GET
H3 200 lstoerer-gbplus-2zeilig-2e91d4246-1605-4a87-9859-d3ceefaf6787.png
s0.2mdn.net/4528404/ Frame 67ED 29 KB
29 KB 22ms
22ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/lstoerer-gbplus-2zeilig-2e91d4246-1605-4a87-9859-d3ceefaf6787.png

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43eee97b916f7cae9cac6a504204f9b845ccb1c760f882bebd36fd6138948fca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=TRmbYZI7qA&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 07:06:11 GMT
x-content-type-options: nosniff
age: 63591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29864
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 13:03:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 07:06:11 GMT

GET
H3 200 l18gb-tacho_fairflat9991d849-ba8e-45c7-82a1-eaa84a1b997b.png
s0.2mdn.net/4528404/ Frame 5ED0 45 KB
45 KB 66ms
65ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/l18gb-tacho_fairflat9991d849-ba8e-45c7-82a1-eaa84a1b997b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5976478001652688715/1657637830060.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8d1432f818ce537e575b7808c6df7cec1a9137a78251d477e347a3982c1adc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=6jueUSBsAc&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 08:45:50 GMT
x-content-type-options: nosniff
age: 57612
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45596
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:14:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 08:45:50 GMT

GET
H3 200 l5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png
s0.2mdn.net/4528404/ Frame 5ED0 35 KB
35 KB 66ms
66ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/l5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5976478001652688715/1657637830060.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e92131580be33adc0f7f3e63a86eb2fda7a504d599e1347cef2dba0ddb5ffa45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=6jueUSBsAc&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 13:19:21 GMT
x-content-type-options: nosniff
age: 41201
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36233
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:14:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 13:19:21 GMT

GET
H2 200 adm-tracking.js Show response
adi.admicro.vn/adt/cpc/tvcads/files/js/core/ 2 KB
972 B 209ms
205ms Script
application/javascript 42.112.37.35
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL

https://adi.admicro.vn/adt/cpc/tvcads/files/js/core/adm-tracking.js?v=0.3562631347985834

Requested by

Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcorearf.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

42.112.37.35 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

Software

VCCloud CDN / 563.1916910fb4f3b188f0272f680f421a56 /

Resource Hash

0f0fb4b01ebe72db6ad4251b31d6849c51c5423ec62042a77923c876b0341d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 28 Aug 2022 11:01:16 GMT
server: VCCloud CDN / 563.1916910fb4f3b188f0272f680f421a56
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0506 0
20 B 46ms
46ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B01tTSAwMY9eSNfid9u8PgvatyAIAAAAAOAHgBAI&bg=!7O-l76vNAAYUOm8VNDo7ACkAdvg8WmUUQq-5xPVFA0B69gSV8_pFsA4LCTPXCCMqKO743hr4-EW0eQIAAANmUgAAAAJoAQcKAEs9dcbvd-wwn0X884UysceAnTQ8KFarnn5SNk2AbwxPiGVvIl6wfSDOn_BGRr8s4oYY4Qj0H85_qlJQ8Vlx-11RJDSJNp8-uLIUthiZAypUEhP5-5PYzZvs4MmMYqIEK5wVWPmYEjYn1xTe2_bITbaLbGL12zoI_bVh4Xt5l3Kqw7Vg23CpqK8s2znvqKpwlK-EnZErKWSBsIa_hPEjC-IbSjzUOHP1JQdkDWocZJnYKVgLjj5TS2rn1-uwQaE5Prf0DMQr9aeIo_VAFKVhe-ZEiDdWLbax3LyPLI6CLZeUT3gUqaQxD-TJ7jOR0PGaZ5Ykyd0n0l9-xPcNNF5FBh6Fb8OfWPnl0Hy35SGCMb8Fbv543nysfH02T_DLb-McpQ8AMFN0y8wb-XF5ObLsqOLvv5NVEbiQHtOfjV20OqGcdoo2M1gI-4KJfgaROwgbalY6-b0d-KL_QKGOaAnCx5hU4GAX6BgLHstDaZqe4MFcWG1hMKiSk8cyxuJFgLt6b4x5-Hv8iNinxpy7FHkcFTuEgq2sFaxlWpgqOohUfSqHErPiH8eZ5xlQOddL81TjIlzaM4zWSpXWqV-oFiAuipqTZ9nk6oRRdD1olu98zQYrdgxMbCNuvhArbEhhUX440NbD1FOuC8TzcvYg-EXE4lIfYZf7HgD6VgTbtHyJw5YxMqrDkRbNZAVwSSm2fXJ7OS8eYKSRqtRo7AAEwn-v4K2fVx-a0pNUNLuMt8xKHjgVBYtu1vdBjAoyOldn178wu73EyxAEGQ9jXnlLvbT20ZW3jC_62SIuS3W4oanj6IiTFy3k-deSz8LrxvKICC78pU9JKPJz-MEZk5r6NaAMFgS8f0QQV8pEewn-kxBbBpxQfX7BqZrBievovOvrKH3fOMWxC8mnsQSyAx-j4UGE7akYUOuFzKX7blxrNDZWJ15C8DWHumW262igD38jXFuID5qnxNIFBSWM0ZTXdo3vZZ_GY1L7WWodCfSZ214waoZdc1Y2W8DTPuRHmiFl4xe4xG7px4GPEp6jFB_swCmjcsG2MNFMHictqsdGGFxYnSK709psmJOzHq8xLTU1gqg7s1TwEMd9uTWHJfeuW7ZO4tZnf562uGEQdMpVZAxXLKDeQvadPwrafIwwvRE0GGPwt-G7HPNgOlATr1gl7xotknjiyqLGjDYH1MM

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1043 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BaVpCSAwMY5KhNcC6x_APjeqZoAMAAAAAOAHgBAI&bg=!CQqlCk7NAAYUOm8VNDo7ACkAdvg8WlX2pn3lbxXV_z8VcFuwa5tS1X_w7qd2CelbF0iwXEt92V5dKAIAAAMsUgAAAAJoAQeZAzoE7Rn8-r6Q-CEevGeCnd5PvtcKA2Wes79oquH7k3UP2GIFHKX99F5H8gUxGd2EMhSSw11qrobNcvospBi7HWxcjFxwbM2igYsd3sL9e4QPJUSrq7Q4eJEhDMQOMgQ3pn0SXBWS5yTsdfbkH8CnAULcsEQyyR9bpXdtJCu4SW6FJ3FwlP1Jufbl-Sb-2_RDQOhZF_JwVoIAOb09SC2AnlcEADZq3JZjQRVJXQk5oQNAoXCjwpnt6OgAzz3nJP2FNwwYEotQHc9uVUidk0dKEzsLoICM36kEP5AtZ-h04iFtNelxZ35Xz79rmItea_mTKXk-Mkzy7dAiwLuMHOuIKvcVNcgXdOuz6nsBTwOfE_YoZ0Yfgjhox6xieKiSROH4D7wmmyoZG5AROnuX_Swn1lT6oTLM8gXWaoeqQnp6JeGaK_ELUCrw7F_4c6l4pgmpuMfQXQqiCcUc5RdrfV7sOcQU-zMvpZmmDkjeT802EJ9iIskph_faPczj7WbA8BI8odVZmCfBjfsJ30Ad0im_Etv25WzXEyZPqSG7Uf79_wYX70M7SZgIJLJgH3oWkoAv8vPgckNA8dzKjdYQuJtE0g93Kl_WIg3ecUUQ36CZmGsgU4cJui7dPicwDarILG_TP5tN6f6MNJ0rsGSBs3me3GNB2cZlkkOVl6ef9pihlBJTKbP9rsM0l0ZmaKPvIZOeRzpEC_Y886qnZnc6-kkQ9owXcGcZm4o66gnC4NkD7Cwdsbx7f9fZAUF0FqwcQeLSyawvcOBjYG0izMhTR7mXfpoALUNyK1j7_AWg3pPA-lG5vpvtUrEv6RMpaQ3mLWQPEWm1gphoyXW1OWKQHzkkWJPWUJfCwqI4DAW5gFcUpWSO1hG6h7wL4Q6tn96Au1ub8PjmZR8xOU5oUt09DHXOfVx3LWhil4oNUj8cxg-lowGjTeVzMM7xka5oXPJ9yjtqctExE7pFtsqlQMlmcbDMqOiJxDMYvm6yF_Bqghd3ySco4N51jMSdYPjgFNCEXxWq9fpkAr8a7juEmgcIw2UNeirVduHsegZYWcgRukYllPdz_GY8lTedroUE2PWTSXKBwAZ-vDGrwquRgvnF

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1251 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFapzSAwMY8GYNb2W9u8PgL-OiAMAAAAAOAHgBAI&bg=!gYKlgsbNAAYUOm8VNDo7ACkAdvg8WvPKUgmpHAa69-E6yFx5eZ3PkHxQjcyQPMGjxNm9u2G-hUkiEAIAAAMCUgAAAAJoAQeZA0aR1ldHeuzKE1y3JfbzDB9vNs3Iq6dOGSlzeVfyfCgBNUE8rF-35lTF6figC0I00xouPXfO_b8qEdXL8btIYaMSLIEmMu7lnoOKbLUjJx4OALwfctmSM73wqRTgJcbzy5KWh1uExRQWG2qRWci5dFsnAex6Xb0hWTQvuamufqgJ7_Borq-fsb8V5m5ybOEgXknUQGXBDAo1cdqHYj2B9PbIBwAhgYcB8nkEp3tCPXkK2QH3s7ZS4WM266LPJKuVLAKGoyp6baPo2k_Fykp5K2XIuDzwbAZwSNdfr5Rj0ryifNJcIlTNO7sb38yZ6mYMbBPlOeEBEQjRuTdy5VU9nRsqTIgDym1UccoRWfF-fvL8k1JpLzXt4KjKtU-zGmDzRE7Ah-2UsW5XO9Q6oMNrswHYUWuvipZaFbpnXpiC33Bg12AOzQENpUUZHgiKqXFizMD-xZDSeaGCgR3ZiXO8XgjGUrNLmBxZ7YK6G9TGnqO_0mYoYQ593MV07IqHwaFq4WV8s9xyDuHG8TK4Mu-3KQd6eGAUlqUvQxPojrg7tGteOMKF94bTizS92E3AeDaB8aNsPEeZ4NFP0izKkgVjRtq6YXRvPljklxvnGg6HHqJIISAUpUgzzDM_T7pbM3rsXbEhAvXWhne15-rp7X-xCuH9-tzQfdSH2k6hElcZMljUFOLVP2GKIq3IcpfAT1djpSRmd6EU34ShNNNLV3nB49U_EzK4hcwOC3Iy4iTDnV2M9h3R5Zrv0Dr960Sox7nD5LE4FE02Bj5N_HBSTZUtYQ2Hmh8ICeNO8w0DslZeqvA-jPdsvw4-8ZHNN7Vv8vKEV3yAZ39SoozoF0AHxVXWoXlxBdPMh8LmGdID_pJ0ntSQC-vy1K8FXtQ1OjV1Rm_pQmXQmpYbw_mCX_CDIyKB-r75ujzIK0L1lK4SHvr8aCmoZvI2JkrAZOkNckRfJCQ0Ug2aceAChW8zYLPMCVw38vTkvi5qsSGERlOq2z56ouuIIopKdInDvV_EnrWjd1lmE-x4us0vJ3hf5c58zyUAup-z2wbeIfRhn7Vi5xdgQNH1yew2LIWEBOTfkRB3kuKc8ja-auYGQjlp7WUw5NIVYt6QHjzsnurL

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 l18gb-tacho_fairflat9991d849-ba8e-45c7-82a1-eaa84a1b997b.png
s0.2mdn.net/4528404/ Frame 86F0 45 KB
45 KB 8ms
7ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/l18gb-tacho_fairflat9991d849-ba8e-45c7-82a1-eaa84a1b997b.png

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8d1432f818ce537e575b7808c6df7cec1a9137a78251d477e347a3982c1adc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=wd7gSRgWtS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 08:45:50 GMT
x-content-type-options: nosniff
age: 57612
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45596
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:14:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 08:45:50 GMT

GET
H3 200 lv_700x1605_2207-anf-s-liebe0963119f-6c90-4a07-8443-e783c7906658.png
s0.2mdn.net/4528404/ Frame 67ED 157 KB
157 KB 11ms
11ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/lv_700x1605_2207-anf-s-liebe0963119f-6c90-4a07-8443-e783c7906658.png

Requested by

Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c095218a41f63c1fc5a108346fa31503577aa41fc00a9fb99bcd6e942b2ee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=TRmbYZI7qA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 17:05:14 GMT
x-content-type-options: nosniff
age: 27648
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160522
x-xss-protection: 0
last-modified: Tue, 05 Jul 2022 09:10:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 17:05:14 GMT

GET
H3 200 l18gb-tacho_fairflat9991d849-ba8e-45c7-82a1-eaa84a1b997b.png
s0.2mdn.net/4528404/ Frame 5ED0 45 KB
45 KB 8ms
7ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/l18gb-tacho_fairflat9991d849-ba8e-45c7-82a1-eaa84a1b997b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5976478001652688715/1657637830060.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8d1432f818ce537e575b7808c6df7cec1a9137a78251d477e347a3982c1adc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=6jueUSBsAc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 08:45:50 GMT
x-content-type-options: nosniff
age: 57612
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45596
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:14:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 08:45:50 GMT

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 29ms
28ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=322171506365362&input_token&origin=1&redirect_uri=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a9d5aa629f2ec5743b97feb8a9678338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: oeyFsVdfxwm5BQ4ZdT66K0hYtrh1tCTvOsxd9IWFbYtGS1yq+AdoWlttaTvsNL2OrtuKa4xO15+LWSIaPXPgVg==
fb-s: unknown
date: Mon, 29 Aug 2022 00:46:03 GMT
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bongdaplus.vn
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 27ms
27ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a9d5aa629f2ec5743b97feb8a9678338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: A60wtafrc/2djvtFu36z0dTPH27H2sNPgkB/EknWdlLCCUXKrqHtqKylDQp5zHB4j4unhvJ33o38rejf0c8spg==
fb-s: unknown
date: Mon, 29 Aug 2022 00:46:03 GMT
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bongdaplus.vn
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cpx_cms
lg1.logging.admicro.vn/ 35 B
458 B 289ms
288ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/cpx_cms?dmn=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&zid=ka3ek337&pli=ka3ek77e&cmpg=jofjk14v&items=ka3ek77o&cat=null&cov=2&pgid=1661733959664277231&uid=1661733959664277231
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:03 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
content-length: 35
content-type: image/gif

GET
H2 200 ssp
lg1.logging.admicro.vn/ 35 B
458 B 289ms
288ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/ssp?td=0&ec=204&t=pc&oid=sspid_2013350&lsn=1661733961229&ce=1&lc=&cr=&ui=&uuid=
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:03 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
content-length: 35
content-type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9868 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIAmDZ0WKv-N-x__c84qECrtSypplS-QPL3gYOt7QUVgp8asI5jPGXWJLcxsqeD2CeK-k1-REC8JZJFP123j_8bNl5pPYjms-mMUiYVkBc454dkEiK6Tr3I3dRvQ&sai=AMfl-YQnMecxCtyM1L0vkZQ-zVNcX9pjUQV8PzHTWQ5PNN_b0U87l6kH7nYN7n2EkEDGBZs93YjwGBAnSu_VCSc7RSJoYAF8W4ys59oSCmZQJu0pnzjodjwuct5mgr98R1QQ&sig=Cg0ArKJSzNzFvEUTmLteEAE&cid=CAASKORoJHFtfBuo6-xWww-GF8BaNl4Wsoh13394ptNzu7madzvzbOI6ZO0&id=lidar2&mcvt=1188&p=0,0,250,300&mtos=1188,1188,1188,1188,1188&tos=1188,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3551364529&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661733960699&rpt=1015&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A885 281 B
573 B 31ms
7ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Aug 2022 00:46:03 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 sync.html Show response
cdn.aralego.net/ucfad/cookie/ Frame EE26 2 KB
1 KB 38ms
13ms Document
text/html 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 512
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 74214478293e9b71-FRA
content-encoding: br
content-type: text/html
date: Mon, 29 Aug 2022 00:46:03 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Wed, 16 Dec 2020 08:30:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thnSzVEbgQ5kB5byDaEH7%2FL293RXqMf4SU90E5L90IyZDvspdmlc8FplVkRols%2FR1s37UnJULzghIz3TQT%2F7Bgv8E6xd3UIZDF%2Fs%2BK5IDXc%2BPwBaRHepDvngmy2yoEn70uhVw5VQ%2BecUZU0C0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 62C7 15 KB
6 KB 8ms
8ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159448
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=103531
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 29 Aug 2022 00:46:03 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 30 Aug 2022 05:31:34 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 453C 52 KB
17 KB 43ms
7ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 71860
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 29 Aug 2022 00:46:03 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 924899
X-Served-By: cache-lga21935-LGA, cache-hhn4061-HHN
X-Timer: S1661733964.556829,VS0,VE0

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 27A7 926 B
1 KB 52ms
15ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 250
CF-Cache-Status: HIT
CF-RAY: 742144784b7490ba-FRA
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 29 Aug 2022 00:46:03 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires: Mon, 29 Aug 2022 01:46:03 GMT
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: THBBha14TFKejWVop+slac2Gat7v7s2Fu4JGgxBkG9B75xNQjO1mn/icIaXCsUesNFddupQ0giY=
x-amz-request-id: 15DG7FS62Q387667

GET
H/1.1 200
OK viewability Show response
hal90006.redintelligence.net/ Frame 0BD7 0
150 B 22ms
8ms Script
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/viewability?s=78214100005187700757589012066006&a=0ff6f678&vb=v
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=78214100005187700757589012066006&a=583bdfce
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/request_content.php?s=78214100005187700757589012066006&a=583bdfce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:03 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame EB3E 16 B
232 B 69ms
69ms Fetch
application/json 52.56.221.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-56-221-73.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 75ms
19ms Preflight 52.56.221.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 29 Aug 2022 00:46:03 GMT
server: nginx

GET
H2 200 pixel.gif
pixel.gliacloud.com/glia_player_media2/ 43 B
200 B 306ms
278ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media2/pixel.gif?ul=en-US&ssid=f5ae4e50-2733-11ed-8791-39d38387c415&ea=loader.beforeDomContentLoaded&pgu=https%253A%252F%252Fbongdaplus.vn%252Fv-league%252Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&pgt=Viettel%20%26%20B%C3%ACnh%20%C4%90%E1%BB%8Bnh%20c%C3%B9ng%20th%E1%BA%AFng%3A%20Nh%C3%A0%20gi%C3%A0u%20v%C6%B0%E1%BB%A3t%20kh%C3%B3&sid=glia-kib_bongdaplus_desktop&sk=kib_bongdaplus_desktop&si=kib_bongdaplus_desktop&sa=kib_bongdaplus&pt=DailyMotion&pv=0.3.37&ab=0&ta=0&cb=5288173079349940
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.21.6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 pixel.gif
pixel.gliacloud.com/glia_player_media2/ 43 B
102 B 305ms
278ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media2/pixel.gif?ul=en-US&ssid=f5ae4e50-2733-11ed-8791-39d38387c415&ea=loader.afterDomContentLoaded&pgu=https%253A%252F%252Fbongdaplus.vn%252Fv-league%252Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&pgt=Viettel%20%26%20B%C3%ACnh%20%C4%90%E1%BB%8Bnh%20c%C3%B9ng%20th%E1%BA%AFng%3A%20Nh%C3%A0%20gi%C3%A0u%20v%C6%B0%E1%BB%A3t%20kh%C3%B3&sid=glia-kib_bongdaplus_desktop&sk=kib_bongdaplus_desktop&si=kib_bongdaplus_desktop&sa=kib_bongdaplus&pt=DailyMotion&pv=0.3.37&ab=0&ta=0&cb=5601589327927681
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.21.6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 pixel.gif
pixel.gliacloud.com/glia_player_media2/ 43 B
102 B 305ms
279ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media2/pixel.gif?ul=en-US&ssid=f5ae4e50-2733-11ed-8791-39d38387c415&ea=loader.init&pgu=https%253A%252F%252Fbongdaplus.vn%252Fv-league%252Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&pgt=Viettel%20%26%20B%C3%ACnh%20%C4%90%E1%BB%8Bnh%20c%C3%B9ng%20th%E1%BA%AFng%3A%20Nh%C3%A0%20gi%C3%A0u%20v%C6%B0%E1%BB%A3t%20kh%C3%B3&sid=glia-kib_bongdaplus_desktop&sk=kib_bongdaplus_desktop&si=kib_bongdaplus_desktop&sa=kib_bongdaplus&pt=DailyMotion&pv=0.3.37&ab=0&ta=0&cb=8986174976704335
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.21.6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 142 KB
51 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PQ3GKRX&l=gliaDataLayer&cb=166173

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/player/kib_bongdaplus_desktop

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4bc4b0a73c7880a721486b69750fe1290ae7f0cb4e83bf01b988522752794c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52148
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Aug 2022 00:46:03 GMT

GET
H/1.1

204

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?source=283156&sync_limit=7
https://sync.search.spotxchange.com/partner?source=283156&sync_limit=7&__user_check__=1&sync_id=f5bcb2ce-2733-11ed-9fdc-1365eaaf0206

0
588 B

13ms
13ms

Image
text/plain

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=283156&sync_limit=7&__user_check__=1&sync_id=f5bcb2ce-2733-11ed-9fdc-1365eaaf0206
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Mon, 29 Aug 2022 00:46:03 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 94
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Mon, 29 Aug 2022 00:46:03 GMT
Server: nginx
Location: /partner?source=283156&sync_limit=7&__user_check__=1&sync_id=f5bcb2ce-2733-11ed-9fdc-1365eaaf0206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 6
Connection: keep-alive
Content-Length: 0

GET
H2 200 pixel.gif
pixel.gliacloud.com/glia_player_media2/ 43 B
102 B 301ms
279ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media2/pixel.gif?ul=en-US&ssid=f5ae4e50-2733-11ed-8791-39d38387c415&ea=loader.beforeDomContentLoaded&pgu=https%253A%252F%252Fbongdaplus.vn%252Fv-league%252Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&pgt=Viettel%20%26%20B%C3%ACnh%20%C4%90%E1%BB%8Bnh%20c%C3%B9ng%20th%E1%BA%AFng%3A%20Nh%C3%A0%20gi%C3%A0u%20v%C6%B0%E1%BB%A3t%20kh%C3%B3&sid=glia-kib_bongdaplus_desktop&sk=kib_bongdaplus_desktop&si=kib_bongdaplus_desktop&sa=kib_bongdaplus&pt=DailyMotion&pv=0.3.37&ab=0&ta=0&cb=7501983425140928
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.21.6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 pixel.gif
pixel.gliacloud.com/glia_player_media2/ 43 B
102 B 302ms
280ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media2/pixel.gif?ul=en-US&ssid=f5ae4e50-2733-11ed-8791-39d38387c415&ea=loader.afterDomContentLoaded&pgu=https%253A%252F%252Fbongdaplus.vn%252Fv-league%252Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&pgt=Viettel%20%26%20B%C3%ACnh%20%C4%90%E1%BB%8Bnh%20c%C3%B9ng%20th%E1%BA%AFng%3A%20Nh%C3%A0%20gi%C3%A0u%20v%C6%B0%E1%BB%A3t%20kh%C3%B3&sid=glia-kib_bongdaplus_desktop&sk=kib_bongdaplus_desktop&si=kib_bongdaplus_desktop&sa=kib_bongdaplus&pt=DailyMotion&pv=0.3.37&ab=0&ta=0&cb=3142020854065874.5
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.21.6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 pixel.gif
pixel.gliacloud.com/glia_player_media2/ 43 B
102 B 301ms
280ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media2/pixel.gif?ul=en-US&ssid=f5ae4e50-2733-11ed-8791-39d38387c415&ea=loader.init&pgu=https%253A%252F%252Fbongdaplus.vn%252Fv-league%252Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&pgt=Viettel%20%26%20B%C3%ACnh%20%C4%90%E1%BB%8Bnh%20c%C3%B9ng%20th%E1%BA%AFng%3A%20Nh%C3%A0%20gi%C3%A0u%20v%C6%B0%E1%BB%A3t%20kh%C3%B3&sid=glia-kib_bongdaplus_desktop&sk=kib_bongdaplus_desktop&si=kib_bongdaplus_desktop&sa=kib_bongdaplus&pt=DailyMotion&pv=0.3.37&ab=0&ta=0&cb=108447757766247.94
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.21.6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A885 31 KB
10 KB 8ms
8ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=31965
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Mon, 29 Aug 2022 09:38:48 GMT

GET
H2 200 mbongdaplus-KIB_catfish.js Show response
pub.lavanetwork.net/sites/bongdaplus_KIB/ Frame E8FF 2 KB
1 KB 287ms
284ms Script
application/javascript 123.30.139.122
VNPT-AS-VN Vietna...

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.lavanetwork.net/sites/bongdaplus_KIB/mbongdaplus-KIB_catfish.js
Requested by: Host: ads.novanet.vn
URL: https://ads.novanet.vn/Ad?ssl=true&v=1661733961923&ssl=true&zone=10484&url=https%3A%2F%2Fbongdaplus%2Evn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208%2Ehtml&host=bongdaplus%2Evn&ref=&hl=2&br=3&brver=104&osname=1&osver=0&width=300&height=250&time=923&h5e=true&nnc=null&cenable=true&newnnc=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 123.30.139.122 , Viet Nam, ASN7643 (VNPT-AS-VN Vietnam Posts and Telecommunications VNPT, VN),
Reverse DNS: static.vnpt.vn
Software: nginx /
Resource Hash: 038e08cb8d62ec4242ffa022fdba6152be27483e9564139a8105374fb48d0ab7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.novanet.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
content-encoding: gzip
last-modified: Wed, 11 May 2022 21:30:30 GMT
server: nginx
etag: W/"627c2af6-878"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 recommender
rec.aiservice.vn/recengine/recgate/api/v1/ 0
0 833ms
291ms Image
application/json 14.225.10.11
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rec.aiservice.vn/recengine/recgate/api/v1/recommender?customerid=kenh14web&boxid=13&template=&limit=10&ce=1&lc=115&cr=1661733961&deviceid=2617339611365181740&dg=b7ba1c1e4c54b4a41c44986e6dd206e7&rd=0.06257274871649576
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.225.10.11 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 recommender
rec.aiservice.vn/recengine/recgate/api/v1/ 0
0 1069ms
528ms Image
application/json 14.225.10.11
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rec.aiservice.vn/recengine/recgate/api/v1/recommender?customerid=kenh14web&boxid=13&template=&limit=10&ce=1&lc=115&cr=1661733961&deviceid=2617339611365181740&dg=b7ba1c1e4c54b4a41c44986e6dd206e7&rd=0.7119373849199315
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.225.10.11 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 gliaplayer-dm.js Show response
player.gliacloud.com/p/embed/ 510 KB
149 KB 63ms
38ms Script
application/javascript 2606:4700:3038::6815:eb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.js?v=0.3.38b7
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/player/kib_bongdaplus_desktop
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 578c6bc79bd9ecc88572010e207a5096fa2f5c4959c6eb3457f94a35b8cd7962

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51938
cf-polished: origSize=521844
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: Public
expires: Sun, 28 Aug 2022 13:46:07 GMT
last-modified: Sun, 28 Aug 2022 10:20:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXg3vQHohYUZxGravqUJVPgNWu8In%2BJXFnqqXGXp86SXDDWZb%2FuTUwZt06YL2iSrr%2BBXNBUP%2FUvqire6zjF3iZOtsdAE%2BayQdq2aF3PeEXkWPCtgWwPIv%2B7dOfL3%2BQYFUsZugToCMSxmumF5IA2xBC7y9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-cloud-trace-context: 8eb252859364b651116521ec4047c9d9
cache-control: public, max-age=86400
cf-ray: 74214479885d76f9-LHR
cf-bgj: minify

GET
H2 200 postscribe.min.js Show response
adi.admicro.vn/adt/banners/nam2015/3043/postscribe/ 17 KB
6 KB 205ms
205ms Script
application/javascript 42.112.37.35
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL

https://adi.admicro.vn/adt/banners/nam2015/3043/postscribe/postscribe.min.js

Requested by

Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcorearf.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

42.112.37.35 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

Software

VCCloud CDN / 563.4478d7e6d0cb73219a9e0133a1ee5b1d /

Resource Hash

c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 13 Jun 2022 20:29:07 GMT
server: VCCloud CDN / 563.4478d7e6d0cb73219a9e0133a1ee5b1d
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame EE26 35 B
413 B 383ms
98ms Image
image/gif 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?
Requested by: Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:04 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 453C 0
737 B 7ms
7ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 00:46:03 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 54ffb2b8-ff6a-4401-9e83-732d959b1076
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame A885 284 B
536 B 57ms
9ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/jpg

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 9A6A 16 B
232 B 73ms
72ms Fetch
application/json 52.56.221.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-56-221-73.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 20ms
20ms Preflight 52.56.221.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 29 Aug 2022 00:46:03 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 7C7C 16 B
232 B 69ms
68ms Fetch
application/json 52.56.221.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-56-221-73.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 20ms
19ms Preflight 52.56.221.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 29 Aug 2022 00:46:03 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 312F 16 B
232 B 76ms
75ms Fetch
application/json 52.56.221.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-56-221-73.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 20ms
19ms Preflight 52.56.221.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 29 Aug 2022 00:46:03 GMT
server: nginx

GET
H3 200 gliaplayer-dm.css
player.gliacloud.com/p/embed/ 25 KB
5 KB 25ms
24ms Stylesheet
text/css 2606:4700:3038::6815:eb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.css?v=0.3.38b7
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.js?v=0.3.38b7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07e03fb927a1fe818ff67d26f201942028d3f9fa42264f04258b2fbf745e4b5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51944
cf-polished: origSize=26303
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: Public
expires: Mon, 29 Aug 2022 10:20:19 GMT
last-modified: Sun, 28 Aug 2022 10:20:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYAIabuC6%2BXEm8QZDOVMQhA5sj1xoT6IVAdmVU6dRd9R%2F5I5Lh2EL8kjlSEyLePF85JBJzGLBC5Zj2sHCXPvXSWhfx2J8Q2BwlKXbKnyjEf%2B6NWOneiAzDwj9qnBnpVG7hYj%2Fwx5g6Kpdub%2FXL4sW1wMfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-cloud-trace-context: 08ba7bc18caac1314c694ba40a9b830a
cache-control: public, max-age=86400
cf-ray: 7421447a79a476f9-LHR
cf-bgj: minify

GET
H2 200 pixel.gif
pixel.gliacloud.com/glia_player_media1/ 43 B
102 B 277ms
277ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=f5ae4e50-2733-11ed-8791-39d38387c415&ea=player.init&pgu=https%253A%252F%252Fbongdaplus.vn%252Fv-league%252Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&pgt=Viettel%20%26%20B%C3%ACnh%20%C4%90%E1%BB%8Bnh%20c%C3%B9ng%20th%E1%BA%AFng%3A%20Nh%C3%A0%20gi%C3%A0u%20v%C6%B0%E1%BB%A3t%20kh%C3%B3&sid=glia-kib_bongdaplus_desktop&sk=kib_bongdaplus_desktop&si=kib_bongdaplus_desktop&sa=kib_bongdaplus&pt=DailyMotion&pv=0.3.38b7&ab=0&ta=0&cb=2127230577698620
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:04 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.21.6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H3 200 bongdaplus.vn%7Ckib_bongdaplus_desktop Show response
player.gliacloud.com/article/ 4 KB
1 KB 185ms
162ms Fetch
application/json 2606:4700:3038::6815:eb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.gliacloud.com/article/bongdaplus.vn%7Ckib_bongdaplus_desktop
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.js?v=0.3.38b7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e432cde51335ced38a487cfd97e7b3523e0863f3dd3ae0e40990ca620236b72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: Public
last-modified: Sun, 28 Aug 2022 18:32:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELrSnLykQajxFVP9Q3fjv9U6Eutzp%2BE4er4U2AvHAFfnDbqKY%2FtbotSDh18QfX1P9YVc4pglDXpLRikxVmDQpkWDABmkN2IkSOvyjuTurDmUSoGGBUYctgaUcGfzoWeJW5hReHq1i5irMIeABpNepNZvmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 0cb2b3dc5c23477f26598ba3e0d99de0
cache-control: public, max-age=900
cf-ray: 7421447aa8a17705-LHR
expires: Mon, 29 Aug 2022 01:01:04 GMT

GET
H3 200 css
fonts.googleapis.com/ 3 KB
562 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.css?v=0.3.38b7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63e55165cb26efa3df20628f8c2dfc0b13e7d7e7629761fe9f43b34d5498ea46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.gliacloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 28 Aug 2022 23:14:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 29 Aug 2022 00:46:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Aug 2022 00:46:03 GMT

GET
H3 200 css
fonts.googleapis.com/ 117 KB
33 KB 23ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap&subset=chinese-traditional

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.css?v=0.3.38b7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c9f7cf605fe9b7997cd43da48328bdfc7166b1d3cc48a69fdc120ca09440ccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.gliacloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 00:46:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 29 Aug 2022 00:46:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Aug 2022 00:46:03 GMT

GET
H3 200 css
fonts.googleapis.com/ 4 KB
636 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.css?v=0.3.38b7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.gliacloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 28 Aug 2022 23:58:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 29 Aug 2022 00:46:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Aug 2022 00:46:03 GMT

GET
H3 200 icon
fonts.googleapis.com/ 569 B
367 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.css?v=0.3.38b7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b6581e5665a9e516751b0326354eaeb7853be7cbe4153adc6cad59b683e889

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.gliacloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 00:46:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 29 Aug 2022 00:46:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Aug 2022 00:46:03 GMT

GET
H2 200 Ureka_Supply_bongdaplus.vn_Masthead_070422.js Show response
bd.urekamedia.com/publishers/code/bongdaplus.vn/ 5 KB
3 KB 43ms
14ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bd.urekamedia.com/publishers/code/bongdaplus.vn/Ureka_Supply_bongdaplus.vn_Masthead_070422.js
Requested by: Host: adi.admicro.vn
URL: https://adi.admicro.vn/adt/banners/nam2015/3043/postscribe/postscribe.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b41055a1b6d07daf22d024960f80063cac8c8486635f79cdbbb3d1060da3e3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 144245
cf-polished: origSize=5956
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 23 May 2022 03:12:56 GMT
server: cloudflare
etag: W/"628afbb8-1744"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vnqdv65LiUhwet1yYq5zKSDinAJ76fIk3vcq5%2BUS8y9WJuyznYd3kp3doK9NMNhktsv16hrop2EY4zkAOeyo8ur67Bo7PLRl8d0pI6SA5DeOZ1AtPoWsFWT9e8TGSDx6NDVBim%2B3daOjiRAb00pyuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
expires: Mon, 29 Aug 2022 08:41:58 GMT
cache-control: max-age=172800
access-control-allow-credentials: true
cf-ray: 7421447aea799bda-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: minify

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bongdaplus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 17:46:43 GMT
x-content-type-options: nosniff
age: 457160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 17:46:43 GMT

GET
H2 200 asyncspc.php Show response
delivery.lavamedia.vn/www/delivery/ 952 B
975 B 293ms
293ms XHR
application/json 123.30.139.73
VNPT-AS-VN Vietna...

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.lavamedia.vn/www/delivery/asyncspc.php?zones=1950&prefix=revive-0-&pubname=bongdaplusinimage&loc=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Requested by: Host: delivery.lavamedia.vn
URL: https://delivery.lavamedia.vn/www/delivery/asyncjs.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.139.73 , Viet Nam, ASN7643 (VNPT-AS-VN Vietnam Posts and Telecommunications VNPT, VN),
Reverse DNS: betteabs.net
Software: nginx /
Resource Hash: bae15f95fbc648c43777ae5f02f3fff34e9066d436f977c03848f7fbf623ce7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://bongdaplus.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json
expires: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 6233 83 KB
28 KB 17ms
16ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: bd.urekamedia.com
URL: https://bd.urekamedia.com/publishers/code/bongdaplus.vn/Ureka_Supply_bongdaplus.vn_Masthead_070422.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

0deb1fcf565517dfc11ad1cd47c3cca89162c046c2ebe174dd3c692e10a5ef6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28646
x-xss-protection: 0
server: sffe
etag: "1317 / 446 of 1000 / last-modified: 1661551853"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 29 Aug 2022 00:46:04 GMT

GET
H3 200 pubads_impl_2022082202.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 6233 384 KB
131 KB 8ms
8ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

07572f31a00b1843fc6d9a1eb3155eaf2a46089213d6740f302cf34f83738040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 19:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17852
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133587
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 21:21:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 28 Aug 2023 19:48:32 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 376 KB
126 KB 58ms
22ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.js?v=0.3.38b7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0234c86de864df424f931fb1ebc399acacbc06030394787e51c2f324aba9f7a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128178
x-xss-protection: 0
expires: Mon, 29 Aug 2022 00:46:04 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 6233 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bongdaplus.vn

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6233 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bongdaplus.vn

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6233 680 B
427 B 44ms
44ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2518273673511828&correlator=899703610111124&eid=31068501%2C31069104%2C31069189%2C44761478&output=ldjh&gdfp_req=1&vrg=2022082202&ptt=17&impl=fif&iu_parts=3407884%2CUreka_Supply_bongdaplus.vn_Masthead_070422&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=1&adks=1063510270&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3Dea40787c55c69d63-225cb19e0ace006b%3AT%3D1661733960%3AS%3DALNI_Ma2-t7MnWOjS1c_Rg1UIYlq5cUN9w&cdm=bongdaplus.vn&abxe=1&dt=1661733964147&lmt=1661733964&dlt=1661733964041&idt=88&adxs=485&adys=592&biw=1600&bih=1200&isw=970&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=s9s3cebhpumk&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&top=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&frm=23&vis=1&psz=970x250&msz=970x0&fws=256&ohw=0&ea=0&ga_vid=1419012330.1661733957&ga_sid=1661733964&ga_hid=1286602475&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

b63ac2b23b1437bea5c260f9f10ef111a261dc2778c65dd9ac59a24ffc51590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 396
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bongdaplus.vn
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6233 14 KB
11 KB 25ms
25ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082202&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ca5f70c65e6cc505ff300e1e1ada082e0f3c9404f9ac1f6e0a4cb51a30717d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11045
x-xss-protection: 0

GET
H2 200 container.html Show response
5a9c3873c33303a4ac7e0ee43d1a44d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B831 6 KB
3 KB 31ms
16ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5a9c3873c33303a4ac7e0ee43d1a44d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:04 GMT
expires: Tue, 29 Aug 2023 00:46:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6233 17 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Aug 2022 00:46:04 GMT

GET
H3 200 adScriptBlocking.min.js Show response
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/ 2 KB
2 KB 28ms
15ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScriptBlocking.min.js

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.js?v=0.3.38b7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e11196657c7714a0c107d58302d3196943fb9d38779ceccc9bf08ab89b9c3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 25842
x-jsd-version: 2.3.72
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19146-FRA, cache-iad-kiad7000080-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"66b-9AHGTYzrrXIv5CVwmfpvKy/D2bY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5pV6mQXCH3CgVYTtA44OTGXnF2kO7U4i8p62WLQGAg%2Bq0jWlC%2B1W7dOqgI86BMjVWy7T7eftBytvwtCFEXdG4pTuhNpJ2bQFLtTkPczlsAy6IRLoe7pQOabhxzKANhuYw1B1OIB5c3NTB337nU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 7421447c6cdb5bf1-FRA
access-control-expose-headers: *

GET
H3 200 bongdaplus.vn Show response
player.gliacloud.com/violations/ 344 B
848 B 171ms
171ms Fetch
application/json 2606:4700:3038::6815:eb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.gliacloud.com/violations/bongdaplus.vn
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.js?v=0.3.38b7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0442f84c71871adc31f50fe1c360a4be4203b03e975a40c0f5a77793b8aafa02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: Public
last-modified: Sun, 28 Aug 2022 23:39:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99tFtOVbuWQSttXUWocC28fyISQFVK%2FsJkuhoaz4rQc9klt18Kxstj4Wd4590KUODS%2BmCuFk1VfBMWSHMRdUbrIMYOnnp9qfup87D5gw%2F0PJ1hBJ6XjMNJf5CprsuJmYk0iU9c9IZwGUiw%2BoBiBXFIzXDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: e2a80fd27cc02978507b50fa7d5b30c5
cache-control: public, max-age=900
cf-ray: 7421447c6b357705-LHR
expires: Mon, 29 Aug 2022 01:01:04 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3FBE 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5720
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 23:10:44 GMT
expires: Mon, 28 Aug 2023 23:10:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 62F1 783 B
534 B 19ms
18ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b27bbc6b538839546fe9c525b1cf88a4ff42986fc4c141fb002e152e67ab7149

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-32um3TscBjbZN3NeVAhmOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-32um3TscBjbZN3NeVAhmOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:04 GMT
expires: Mon, 29 Aug 2022 00:46:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK block Show response
api.unibots.in/ 45 B
288 B 143ms
142ms Fetch
application/json 45.79.126.27
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://api.unibots.in/block?client=Bongdaplus&page=bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScriptBlocking.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.126.27 Mumbai, India, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: 45-79-126-27.ip.linodeusercontent.com
Software: / Express
Resource Hash: 7079c4a270a27cec5738869ff1c650bcb431e7427aa282e507005fbdd4102b4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 29 Aug 2022 00:46:04 GMT
X-Powered-By: Express
ETag: W/"2d-u7Q5CwGaa1ObtHaIkSK9AjhXyhU"
Content-Length: 45
Keep-Alive: timeout=5
Content-Type: application/json; charset=utf-8

GET
H3 200 BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js Show response
pagead2.googlesyndication.com/bg/ Frame 3FBE 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 17:27:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 199134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 17:27:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 62F1 0
0 42ms
42ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082202&jk=2518273673511828&rc=
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2

200

ptag.js Show response
cdn.adbro.me/
Redirect Chain

https://tag.adbro.me/tags/ptag.js
https://cdn.adbro.me/ptag.js

106 KB
31 KB

25ms
17ms

Script
application/x-javascript

2606:4700:10::ac43:2682
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adbro.me/ptag.js
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Server: 2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 91c90926e067942ddf4c93eac3e959a3c49eabf7e59be9ff1e33f645e8b496b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7374
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Jun 2022 14:06:04 GMT
server: cloudflare
etag: W/"06e3734f88ad81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-polished: origSize=137667
cf-ray: 7421447d683d6937-FRA
cf-bgj: minify

Redirect headers

date: Mon, 29 Aug 2022 00:46:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://cdn.adbro.me/ptag.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7421447d48186937-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 sxftihsw.js Show response
tag.adbro.me/configs/ 1 KB
957 B 41ms
14ms Script
application/javascript 2606:4700:10::ac43:2682
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.adbro.me/configs/sxftihsw.js
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1232fbed61715db738998bae623cfe431c8de8fe7dbaa6cb676f9310e7702769

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 305
cf-polished: origSize=2116
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Wed, 29 Jun 2022 02:41:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: e715ca19-601e-009d-2e62-8b44d6000000
cache-control: max-age=7200
x-ms-version: 2009-09-19
cf-ray: 7421447d48196937-FRA
cf-bgj: minify

GET
H2 200 lg.php
delivery.lavamedia.vn/www/delivery/ 43 B
317 B 290ms
290ms Image
image/gif 123.30.139.73
VNPT-AS-VN Vietna...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.lavamedia.vn/www/delivery/lg.php?bannerid=1476&campaignid=15&zoneid=1962&loc=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&cb=112956a4a0
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.139.73 , Viet Nam, ASN7643 (VNPT-AS-VN Vietnam Posts and Telecommunications VNPT, VN),
Reverse DNS: betteabs.net
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:04 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3FBE 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FL04wQ
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK x9u8j.js Show response
geo.dailymotion.com/libs/player/ 27 KB
12 KB 120ms
42ms Script
application/javascript 188.65.124.90
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.dailymotion.com/libs/player/x9u8j.js?GK_PV5_OMSDK=0

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.js?v=0.3.38b7

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

188.65.124.90 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

fp.dc3.dailymotion.com

Software

DMS/1.0.42 /

Resource Hash

d741850cf4fa08cabc8fc8d73a1b099408e4f85e014cd2e08017423ecf9dc1e6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31708800; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Server: DMS/1.0.42
Date: Mon, 29 Aug 2022 00:46:04 GMT
Expect-Ct: max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Server-Timing: total;dur=22, dc;desc="dc3"
Strict-Transport-Security: max-age=31708800; includeSubDomains; preload
Timing-Allow-Origin: *
Vary: X-DM-SSL, Accept-Encoding

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media1/ 43 B
57 B 294ms
278ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=f5ae4e50-2733-11ed-8791-39d38387c415&ea=player.initVendorStart&pp=300%2C168.75%2C590%2C1968.28125&bp=1600%2C1200&wp=1659%2C7102%2C0%2C0&pgu=https%253A%252F%252Fbongdaplus.vn%252Fv-league%252Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&pgt=Viettel%20%26%20B%C3%ACnh%20%C4%90%E1%BB%8Bnh%20c%C3%B9ng%20th%E1%BA%AFng%3A%20Nh%C3%A0%20gi%C3%A0u%20v%C6%B0%E1%BB%A3t%20kh%C3%B3&sid=glia-kib_bongdaplus_desktop&sk=kib_bongdaplus_desktop&si=kib_bongdaplus_desktop&sa=kib_bongdaplus&pt=DailyMotion&pv=0.3.38b7&ab=0&ta=0&cb=3917588652065742
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:04 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.21.6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 pes.player-interface.59b5f388.js Show response
static1.dmcdn.net/playerv5/ 4 KB
2 KB 72ms
8ms Script
application/x-javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/pes.player-interface.59b5f388.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/x9u8j.js?GK_PV5_OMSDK=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 1952d5ea0e20f90e5df467331285ee4f49996d1fdfa1a825b091845dd8e0fecd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: gzip
age: 404215
server-timing: total;dur=0, dc;desc="dc3"
content-length: 1600
last-modified: Wed, 24 Aug 2022 08:26:08 GMT
server: DMS/1.0.42
etag: "6305e0a0-10f1"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 506ce9912dca5554a8eeca5c8eec4cf7
expires: Fri, 23 Sep 2022 08:29:09 GMT

GET
H/1.1 200
OK x9u8j.html Show response
geo.dailymotion.com/player/ Frame F0DC 35 KB
13 KB 69ms
69ms Document
text/html 188.65.124.90
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.dailymotion.com/player/x9u8j.html?video=k3Cf2C0ElSydrLyfsP6&mute=true&scaleMode=fit&syndication=1140577&GK_PV5_PHOTON=1

Requested by

Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/x9u8j.js?GK_PV5_OMSDK=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

188.65.124.90 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

fp.dc3.dailymotion.com

Software

DMS/1.0.42 /

Resource Hash

e9c5d540ca15f9e3fe0e7d830e36d306a59481e9cf6f3c9e07be4bdba5732768

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31708800; includeSubDomains; preload

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store
Content-Encoding: gzip
Content-Length: 11976
Content-Security-Policy: upgrade-insecure-requests
Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Content-Type: text/html; charset=utf-8
Date: Mon, 29 Aug 2022 00:46:04 GMT
Expect-Ct: max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Referrer-Policy: strict-origin-when-cross-origin
Server: DMS/1.0.42
Server-Timing: total;dur=49, dc;desc="dc3"
Strict-Transport-Security: max-age=31708800; includeSubDomains; preload
Timing-Allow-Origin: *
Vary: X-DM-SSL,Accept-Encoding

POST
H2 204 genuuidpc Show response
fgp.philacct.com/ Frame 7358 0
147 B 1343ms
302ms XHR
text/plain 123.30.151.81
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://fgp.philacct.com/genuuidpc
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.81 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: Rapidoid /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bongdaplus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 29 Aug 2022 00:46:05 GMT
server: Rapidoid
content-length: 0
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 453C 0
737 B 8ms
7ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 00:46:04 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 092273e0-a6c7-4e7f-9c00-4262d13b9406
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 watchtower.1b64061d7bfcd4aac9f8.js Show response
static1.dmcdn.net/playerv5/ Frame F0DC 3 KB
2 KB 9ms
7ms Script
application/x-javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/watchtower.1b64061d7bfcd4aac9f8.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x9u8j.html?video=k3Cf2C0ElSydrLyfsP6&mute=true&scaleMode=fit&syndication=1140577&GK_PV5_PHOTON=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 40303a57b593feb48ba9040ed72ee5fcb55fbf38953344c09743114824909926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: gzip
age: 1099971
server-timing: total;dur=0, dc;desc="dc3"
content-length: 1515
last-modified: Mon, 15 Aug 2022 04:59:55 GMT
server: DMS/1.0.42
etag: "62f9d2cb-d07"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 82694b085316746244a1534bf4dd9a78
expires: Thu, 15 Sep 2022 07:13:13 GMT

GET
H2 200 dmp.jq_flight.3033f0d7176196134921.js Show response
static1.dmcdn.net/playerv5/photon/ Frame F0DC 41 KB
15 KB 9ms
7ms Script
application/x-javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/photon/dmp.jq_flight.3033f0d7176196134921.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x9u8j.html?video=k3Cf2C0ElSydrLyfsP6&mute=true&scaleMode=fit&syndication=1140577&GK_PV5_PHOTON=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: e4617a5b39cda8cd99c5725cd79a12bf58f402b90f76c364ec7de7852ec15050

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: gzip
age: 138803
server-timing: total;dur=0, dc;desc="dc3"
content-length: 14940
last-modified: Fri, 26 Aug 2022 08:03:34 GMT
server: DMS/1.0.42
etag: "63087e56-a5dc"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: c9fb8c5a00a32d1442667d1833a475f8
expires: Mon, 26 Sep 2022 10:12:41 GMT

GET
H2 200 dmp.photon_manifest.4e47fee2938b705e00cd.js Show response
static1.dmcdn.net/playerv5/photon/ Frame F0DC 4 KB
2 KB 16ms
14ms Script
application/x-javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_manifest.4e47fee2938b705e00cd.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x9u8j.html?video=k3Cf2C0ElSydrLyfsP6&mute=true&scaleMode=fit&syndication=1140577&GK_PV5_PHOTON=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 93e382a900efba61c3e1a03d38c46678b2f55dd5b5cabfe2a38dcd78c5fdd495

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: gzip
age: 314991
server-timing: total;dur=0, dc;desc="dc3"
content-length: 2013
last-modified: Thu, 25 Aug 2022 09:13:00 GMT
server: DMS/1.0.42
etag: "63073d1c-1130"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 628fa4de4eb47863178b37471bac5102
expires: Sat, 24 Sep 2022 09:16:13 GMT

GET
H2 200 dmp.photon_vendor.cb0d857b291806973621.js Show response
static1.dmcdn.net/playerv5/photon/ Frame F0DC 334 KB
101 KB 16ms
15ms Script
application/x-javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_vendor.cb0d857b291806973621.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x9u8j.html?video=k3Cf2C0ElSydrLyfsP6&mute=true&scaleMode=fit&syndication=1140577&GK_PV5_PHOTON=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: f74a32e5a4f6d1cae28c38950b2295074af158c8c1d30af26cd94151cf62ce15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: gzip
age: 905132
server-timing: total;dur=0, dc;desc="dc3"
content-length: 103108
last-modified: Thu, 18 Aug 2022 12:42:45 GMT
server: DMS/1.0.42
etag: "62fe33c5-5371b"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 2bf14a3fa1cde22200c38b73115cc444
expires: Sat, 17 Sep 2022 13:20:32 GMT

GET
H2 200 dmp.photon_boot.6813ac14f5a194e0bf7d.js Show response
static1.dmcdn.net/playerv5/photon/ Frame F0DC 191 KB
44 KB 9ms
8ms Script
application/x-javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_boot.6813ac14f5a194e0bf7d.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x9u8j.html?video=k3Cf2C0ElSydrLyfsP6&mute=true&scaleMode=fit&syndication=1140577&GK_PV5_PHOTON=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 0a208eec77bdae50b63eea030dcc66f21c1f8006c788ba02f46456e06b0286b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: gzip
age: 300342
server-timing: total;dur=1, dc;desc="dc3"
content-length: 44823
last-modified: Thu, 25 Aug 2022 13:17:10 GMT
server: DMS/1.0.42
etag: "63077656-2fcbe"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 90d5a687a7a24eb29b777fca5b77381a
expires: Sat, 24 Sep 2022 13:20:22 GMT

GET
H2 200 dmp.photon_app.0c2886fe6b059b1e6fab.js Show response
static1.dmcdn.net/playerv5/photon/ Frame F0DC 501 KB
139 KB 25ms
24ms Script
application/x-javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_app.0c2886fe6b059b1e6fab.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x9u8j.html?video=k3Cf2C0ElSydrLyfsP6&mute=true&scaleMode=fit&syndication=1140577&GK_PV5_PHOTON=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 026a7fc483a6a4bfde92dff5b8f52c5cb0a85fe4e561489ba609990316df5eaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: gzip
age: 314991
server-timing: total;dur=2, dc;desc="dc3"
content-length: 141924
last-modified: Thu, 25 Aug 2022 09:13:00 GMT
server: DMS/1.0.42
etag: "63073d1c-7d57f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 30925b9737d77f5ddd7a42749e5a769d
expires: Sat, 24 Sep 2022 09:16:13 GMT

GET
H2 200 dmp.photon_player.6e5d089b1b8846772eb6.js Show response
static1.dmcdn.net/playerv5/photon/ Frame F0DC 89 KB
27 KB 29ms
28ms Script
application/x-javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_player.6e5d089b1b8846772eb6.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x9u8j.html?video=k3Cf2C0ElSydrLyfsP6&mute=true&scaleMode=fit&syndication=1140577&GK_PV5_PHOTON=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 0c7d5ab7c7dec2558a13363161574f1662ff6ca2be05ddfb1d73f436fd68caf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: gzip
age: 314991
server-timing: total;dur=1, dc;desc="dc3"
content-length: 27552
last-modified: Thu, 25 Aug 2022 09:13:00 GMT
server: DMS/1.0.42
etag: "63073d1c-1654f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: bf98b9b767f3d9c775f93235e03cb301
expires: Sat, 24 Sep 2022 09:16:13 GMT

GET
H2 200 nativeSticky.js Show response
tenmax-static.cacafly.net/ssp/loader/prod/shared/ 2 KB
3 KB 13ms
12ms Script
application/javascript 2606:4700:10::ac43:1755
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tenmax-static.cacafly.net/ssp/loader/prod/shared/nativeSticky.js
Requested by: Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/loader/prod/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 642f146b443c8fccec40ebb23d6f55b821b0dfc6c0b05c0923aef88b69a920e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: utf-8
cf-cache-status: HIT
x-azure-ref-originshield: 0ur0EYwAAAABlM8yQu3i2TIlB2N51xcjcRlJBMjMxMDUwNDE3MDE3AGIxMjFlMjFjLTdjMjgtNDA4Yi1iZDBmLTkzY2I0ZTdkZmVkZQ==
content-md5: bOWHUzxt8ireMmD2bWfG/Q==
age: 3024
x-cache: TCP_HIT
x-azure-ref: 0H80EYwAAAABe6/Um+XfBRqMPW+FENwuqQkVSMzBFREdFMDQyMQBiMTIxZTIxYy03YzI4LTQwOGItYmQwZi05M2NiNGU3ZGZlZGU=
content-length: 2213
x-ms-lease-status: unlocked
last-modified: Mon, 22 Aug 2022 05:28:03 GMT
server: cloudflare
etag: 0x8DA83FF15F14580
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1e3af6cb-801e-0091-3cd7-b67646000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 74214480991e91f3-FRA

GET
H2 200 dmp.locale-en-US.40452cbc96050609aa89.json Show response
static1.dmcdn.net/playerv5/ Frame F0DC 3 KB
1 KB 26ms
7ms XHR
application/json 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.locale-en-US.40452cbc96050609aa89.json
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x9u8j.html?video=k3Cf2C0ElSydrLyfsP6&mute=true&scaleMode=fit&syndication=1140577&GK_PV5_PHOTON=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 1613711bbb10f4c78ada4bf471bce3d1322d1b0f7275786ddb0ada6d20df81b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: gzip
age: 316850
server-timing: total;dur=0, dc;desc="dc3"
content-length: 831
last-modified: Thu, 25 Aug 2022 08:41:52 GMT
server: DMS/1.0.42
etag: "630735d0-b2f"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: e8f5cd58fa1bf09e499168b1baed3876
expires: Sat, 24 Sep 2022 08:45:14 GMT

POST
H/1.1 200
OK / Show response
pebed.dm-event.net/ Frame F0DC 15 B
363 B 20ms
19ms XHR
application/json 188.65.124.59
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x9u8j.html?video=k3Cf2C0ElSydrLyfsP6&mute=true&scaleMode=fit&syndication=1140577&GK_PV5_PHOTON=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.59 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed2.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

X-Dm-EventBus-Worker-Duration: 0
Referer: https://geo.dailymotion.com/
accept-language: de-DE,de;q=0.9
X-Dm-EventBus-Compression-Duration: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

Date: Mon, 29 Aug 2022 00:46:05 GMT
Server: edward-ed/2.2.1
Access-Control-Max-Age: 604800
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length: 15

OPTIONS
H/1.1 200
OK /
pebed.dm-event.net/ Frame 0
0 93ms
19ms Preflight 188.65.124.59
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.59 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed2.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-dm-eventbus-compression-duration,x-dm-eventbus-worker-duration
Access-Control-Request-Method: POST
Origin: https://geo.dailymotion.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 604800
Content-Length: 0
Date: Mon, 29 Aug 2022 00:46:04 GMT
Server: edward-ed/2.2.1

GET
H/1.1 200
OK k3Cf2C0ElSydrLyfsP6 Show response
www.dailymotion.com/player/metadata/video/ Frame F0DC 11 KB
8 KB 223ms
185ms XHR
application/json 188.65.124.90
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dailymotion.com/player/metadata/video/k3Cf2C0ElSydrLyfsP6?embedder=https%3A%2F%2Fbongdaplus.vn%2F&referer=&GK_PV5_PHOTON=1&geo=1&player-id=x9u8j&dmTs=229471&is_native_app=0&dmV1st=BFE642BE86603DC70C7DA257EAFD3C16

Requested by

Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x9u8j.html?video=k3Cf2C0ElSydrLyfsP6&mute=true&scaleMode=fit&syndication=1140577&GK_PV5_PHOTON=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

188.65.124.90 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

fp.dc3.dailymotion.com

Software

DMS/1.0.42 /

Resource Hash

0bb0cb56b5d63ead37334b63667b6c8ec780abe8cac37d2c806d101144c20ed5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31708800; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests
Content-Encoding: gzip
Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Access-Control-Allow-Methods: GET
Server-Timing: total;dur=168, dc;desc="dc3"
Content-Length: 7133
Referrer-Policy: strict-origin-when-cross-origin
Server: DMS/1.0.42
Date: Mon, 29 Aug 2022 00:46:04 GMT
Expect-Ct: max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary: X-DM-SSL,Accept-Encoding
Strict-Transport-Security: max-age=31708800; includeSubDomains; preload
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://geo.dailymotion.com
Cache-Control: no-cache
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Authorization

GET
H2 200 dmp.vendors~photon_app.be3e4bb5739df6aedd03.js Show response
static1.dmcdn.net/playerv5/photon/ Frame F0DC 60 KB
16 KB 11ms
8ms Script
application/x-javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/photon/dmp.vendors~photon_app.be3e4bb5739df6aedd03.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x9u8j.html?video=k3Cf2C0ElSydrLyfsP6&mute=true&scaleMode=fit&syndication=1140577&GK_PV5_PHOTON=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: d02f0eac80179ced49946852170823b5bbdf962effc707f12b1a42ef10618c1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: gzip
age: 378928
server-timing: total;dur=1, dc;desc="dc3"
content-length: 16257
last-modified: Wed, 24 Aug 2022 13:25:53 GMT
server: DMS/1.0.42
etag: "630626e1-f061"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 2cb74c44993fbafa7780bf2ca88549b7
expires: Fri, 23 Sep 2022 15:30:36 GMT

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame F0DC 376 KB
125 KB 34ms
17ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x9u8j.html?video=k3Cf2C0ElSydrLyfsP6&mute=true&scaleMode=fit&syndication=1140577&GK_PV5_PHOTON=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0234c86de864df424f931fb1ebc399acacbc06030394787e51c2f324aba9f7a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128178
x-xss-protection: 0
expires: Mon, 29 Aug 2022 00:46:04 GMT

GET
H2 200 TenMax_sticky.html Show response
tenmax-static.cacafly.net/ssp/loader/prod/asset/demo/ 1 KB
1 KB 132ms
114ms XHR
text/html 2606:4700:10::ac43:1755
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tenmax-static.cacafly.net/ssp/loader/prod/asset/demo/TenMax_sticky.html
Requested by: Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/loader/prod/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2fe8722e4b3f295274b5bc20261be61b319954ad768e38920a77e5cddd991ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Aug 2022 00:46:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-azure-ref-originshield: 0yqALYwAAAACqNozZc5OlQLnT4PYOx6E2QU1TMDRFREdFMTkxNQBiMTIxZTIxYy03YzI4LTQwOGItYmQwZi05M2NiNGU3ZGZlZGU=
content-md5: NMIxa/gUkl8PtusJjVg1tQ==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Mon, 22 Aug 2022 05:28:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-azure-ref: 0TQwMYwAAAACduIHFk6HoQ73BefQRKWFSQlJVMzBFREdFMDQwNgBiMTIxZTIxYy03YzI4LTQwOGItYmQwZi05M2NiNGU3ZGZlZGU=
content-type: text/html
access-control-allow-origin: *
x-ms-request-id: 6eb613a1-801e-0012-4f53-bad6eb000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
x-ms-version: 2009-09-19
cf-ray: 74214480de30bbbb-FRA

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 22ms
22ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js?cb=31069174

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f7b7470a6ea2fcf4a541efc8a22bcf4a0a243085664b36fd161ec8b3d5336eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10919
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6233 0
0 45ms
44ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082202&jk=2518273673511828&bg=!dXaldjLNAAYUOm8VNDo7ACkAdvg8WvOiZtKs6Oe37UYY6UjukNJLmkbmiMAAjhdzA8NyQAg4vSpSdAIAAABsUgAAAAFoAQcKALJjlH8oD_NdSywPGWuTuB23xFd_SrVeAY1Nuql5twJR5mRx58rHuB04610GpJBVxSBa8ebv1jssPcjIQtGRZvEPpHBolXNRaY6vz-jzKFhJTo1I8Yg9uFTAIT3lFPtNvUj9V-qgJKIt-bSZV3FfUHl8xdDPGvNmRgM3dDxoWX3IYIXQoavOEdVteUbao_oAwd58e0AGxvkcekaFZLfk6CYT2oiN03Hy5VJlp0RGDhqSTSdUmQLgPIBz6FsRIOvU_RVuBMxvK0TUt14mPRyldPPRY55K_Zrb68cQzhRLmmRHCMTQK1OAntdcgVNzjNMDgTYTk7GBWE6ynOflpJvs7x-bKu4gsDyz9OYQasG9Jb0IdESLIukxyyNjYWs5Ocl47A-8f9n06V_gVi7d_L3jXSDuAQG7JNN9kZUTPYdDTt51ccMud51L5YKkhnYA0n3ARtmCEpu8hs8PyktICqV-P20VVRWsLBumXCZgtpxmywXnMn7MgwsyEF9eZWzYid6mKWmQ1CVvVtcy1nTskysCOVR6bz7mkxAOpuhYsT3ufilQ2-oChTF1PE1_8KLP-59mZP6h6oPNuUi5GPaJBmJXgpV1TeiV5oCYVwIi-GwPocVNkAA55s8sSaA4jfrDCW-99qcxEJac-tlyWO6aCm5kuWIV68UnLF3TkEIWMr1RiZaqEso4uP--vbBd1wGzGeuu4UGCFoqXJ0PIqgsEWh2wi4hx299PYtO9xUnYcRIBXm9IzqgmwNgY89oLtqcMu400IH_7-n8ohmY0bcfCwL85SZL72YQxxz0MBynTJklbPuqLPyRrznvK0XkQBjJUk8Kl5xwmyhUkAh41-uhlGfH-ELExt6XVnpPYMZ1EjvoNzUzR3wQuEZ7hQnKvgMwJjqt4uS-mowbSt_DyKKSLF4H8KuBP_6kqIZt0d4PEeVt0czpw7btjVfELPKNCO1ttUix-kgiGEZYDTb1hQ_t2i1eKK837gZVcX4LBzN8uboLyVnsJ2cCcewsvnK1DIAprCrrIqUgVDhEJU6bI7VAOGHAklqwhrMob0DoxOruoBS4xR89n_mrYuyiHPhdkGw-Tid8ZDTkoO962IHMsCCc9pOJsOH6ljZLpjVi_NeJ38t00XCDXJcnOi02tSbfmaFGn8CFmc9zuMrZEkUYeLSZ8e2UrKG-PmHqUzznrd7APmDBvkAft2E7SitIywNIHA323B3z5XcTIB8kZpw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js?cb=31069174

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Aug 2022 00:46:04 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D56D 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5720
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 23:10:44 GMT
expires: Mon, 28 Aug 2023 23:10:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F70C 783 B
533 B 17ms
17ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cc403de119d14765db15bcdadc8a2f4be7e32819fc56f976678f3406f196e68c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fa8mrxoabkgNN9o7DqrRgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bongdaplus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-fa8mrxoabkgNN9o7DqrRgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 00:46:05 GMT
expires: Mon, 29 Aug 2022 00:46:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F70C 0
0 41ms
41ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082501&jk=1105031247096242&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js Show response
pagead2.googlesyndication.com/bg/ Frame D56D 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 17:27:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 199135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 17:27:10 GMT

GET
H2 200 adsbytenmax.js Show response
tenmax-static.cacafly.net/ssp/ 127 KB
38 KB 12ms
12ms Script
application/javascript 2606:4700:10::ac43:1755
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Requested by: Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/loader/prod/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2bdb38871c75238340b8d25ea4ce6023ff045c1472e4bb47373faf66ffbcf5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Aug 2022 00:46:05 GMT
content-encoding: gzip
cf-cache-status: HIT
x-azure-ref-originshield: 0aFr8YgAAAABEZ5qh53DQTr9oJrA8Vy6PQU1TMDRFREdFMTkxNQBiMTIxZTIxYy03YzI4LTQwOGItYmQwZi05M2NiNGU3ZGZlZGU=
content-md5: TzhKCSY4oiuCuPUUAiCMGw==
age: 5301
x-cache: TCP_HIT
x-azure-ref: 06Fr8YgAAAADgwXqb9hEsToYxYTU9lU7aQlJVMzBFREdFMDQxOQBiMTIxZTIxYy03YzI4LTQwOGItYmQwZi05M2NiNGU3ZGZlZGU=
x-ms-lease-status: unlocked
last-modified: Wed, 17 Aug 2022 03:01:02 GMT
server: cloudflare
etag: 0x8DA7FFCB85962DC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 82dd0946-301e-0088-78e5-b15a2e000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=1800
x-ms-version: 2009-09-19
cf-ray: 74214481a9ca91f3-FRA

GET
H/1.1 200
OK plan Show response
ssp.tenmax.io/supply/v3/universal/ 3 KB
4 KB 974ms
248ms XHR
application/json 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.tenmax.io/supply/v3/universal/plan?rmaxSpaceId=b4abfe3067054b76&sessionId=f62c7f00-2733-11ed-b4fe-11b6a6100fc6&referer=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&lang=vi&bodyWidth=1600&bodyHeight=1200&cacheBuster=8561d25c-178c-412e-8814-947bf68c79b9
Requested by: Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.hinet-ip.hinet.net
Software: nginx /
Resource Hash: 6404801f053e83baddebe03928a5980e241b5a03355e857b2f0fa08a06fd8439

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:05 GMT
Server: nginx
Vary: Origin
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: https://bongdaplus.vn
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 3478
X-Application-Context: application:prod,aggregator,build-ext:58070

GET
H2 200 vendor-list.json Show response
vendorlist.dmcdn.net/v2/ Frame F0DC 373 KB
50 KB 45ms
8ms XHR
application/json 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.dmcdn.net/v2/vendor-list.json
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.vendors~photon_app.be3e4bb5739df6aedd03.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 86af650ed3452c03477e710c3d6f094d1198340d6111c0ebd73fefea6b92136c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: fMJxjI.7Ek9eIqjFgN2f1rCHfWCfXbde
via: 1.1 47140f009c2bd3561cd6dde4003253e2.cloudfront.net (CloudFront)
age: 513001
content-encoding: gzip
content-length: 50343
last-modified: Thu, 18 Aug 2022 16:05:38 GMT
server: AmazonS3
date: Mon, 29 Aug 2022 00:46:05 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
x-ip-address: 178.79.244.24
x-amz-cf-pop: CDG53-C1
x-amz-cf-id: MCW1N3r5-badnzt8Ym-Knx914UjG1OlnCbe0js7U2hESwZRtuDJ_MQ==
x-llid: 661a005ac5540216a37b156dcd9ac1b0
expires: Tue, 30 Aug 2022 02:16:04 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame F0DC 4 KB
3 KB 52ms
15ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_app.0c2886fe6b059b1e6fab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Aug 2022 00:46:05 GMT

GET
H/1.1 200
OK latencies.js Show response
speedtest.dailymotion.com/ Frame F0DC 7 KB
2 KB 106ms
17ms Script
application/javascript 188.65.124.91
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://speedtest.dailymotion.com/latencies.js
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_app.0c2886fe6b059b1e6fab.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.91 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: st.dc3.dailymotion.com
Software: /
Resource Hash: 72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:05 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Sep 2020 07:44:45 GMT
Content-Type: application/javascript
Cache-Control: max-age=21600, public
Accept-Ranges: bytes
Content-Length: 2041
Expires: Mon, 29 Aug 2022 06:46:05 GMT

GET
H2 200 Retina-Regular.039feafb8e07151a9fa79dd01263f273.woff2
static1.dmcdn.net/playerv5/photon/fonts/ Frame F0DC 36 KB
37 KB 8ms
7ms Font
application/octet-stream 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/photon/fonts/Retina-Regular.039feafb8e07151a9fa79dd01263f273.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 9f0384a2c4cddef7a95fce9cc026e0901482723d031610c2dc33f23864e8d5c3

Request headers

Referer: https://geo.dailymotion.com/
Origin: https://geo.dailymotion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:05 GMT
last-modified: Wed, 24 Aug 2022 13:25:53 GMT
server: DMS/1.0.42
age: 378893
etag: "630626e1-9118"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
server-timing: total;dur=0, dc;desc="dc3"
accept-ranges: bytes
timing-allow-origin: *
content-length: 37144
x-llid: dd7ce7a30dc97a842d3903f4fdeeddc0
expires: Fri, 23 Sep 2022 15:31:12 GMT

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 586D 376 KB
125 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_app.0c2886fe6b059b1e6fab.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0234c86de864df424f931fb1ebc399acacbc06030394787e51c2f324aba9f7a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128178
x-xss-protection: 0
expires: Mon, 29 Aug 2022 00:46:05 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D56D 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xtlUZA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H/1.1 200
OK / Show response
pebed.dm-event.net/ Frame F0DC 15 B
363 B 19ms
19ms XHR
application/json 188.65.124.59
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_vendor.cb0d857b291806973621.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.59 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed2.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept: application/json, text/plain, */*
X-Dm-EventBus-Worker-Duration: 0
Referer: https://geo.dailymotion.com/
accept-language: de-DE,de;q=0.9
X-Dm-EventBus-Compression-Duration: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

Date: Mon, 29 Aug 2022 00:46:05 GMT
Server: edward-ed/2.2.1
Access-Control-Max-Age: 604800
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length: 15

OPTIONS
H/1.1 200
OK /
pebed.dm-event.net/ Frame 0
0 19ms
19ms Preflight 188.65.124.59
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.59 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed2.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-dm-eventbus-compression-duration,x-dm-eventbus-worker-duration
Access-Control-Request-Method: POST
Origin: https://geo.dailymotion.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 604800
Content-Length: 0
Date: Mon, 29 Aug 2022 00:46:05 GMT
Server: edward-ed/2.2.1

GET
H3 200 bridge3.527.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2DE4 636 KB
206 KB 8ms
7ms Document
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.527.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

148022fcf56320601c688ec8f63c2c2edf5479551f6ff2a917caed119acaba0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geo.dailymotion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 345721
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210466
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 00:44:04 GMT
expires: Fri, 25 Aug 2023 00:44:04 GMT
last-modified: Tue, 23 Aug 2022 20:33:46 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 586D 44 KB
16 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 00:46:05 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/104/ Frame F0DC 52 KB
15 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/104/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a35a51e32439cce8b4dd6734f65c18debec94ca81a30640b2ccaba988ce1639e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 03:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15107
x-xss-protection: 0
last-modified: Mon, 30 May 2022 15:03:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 29 Aug 2022 03:59:49 GMT

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media1/ 43 B
57 B 277ms
277ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=f5ae4e50-2733-11ed-8791-39d38387c415&ea=player.vendorCreated&pp=300%2C168.75%2C590%2C1968.28125&bp=1600%2C1200&wp=1659%2C7102%2C0%2C0&pgu=https%253A%252F%252Fbongdaplus.vn%252Fv-league%252Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&pgt=Viettel%20%26%20B%C3%ACnh%20%C4%90%E1%BB%8Bnh%20c%C3%B9ng%20th%E1%BA%AFng%3A%20Nh%C3%A0%20gi%C3%A0u%20v%C6%B0%E1%BB%A3t%20kh%C3%B3&sid=glia-kib_bongdaplus_desktop&sk=kib_bongdaplus_desktop&si=kib_bongdaplus_desktop&sa=kib_bongdaplus&pt=DailyMotion&pv=0.3.38b7&ab=0&ta=0&cb=329892791885080.25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:05 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.21.6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 dmp.dynamic_quality_switcher.caf761b08ea0ed97ef35.js Show response
static1.dmcdn.net/playerv5/photon/ Frame F0DC 22 KB
7 KB 9ms
7ms Script
application/x-javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/photon/dmp.dynamic_quality_switcher.caf761b08ea0ed97ef35.js
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_manifest.4e47fee2938b705e00cd.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 5939791999da690733c6ea56413f839646bf3e13dbf91d4e72ff7fe4ff21ceb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:05 GMT
content-encoding: gzip
age: 1585810
server-timing: total;dur=0, dc;desc="dc3"
content-length: 7215
last-modified: Wed, 10 Aug 2022 16:10:44 GMT
server: DMS/1.0.42
etag: "62f3d884-57ed"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: d11cff0acded727dab033c12607543d1
expires: Fri, 09 Sep 2022 16:15:55 GMT

GET
H2 200 dmp.vendors~hlsjs_stable.607603975ee410c63a10.js Show response
static1.dmcdn.net/playerv5/photon/ Frame F0DC 189 KB
54 KB 10ms
8ms Script
application/x-javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/photon/dmp.vendors~hlsjs_stable.607603975ee410c63a10.js
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_manifest.4e47fee2938b705e00cd.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: ca356d69f023a86170e7197b26266cc9f913b54fc90e96a760cec4152b7848b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:05 GMT
content-encoding: gzip
age: 2237930
server-timing: total;dur=0, dc;desc="dc3"
content-length: 54717
last-modified: Tue, 02 Aug 2022 15:22:36 GMT
server: DMS/1.0.42
etag: "62e9413c-2f204"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 2a1af438db9f33492e57ac16188dc5de
expires: Fri, 02 Sep 2022 03:07:15 GMT

GET
H2 204 x8db2pk.m3u8 Show response
dmxleo.dailymotion.com/cdn/manifest/video/ Frame F0DC 0
275 B 77ms
19ms Script
text/plain 188.65.124.66
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://dmxleo.dailymotion.com/cdn/manifest/video/x8db2pk.m3u8?auth=1661906765-2688-cm3f0f0k-c8edecea613d10fbcc74cdd465c7804fci-MalLilva2E9lamA_ghTww42edzhTkv4h4iXrsuXdZ0JJb75Wb7iNiHgtvzilYyozeIzm0Vndj0M7svXBz6ydVp3CDYRxqsj9jGiRWxWQm-81_JgsS7qhI5Djr5Qo_lQTHJ4TozVEZm66D89-4naSEOBkbc7vRrJI9Ajd_sEMj-rTNiVnkILjM-zZo0gZkVColzhHJlWXnq9XLIhKRsqL4A537CLtSQs-EX5hP4rHVR2j6zQh8D4-TbaMZFbgVkEJGjX2KFis3Y1tiJuLFPd1XE6cLIFPceNrXvMtpPNlur6iUCaGjbFxnpYw5Yv6FAnsGKsiAXA5FR3Zj36qsJ64Ld2UXr34HQX8_gZzDUnRtRTh0fdn25qckV4nEmL1WnKJ3kGXI-kj8mHiqLJAa6tDa4DjBP21RZbmo3TW8o-ZEt3uVEnO7pOeJounGB482XKLxVljq3NhRaGkoctaWQDVtNuj8QcAvknCdjWD-yqIttiTiOIKtmCT-x4kn9Me-KTT-EIXi0PvzEEATX7ReohVzycOvcQcLtxzlHa9TERkLpOiO70_8es3-jsbexPQbQsPbc4p8-8cqOVvb8Bm9oFi6NODj2kQlq2W2UOxZc9MeOdnHuZDrV-fMBi7UuAPvTEKLtze_KHSRD7jOgXWEnIuBeaQ1kgw3YugidM12HLthjXGJUG1se5sTxFCLcTOx8M-RvBd2HTfUiLQqXuYXkTp7kETOkyLDjw1IXIvIeFEGZc7EC6knA3sXEHRuveXhIP5iXHzxvUVBDVfoUsGfdnWhhxIiBT0YAAQMztQCS8-vN0Hpzn9TtisnHoOy3s3zTLfAVKjOEYp4xvNKLnbKNOsbLUpyoU2LwIia73VPKF8fFa3GWKwMlfmVUs1Ie-sbK50nVevgwoOdbqWB7wJJHAEAe6vgOWmVuncT_AIZ5M7C1zglwt7OtzLyRVG-XDFAn7oyJgBEdpE7ARuAmYlB4EOFfkRRUb_JwqQxXhOMKZcLD-84_xdB2IutrQfxJUmTjRPfBAAYWOV7iKxQJzq3nM0sPh6dKFGCv49nj9sI2-wY-wwjtFOOeqCfYediwj5uBsVUWzGQDDmK4IW_4RK9QLLJr13UPBmB5Fut70jC8iL2ULvGfzDOcWc2ZIDOY_iGk_jKSyQxksKg0g-qar9M3iY0MDGt3rVYqTVs33YWQTTQP6dbngPVhdojzCsKYBGtlKdiC646exhPC3yY2XsCHf423lpCeaWuIjzWABuID1DNDtYWTwqIDPAufXYwCpf6DXxtWzTs62R6fid9t9pgDDAHOJ_qju0tCm7WsSzwW07SJ5Z1uvb_mg5M1Lm2ht5yNcsu_I9VdMgtZrBFgl6NdpEy1HKT1-y6gJ3v9ARXltY5VD7Da-av7bt--dYSQRXF0wAG53qukViNDKxxtIopMG7XDQVm0SzvNtkZjVI956f1QaxclTIywQvZxQIV_1XHagdpPVNpWxPT3h87HI4mu1_OyQCO9_cnkwH0V0moOUAd6y4NsYFzedSpDVzNPPNoqbzKq-DFl65yDj6goXrHI5yW5ZvNc5tz4ea9FwusxMNFJbyZ6WRhdL8k_sdqMJ0DW1qv5QguFlM_vDyI9Lj1RRXhSS0rqQcdKM0N6V6Lnfp2eIUlLFZNzmwsPBviUo4BujQx0wDthORAnYjxuNAli-mAiWE7ggDD6a07j7wqsZzbrw5aTTy3sdVbjqv_2fB9aPaGwFnUQ4OomtRWfiMmLxyLHEzN82Q0cUo2WJ-c0IjPCbNimtJ8Pma9f1Zb0G0zHZ805Na6Jo4P8iHpxfQzgBn18V6axZmmG4-kNmp1ql9SSFKginJHTPrRr0Wl88vaxQpS8WU7smjO2RZyq-BedLgdU1-ux-tkXqeQEDifqtqqyaO5EzWUu4arga9hWgKRsbIYV8reOaL2Q0VsCpjfC6w7lQ6_nyJk98k5pbfT13Wjq4MMmY5LuzZ7WeYMMvzwG_e-Who7GW8eIxrRTwi43BEgurvvYyNdwo3FsVfufy0juXwHKKwi-x8lWgd6ZxIGvjG5FdcmsgnWQhDYFi7vCdym2TvYevRVntT6zN5qxRWmieYfsGX7IGbE6QcfbMz0oKeBmYQkoawtzPkpQI-n6GxCbUNzuQP9FxLdfAdW4Nwm7Fq1t_j1F2ulq8iO2mQiYFtjPkGxHINrUE5ddc-yi_WFFs11OT3qhInNUd4vYUdQ&bs=1&cookie_sync_ab_gk=1&reader_gdpr_flag=1&reader_gdpr_consent=&gdpr_binary_consent=opt-out&gdpr_comes_from_infopack=0&reader_us_privacy=1---

Requested by

Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_app.0c2886fe6b059b1e6fab.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.65.124.66 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-03-pub-prod-ix7.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-rgpcc
date: Mon, 29 Aug 2022 00:46:05 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: https://geo.dailymotion.com/
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media1/ 43 B
57 B 277ms
276ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=f5ae4e50-2733-11ed-8791-39d38387c415&ea=player.initVendorEnd&pp=300%2C168.75%2C590%2C1968.28125&bp=1600%2C1200&wp=1659%2C7102%2C0%2C0&pgu=https%253A%252F%252Fbongdaplus.vn%252Fv-league%252Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&pgt=Viettel%20%26%20B%C3%ACnh%20%C4%90%E1%BB%8Bnh%20c%C3%B9ng%20th%E1%BA%AFng%3A%20Nh%C3%A0%20gi%C3%A0u%20v%C6%B0%E1%BB%A3t%20kh%C3%B3&sid=glia-kib_bongdaplus_desktop&sk=kib_bongdaplus_desktop&si=kib_bongdaplus_desktop&sa=kib_bongdaplus&pt=DailyMotion&pv=0.3.38b7&ab=0&ta=0&cb=483394901288689.56
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:05 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.21.6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media1/ 43 B
57 B 278ms
277ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=f5ae4e50-2733-11ed-8791-39d38387c415&ea=player.inited&pp=300%2C168.75%2C590%2C1968.28125&bp=1600%2C1200&wp=1659%2C7102%2C0%2C0&pgu=https%253A%252F%252Fbongdaplus.vn%252Fv-league%252Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&pgt=Viettel%20%26%20B%C3%ACnh%20%C4%90%E1%BB%8Bnh%20c%C3%B9ng%20th%E1%BA%AFng%3A%20Nh%C3%A0%20gi%C3%A0u%20v%C6%B0%E1%BB%A3t%20kh%C3%B3&sid=glia-kib_bongdaplus_desktop&sk=kib_bongdaplus_desktop&si=kib_bongdaplus_desktop&sa=kib_bongdaplus&pt=DailyMotion&pv=0.3.38b7&ab=0&ta=0&cb=1909931184336166.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:05 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.21.6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 RetinaMedium.2811330fd8cd981352918b4059564b10.woff2
static1.dmcdn.net/playerv5/photon/fonts/ Frame F0DC 36 KB
36 KB 8ms
8ms Font
application/octet-stream 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/photon/fonts/RetinaMedium.2811330fd8cd981352918b4059564b10.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 0365e3f4d308d0beec787524d9a2f686351e1011555515526ddfaf34176d0514

Request headers

Referer: https://geo.dailymotion.com/
Origin: https://geo.dailymotion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:05 GMT
last-modified: Wed, 24 Aug 2022 13:25:53 GMT
server: DMS/1.0.42
age: 385023
etag: "630626e1-8fcc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
server-timing: total;dur=1, dc;desc="dc3"
accept-ranges: bytes
timing-allow-origin: *
content-length: 36812
x-llid: 044fff4a2e0629db7ceba755eda6ead7
expires: Fri, 23 Sep 2022 13:49:02 GMT

GET
H3 200 l5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png
s0.2mdn.net/4528404/ Frame 86F0 35 KB
35 KB 7ms
7ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/l5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e92131580be33adc0f7f3e63a86eb2fda7a504d599e1347cef2dba0ddb5ffa45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=wd7gSRgWtS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 13:19:21 GMT
x-content-type-options: nosniff
age: 41204
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36233
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:14:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 13:19:21 GMT

GET
H2 200 dc_oe=ChMI19bLs-nq-QIV-I79Bx0CewspEAAYACDg0-lKQhMIsquvs-nq-QIVKsYRCB3sMw90;stragg=1;&timestamp=1661733965690;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame D652 42 B
107 B 83ms
45ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI19bLs-nq-QIV-I79Bx0CewspEAAYACDg0-lKQhMIsquvs-nq-QIVKsYRCB3sMw90;stragg=1;&timestamp=1661733965690;str=Show%20Slide%200;strtype=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lstoerer-gbplus-2zeilig-2e91d4246-1605-4a87-9859-d3ceefaf6787.png
s0.2mdn.net/4528404/ Frame 67ED 29 KB
29 KB 8ms
7ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/lstoerer-gbplus-2zeilig-2e91d4246-1605-4a87-9859-d3ceefaf6787.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43eee97b916f7cae9cac6a504204f9b845ccb1c760f882bebd36fd6138948fca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=TRmbYZI7qA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 07:06:11 GMT
x-content-type-options: nosniff
age: 63594
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29864
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 13:03:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 07:06:11 GMT

GET
H3 200 l5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png
s0.2mdn.net/4528404/ Frame 5ED0 35 KB
35 KB 7ms
7ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/l5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5976478001652688715/1657637830060.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e92131580be33adc0f7f3e63a86eb2fda7a504d599e1347cef2dba0ddb5ffa45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5976478001652688715/index.html?e=69&leftOffset=0&topOffset=0&c=6jueUSBsAc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 13:19:21 GMT
x-content-type-options: nosniff
age: 41204
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36233
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:14:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Aug 2022 13:19:21 GMT

GET
H2 200 dc_oe=ChMIkuXLs-nq-QIVQN0RCB0NdQY0EAAYACCQvfdKQhMItKuvs-nq-QIVKsYRCB3sMw90;stragg=1;&timestamp=1661733965725;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 387C 42 B
494 B 47ms
44ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIkuXLs-nq-QIVQN0RCB0NdQY0EAAYACCQvfdKQhMItKuvs-nq-QIVKsYRCB3sMw90;stragg=1;&timestamp=1661733965725;str=Show%20Slide%200;strtype=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIwdzLs-nq-QIVPYv9Bx2AnwMxEAAYACDg0-lKQhMIs6uvs-nq-QIVKsYRCB3sMw90;stragg=1;&timestamp=1661733965726;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame DB4C 42 B
107 B 48ms
46ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIwdzLs-nq-QIVPYv9Bx2AnwMxEAAYACDg0-lKQhMIs6uvs-nq-QIVKsYRCB3sMw90;stragg=1;&timestamp=1661733965726;str=Show%20Slide%200;strtype=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
44ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082501&jk=1105031247096242&bg=!QEOlQwfNAAYUOm8VNDo7ACkAdvg8WnOI6NEPwP7XWVUwa6Hu8p-Z3LNolbWw6FpOU1n0VFv9p3kMBAIAAADOUgAAAAJoAQeZAuFuJGkzD-krK180HWnv6UC9ymCkwKg-k3clvhJbrh7JtzC499DE_IhsUc8pIKDZbgToc1W-pzRUtkZwivFuA4Nv_m1-CytOLsZpDo2fbGWUiaagJOgO3f6IqhL85zHWA2VWqV30YPi20e6qhnj-aC5sgjeF9zsAkW5N4-f7lerM2qh0Y8IjqMSNns18Gm0TPSDD13t_Iy8yTP_AWayEjdk5uXH9d_e9Q5f4nO3m34ljJs3br1MgIEv84AMAEdZ3zfgYGtDwgk9pcQq0BOAYmIWM3Nus4FclKS8rlr_KXa8IUoKqeduXzMehUG9UUTWEHm6PMgOU_PyicEX43aO2hImas6En5FQkzLLfg-bikLxULccJg7EOl9GkTGq43WjK67Ybe7BauTr20r75ukU0xAQqOP_2jJCWHCNCEwDP-m35e7xSBLThKMqkA-DQpqEErAGgZ_otu92hCfb9XQNhXQLTYo4UsVKDCgI5AAt0aVXkd3hx_UMRP1jxmbBukEpSEp2QhPX6uBetba89oc1FtoyE1_hlmswGR_tOr5nfnsoVEJIFoWKYYfc6g2ABsbH_Y7sBkeODvPYjUvIgiJd0_kmWJyTsXmjktaG9vZsG_cQIfyzG_wBql3wG02Qq7mqyHWlsYPUqcbNOYVNOFC1j9Jno2uYN3R3xQhODMgE214GLMFEiflSsCJjhg-BVB9960mMO2uvRDQQ8M1CeyPDqGSLtoYXgboGYKaOV0SRRyjQCiJ3Xqwot-OGnVGDNxXkgjtGIQsjDg77KwZjNBaXgJspYxn8zD_yZxiuA4kct3eBndWNcxtPjF8lj1gZ7fZeL9J5hxoHiJNVHSYk3H6SJQFepcHX_7ZXVJC-k2SO8_xpulbXDdX0JgrvH60oRj4vYCUWnog0me91SmxQHr0y8MkT4IaAb_TpuTsNyYD5Z81NV2wJSMZsR6z61uwhSGYoXv1Lowlu4ZxJUcv3MDyogQmGNpQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H/1.1 200
OK domainMapping.js Show response
tenmaxsgads.blob.core.windows.net/template-v2/ Frame 62F6 2 KB
2 KB 662ms
163ms Script
application/javascript 52.163.176.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://tenmaxsgads.blob.core.windows.net/template-v2/domainMapping.js
Requested by: Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.163.176.16 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1298e48bb5667a9bc01b4d4aa8a3751c3649bcfd0ee520c22b273d96236f253e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 29 Aug 2022 00:46:06 GMT
Last-Modified: Thu, 25 Aug 2022 06:47:03 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: lcpcjqBQ5dzjaHialIJevA==
ETag: 0x8DA86659E384DBC
Content-Type: application/javascript
Access-Control-Allow-Origin: *
x-ms-request-id: 11dcbfd9-001e-0063-2740-bb78b3000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control: public, no-cache, no-store, must-revalidate, max-age=0
x-ms-version: 2009-09-19
Content-Length: 1681

GET
H/1.1 200
OK 22564_c07b78cc72f5_v3.js Show response
tenmaxsgads.blob.core.windows.net/holder/ Frame 62F6 2 KB
2 KB 663ms
162ms Script
application/javascript 52.163.176.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://tenmaxsgads.blob.core.windows.net/holder/22564_c07b78cc72f5_v3.js?cb=1659421986356
Requested by: Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.163.176.16 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4f92b7531b8be84f8ec216e97e26fd036c0105677a86708d2f1770201541dee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 29 Aug 2022 00:46:06 GMT
Last-Modified: Tue, 02 Aug 2022 06:33:05 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: KmSylg3++Zjad+uVkwQJHA==
ETag: 0x8DA7450DB4D8DA5
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
x-ms-request-id: f5014e02-001e-008d-3740-bb7230000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control: public, no-cache, no-store, must-revalidate, max-age=0
x-ms-version: 2009-09-19
Content-Length: 1782

GET
H/1.1 200
OK ppstudio.js Show response
ads-cdn.tenmax.io/code/ Frame 62F6 228 KB
84 KB 3545ms
243ms Script
application/javascript 211.22.126.82
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-cdn.tenmax.io/code/ppstudio.js
Requested by: Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.22.126.82 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-22-126-82.hinet-ip.hinet.net
Software: nginx /
Resource Hash: c63d04eaeb5e778371fa6382a0bd5496a80b82bef25302e79151489a31e29e5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Mon, 29 Aug 2022 00:46:09 GMT
Content-Encoding: gzip
Content-MD5: ogjU1sOPUbl4tyM9zM+M5Q==
X-Cache-Status: HIT
Transfer-Encoding: chunked
Server-Timing: cdn;desc=funP;dur=0.000
Connection: keep-alive
x-ms-lease-status: unlocked
Last-Modified: Thu, 25 Aug 2022 06:43:48 GMT
Server: nginx
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-ms-request-id: 358b8fc8-401e-002b-0189-ba4a2e000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control: public, max-age=600
x-ms-version: 2009-09-19

GET
H/1.1 204 xlKZiIDdXq3Nvg
rtb.tenmax.io/bid/asiamax/impreWithPrice/1661733965931/f701f771-2733-11ed-b4fe-11b6a6100fc6/41476/49744/null/ Frame 62F6 0
193 B 899ms
162ms Image
text/plain 104.215.146.81
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.tenmax.io/bid/asiamax/impreWithPrice/1661733965931/f701f771-2733-11ed-b4fe-11b6a6100fc6/41476/49744/null/xlKZiIDdXq3Nvg?optInfo=xlKYg0Z-sqx1Wg&bidPriceInfo=xlKZiIDdXq3Nvg
Requested by: Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.215.146.81 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:06 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: Tenmax Bidding Agent:prod-worker-sg:8080
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 204
No Content pixel
ssp.tenmax.io/auction/winner/tracking/ 0
206 B 242ms
242ms Image
text/plain 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/auction/winner/tracking/pixel?bid=f701f771-2733-11ed-b4fe-11b6a6100fc6&sid=b4abfe3067054b76&iid=0&dspid=db0efe1b-8522-45f8-a460-86bf42e3e3b8
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.hinet-ip.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:06 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 204
No Content impression
ssp.tenmax.io/supply/tracking/ 0
206 B 484ms
242ms Image
text/plain 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/impression?bid=f62c7f00-2733-11ed-b4fe-11b6a6100fc6&chid=f808230d6bc544f0&sid=b4abfe3067054b76
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.hinet-ip.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:06 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 tl
lg1.logging.admicro.vn/ 38 B
38 B 288ms
288ms Image
text/plain 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/tl?dt=1&ii=h1-721972208,h1-3751312208,h1-3752132208,h1-3752162208,h1-3751762208,h1-3752162208,h1-721992208,h1-3751152208,h1-721962208,h1-3752182208&d=bongdaplus.vn&p=%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&lsn=1661733961229&ce=1&lc=115&cr=1661733961&ui=2617339611365181740&dg=b7ba1c1e4c54b4a41c44986e6dd206e7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:06 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
content-length: 38
content-type: text/plain

GET
H2 200 / Show response
apis.adbro.me/api/v2/advertising/slot/e241c81b-7ad5-46f7-a764-b4d226656c5a/advertisement/ 13 B
449 B 182ms
174ms XHR
application/json 2606:4700:10::ac43:2682
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.adbro.me/api/v2/advertising/slot/e241c81b-7ad5-46f7-a764-b4d226656c5a/advertisement/?pageUrl=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&pageTitle=Viettel%20%26%20B%C3%ACnh%20%C4%90%E1%BB%8Bnh%20c%C3%B9ng%20th%E1%BA%AFng%3A%20Nh%C3%A0%20gi%C3%A0u%20v%C6%B0%E1%BB%A3t%20kh%C3%B3&imageUrl=https%3A%2F%2Fcdn.bongdaplus.vn%2FAssets%2FMedia%2F2022%2F08%2F29%2F26%2FVIETTEL.jpg&imageSize=480x270&r=5nsth
Requested by: Host: tag.adbro.me
URL: https://tag.adbro.me/tags/ptag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-adbro-uid: b5e8c7d5-b034-43d9-8499-656c7caf55d8
date: Mon, 29 Aug 2022 00:46:09 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-adbro-page: 8685436718744893401
x-adbro-ip: KgEEoAArAAAAAAAAAAAACA==
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
access-control-allow-origin: https://bongdaplus.vn
access-control-expose-headers: X-ADBRO-uid,X-ADBRO-ip,X-ADBRO-page,X-ADBRO-assessor,X-ADBRO-preview
access-control-allow-credentials: true
cf-ray: 742144998f956937-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 VIETTEL.jpg
cdn.bongdaplus.vn/Assets/Media/2022/08/29/26/ 28 KB
28 KB 297ms
297ms Image
image/jpeg 103.151.240.2
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bongdaplus.vn/Assets/Media/2022/08/29/26/VIETTEL.jpg
Requested by: Host: tag.adbro.me
URL: https://tag.adbro.me/tags/ptag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.2 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 33121a190fe341b5d3cca5eca2ee110ff13db5022f49cdb95396e55a8b50db61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:08 GMT
last-modified: Sun, 28 Aug 2022 23:47:08 GMT
server: Microsoft-IIS/10.0
age: 2058
x-powered-by: ASP.NET
etag: "c493c7c38bbd81:0"
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
content-length: 28636

GET
H/1.1 204
No Content viewable
ssp.tenmax.io/auction/winner/tracking/ 0
206 B 243ms
243ms Image
text/plain 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/auction/winner/tracking/viewable?bid=f701f771-2733-11ed-b4fe-11b6a6100fc6&noAd=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.hinet-ip.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:09 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 204 null
rtb.tenmax.io/bid/asiamax/viewable/1661733965931/f701f771-2733-11ed-b4fe-11b6a6100fc6/41476/49744/ 0
193 B 162ms
162ms Image
text/plain 104.215.146.81
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.tenmax.io/bid/asiamax/viewable/1661733965931/f701f771-2733-11ed-b4fe-11b6a6100fc6/41476/49744/null?optInfo=xlKYg0Z-sqx1Wg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.215.146.81 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:09 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: Tenmax Bidding Agent:prod-worker-sg:8080
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 204
No Content viewable
ssp.tenmax.io/supply/tracking/ 0
206 B 241ms
241ms Image
text/plain 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/viewable?bid=f62c7f00-2733-11ed-b4fe-11b6a6100fc6&chid=f808230d6bc544f0&sid=b4abfe3067054b76&noAd=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.hinet-ip.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 00:46:09 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 15ms
14ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1119592781&t=pageview&_s=1&dl=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&dp=%2F8685436718744893401&ul=en-us&de=UTF-8&dt=Viettel%20%26%20B%C3%ACnh%20%C4%90%E1%BB%8Bnh%20c%C3%B9ng%20th%E1%BA%AFng%3A%20Nh%C3%A0%20gi%C3%A0u%20v%C6%B0%E1%BB%A3t%20kh%C3%B3&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=2031619529&gjid=1089323221&cid=1419012330.1661733957&tid=UA-127545387-2&_gid=818252612.1661733957&_r=1&_slc=1&cd1=KgEEoAArAAAAAAAAAAAACA%3D%3D&z=423599298

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bongdaplus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bongdaplus.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bongdaplus_KIB_native_inImage.js Show response
pub.lavamedia.vn/sites/bongdaplus_KIB/ 942 B
621 B 282ms
281ms Script
application/javascript 123.30.139.122
VNPT-AS-VN Vietna...

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.lavamedia.vn/sites/bongdaplus_KIB/bongdaplus_KIB_native_inImage.js
Requested by: Host: tag.adbro.me
URL: https://tag.adbro.me/configs/sxftihsw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 123.30.139.122 , Viet Nam, ASN7643 (VNPT-AS-VN Vietnam Posts and Telecommunications VNPT, VN),
Reverse DNS: static.vnpt.vn
Software: nginx /
Resource Hash: 2b1da890affa3e6c19964b2374c65b931e322504d2e9c0777d5fb3ac29b68090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:09 GMT
content-encoding: gzip
last-modified: Mon, 27 Jun 2022 23:52:06 GMT
server: nginx
etag: W/"62ba42a6-3ae"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-127545387-2&cid=1419012330.1661733957&jid=2031619529&gjid=1089323221&_gid=818252612.1661733957&_u=aEDAAUABAAAAAC~&z=998466308

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bongdaplus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 29 Aug 2022 00:46:09 GMT
content-type: text/plain
access-control-allow-origin: https://bongdaplus.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 asyncjs.php Show response
delivery.lavamedia.vn/www/delivery/ 4 KB
2 KB 289ms
289ms Script
text/javascript 123.30.139.73
VNPT-AS-VN Vietna...

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.lavamedia.vn/www/delivery/asyncjs.php
Requested by: Host: pub.lavamedia.vn
URL: https://pub.lavamedia.vn/sites/bongdaplus_KIB/bongdaplus_KIB_native_inImage.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.139.73 , Viet Nam, ASN7643 (VNPT-AS-VN Vietnam Posts and Telecommunications VNPT, VN),
Reverse DNS: betteabs.net
Software: nginx /
Resource Hash: 5865a4baadddae629b47e608ee23e84e913529a966d0951026cf68e038f01a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:09 GMT
content-encoding: gzip
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: private, max-age=3600
expire: Mon, 29 Aug 2022 01:46:09 GMT

GET
H2 200 asyncspc.php Show response
delivery.lavamedia.vn/www/delivery/ 952 B
976 B 297ms
297ms XHR
application/json 123.30.139.73
VNPT-AS-VN Vietna...

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.lavamedia.vn/www/delivery/asyncspc.php?zones=%7C1950&prefix=revive-0-&pubname=hoidapvietjackinimage&loc=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Requested by: Host: delivery.lavamedia.vn
URL: https://delivery.lavamedia.vn/www/delivery/asyncjs.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.139.73 , Viet Nam, ASN7643 (VNPT-AS-VN Vietnam Posts and Telecommunications VNPT, VN),
Reverse DNS: betteabs.net
Software: nginx /
Resource Hash: 078a7ebda82cd6ffb00b71692e8e5290de0d16927f6380ec70f05684acbbf0bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:10 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://bongdaplus.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json
expires: 0

GET
H/1.1 200
OK ppstudio.js Show response
ads-cdn.tenmax.io/code/ 228 KB
84 KB 243ms
242ms Script
application/javascript 211.22.126.82
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-cdn.tenmax.io/code/ppstudio.js
Requested by: Host: ads-cdn.tenmax.io
URL: https://ads-cdn.tenmax.io/code/ppstudio.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.22.126.82 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-22-126-82.hinet-ip.hinet.net
Software: nginx /
Resource Hash: c63d04eaeb5e778371fa6382a0bd5496a80b82bef25302e79151489a31e29e5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Mon, 29 Aug 2022 00:46:10 GMT
Content-Encoding: gzip
Content-MD5: ogjU1sOPUbl4tyM9zM+M5Q==
X-Cache-Status: HIT
Transfer-Encoding: chunked
Server-Timing: cdn;desc=funP;dur=0.000
Connection: keep-alive
x-ms-lease-status: unlocked
Last-Modified: Thu, 25 Aug 2022 06:43:48 GMT
Server: nginx
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-ms-request-id: 358b8fc8-401e-002b-0189-ba4a2e000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control: public, max-age=600
x-ms-version: 2009-09-19

POST
H/1.1 200
OK / Show response
pebed.dm-event.net/ Frame F0DC 15 B
363 B 20ms
19ms XHR
application/json 188.65.124.59
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_vendor.cb0d857b291806973621.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.59 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed2.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept: application/json, text/plain, */*
X-Dm-EventBus-Worker-Duration: 0
Referer: https://geo.dailymotion.com/
accept-language: de-DE,de;q=0.9
X-Dm-EventBus-Compression-Duration: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

Date: Mon, 29 Aug 2022 00:46:10 GMT
Server: edward-ed/2.2.1
Access-Control-Max-Age: 604800
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length: 15

OPTIONS
H/1.1 200
OK /
pebed.dm-event.net/ Frame 0
0 19ms
18ms Preflight 188.65.124.59
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.59 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed2.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-dm-eventbus-compression-duration,x-dm-eventbus-worker-duration
Access-Control-Request-Method: POST
Origin: https://geo.dailymotion.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 604800
Content-Length: 0
Date: Mon, 29 Aug 2022 00:46:10 GMT
Server: edward-ed/2.2.1

GET
H3

200

ptag.js Show response
cdn.adbro.me/
Redirect Chain

https://tag.adbro.me/tags/ptag.js
https://cdn.adbro.me/ptag.js

106 KB
32 KB

16ms
16ms

Script
application/x-javascript

2606:4700:10::ac43:2682
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adbro.me/ptag.js
Protocol: H3
Server: 2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 91c90926e067942ddf4c93eac3e959a3c49eabf7e59be9ff1e33f645e8b496b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:10 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7380
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Jun 2022 14:06:04 GMT
server: cloudflare
etag: W/"06e3734f88ad81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-polished: origSize=137667
cf-ray: 742144a29e749a00-FRA
cf-bgj: minify

Redirect headers

date: Mon, 29 Aug 2022 00:46:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://cdn.adbro.me/ptag.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 742144a28e669a00-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 sxftihsw.js Show response
tag.adbro.me/configs/ 1 KB
1 KB 25ms
13ms Script
application/javascript 2606:4700:10::ac43:2682
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.adbro.me/configs/sxftihsw.js
Requested by: Host: bongdaplus.vn
URL: https://bongdaplus.vn/v-league/viettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1232fbed61715db738998bae623cfe431c8de8fe7dbaa6cb676f9310e7702769

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Aug 2022 00:46:10 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 311
cf-polished: origSize=2116
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Wed, 29 Jun 2022 02:41:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: e715ca19-601e-009d-2e62-8b44d6000000
cache-control: max-age=7200
x-ms-version: 2009-09-19
cf-ray: 742144a28e659a00-FRA
cf-bgj: minify

GET
H2 200 lg.php
delivery.lavamedia.vn/www/delivery/ 43 B
317 B 290ms
290ms Image
image/gif 123.30.139.73
VNPT-AS-VN Vietna...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.lavamedia.vn/www/delivery/lg.php?bannerid=1476&campaignid=15&zoneid=1962&loc=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&cb=935cd3bd7b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.139.73 , Viet Nam, ASN7643 (VNPT-AS-VN Vietnam Posts and Telecommunications VNPT, VN),
Reverse DNS: betteabs.net
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 00:46:10 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0

GET
H/1.1 200
OK styles.css
ads-cdn.tenmax.io/template-v2/single-element-fixed/ 3 KB
1 KB 239ms
238ms Stylesheet
text/css 211.22.126.82
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-cdn.tenmax.io/template-v2/single-element-fixed/styles.css
Requested by: Host: ads-cdn.tenmax.io
URL: https://ads-cdn.tenmax.io/code/ppstudio.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.22.126.82 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-22-126-82.hinet-ip.hinet.net
Software: nginx /
Resource Hash: 72fde8b70588b988b58d54064a4ca3c092bf262d26f28278314842d994841170

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Mon, 29 Aug 2022 00:46:10 GMT
Content-Encoding: gzip
Content-MD5: g+7pehmq2STO8pLqaQClRg==
X-Cache-Status: HIT
Transfer-Encoding: chunked
Server-Timing: cdn;desc=funP;dur=0.000
x-ms-lease-status: unlocked
Last-Modified: Thu, 25 Aug 2022 06:46:04 GMT
Server: nginx
Content-Type: text/css
Access-Control-Allow-Origin: *
x-ms-request-id: 9c92fa80-d01e-002e-0eac-babe51000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Connection: keep-alive
x-ms-version: 2009-09-19

GET
H/1.1 200
OK template.html Show response
ads-cdn.tenmax.io/template-v2/single-element-fixed/ 135 B
798 B 957ms
239ms XHR
text/html 211.22.126.82
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-cdn.tenmax.io/template-v2/single-element-fixed/template.html
Requested by: Host: ads-cdn.tenmax.io
URL: https://ads-cdn.tenmax.io/code/ppstudio.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.22.126.82 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-22-126-82.hinet-ip.hinet.net
Software: nginx /
Resource Hash: 5d0f7ab29686b654c8da7d354b6de499051f8849a747d4eb4f6fed216499053b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Mon, 29 Aug 2022 00:46:11 GMT
Content-Encoding: gzip
Content-MD5: qvytihUFfW0GRhbRRPJOFQ==
X-Cache-Status: HIT
Transfer-Encoding: chunked
Server-Timing: cdn;desc=funP;dur=0.000
x-ms-lease-status: unlocked
Last-Modified: Thu, 25 Aug 2022 06:46:04 GMT
Server: nginx
Content-Type: text/html
Access-Control-Allow-Origin: *
x-ms-request-id: 4b4a27e5-201e-00d5-0eab-ba764b000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Connection: keep-alive
x-ms-version: 2009-09-19

GET
H/1.1 200
OK main.js Show response
ads-cdn.tenmax.io/template-v2/single-element-fixed/ 6 KB
2 KB 957ms
239ms XHR
application/javascript 211.22.126.82
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-cdn.tenmax.io/template-v2/single-element-fixed/main.js
Requested by: Host: ads-cdn.tenmax.io
URL: https://ads-cdn.tenmax.io/code/ppstudio.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.22.126.82 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-22-126-82.hinet-ip.hinet.net
Software: nginx /
Resource Hash: 022b0aa122e8e8262d11edb96a3697887c470c73534d28686277a608f45de521

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Mon, 29 Aug 2022 00:46:11 GMT
Content-Encoding: gzip
Content-MD5: 526D36J0A/rC2naouPoy7g==
X-Cache-Status: HIT
Transfer-Encoding: chunked
Server-Timing: cdn;desc=funP;dur=0.000
x-ms-lease-status: unlocked
Last-Modified: Thu, 25 Aug 2022 06:46:04 GMT
Server: nginx
Content-Type: application/javascript
Access-Control-Allow-Origin: *
x-ms-request-id: 998e5d85-001e-0068-38ab-ba60c7000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Connection: keep-alive
x-ms-version: 2009-09-19

GET
H/1.1 200
OK tuoitre.js Show response
ads-cdn.tenmax.io/template-v2/custom-script/ 5 KB
2 KB 963ms
241ms XHR
application/javascript 211.22.126.82
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-cdn.tenmax.io/template-v2/custom-script/tuoitre.js
Requested by: Host: ads-cdn.tenmax.io
URL: https://ads-cdn.tenmax.io/code/ppstudio.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.22.126.82 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-22-126-82.hinet-ip.hinet.net
Software: nginx /
Resource Hash: d15414e3d12080fa59d0fad5f7bc47c71e7d49fcaf998f13ae2f3858cccf4962

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Mon, 29 Aug 2022 00:46:11 GMT
Content-Encoding: gzip
Content-MD5: 3syfHPXwkRLF5Ey8NO6jEQ==
X-Cache-Status: HIT
Transfer-Encoding: chunked
Server-Timing: cdn;desc=funP;dur=0.000
x-ms-lease-status: unlocked
Last-Modified: Thu, 25 Aug 2022 06:46:32 GMT
Server: nginx
Content-Type: application/javascript
Access-Control-Allow-Origin: *
x-ms-request-id: c055ad46-201e-007f-73aa-baa0a4000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Connection: keep-alive
x-ms-version: 2009-09-19

GET
H2 204 impre
ads.tenmax.io/track/f9d032a1-2733-11ed-8226-e5ae2bd4d6b8/ 0
237 B 683ms
164ms Image
text/plain 23.98.75.180

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.tenmax.io/track/f9d032a1-2733-11ed-8226-e5ae2bd4d6b8/impre?crid=22564&v=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.98.75.180 -, , ASN (),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:46:11 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx/1.14.2
x-application-context: ads-track:prod:8080
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 200
OK 22564-content.jpg
ads-cdn.tenmax.io/creative/2022/08/02/ 58 KB
59 KB 241ms
241ms Image
image/jpeg 211.22.126.82
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads-cdn.tenmax.io/creative/2022/08/02/22564-content.jpg?cb=1659412132763
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.22.126.82 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-22-126-82.hinet-ip.hinet.net
Software: nginx /
Resource Hash: 6df910fcd643cbd56107145f5d9111812cc5a395aebffac18fffa0e687bb2501

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Mon, 29 Aug 2022 00:46:10 GMT
Content-MD5: zLDcANXEL/KE+VjxU/fmhw==
X-Cache-Status: HIT
Server-Timing: cdn;desc=funP;dur=0.000
Content-Length: 59299
x-ms-lease-status: unlocked
Last-Modified: Tue, 02 Aug 2022 03:48:52 GMT
Server: nginx
ETag: 0x8DA7439EACCDEE1
Content-Type: image/jpeg;charset=UTF-8
Access-Control-Allow-Origin: *
x-ms-request-id: abc686c8-901e-00c7-3aa4-ba4257000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Connection: keep-alive
x-ms-version: 2009-09-19
Accept-Ranges: bytes

GET
H/1.1 200
OK CloseButtonIcon.svg
ads-cdn.tenmax.io/template/common/ 964 B
1 KB 241ms
240ms Image
image/svg+xml 211.22.126.82
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads-cdn.tenmax.io/template/common/CloseButtonIcon.svg
Requested by: Host: ads-cdn.tenmax.io
URL: https://ads-cdn.tenmax.io/template-v2/single-element-fixed/styles.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.22.126.82 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-22-126-82.hinet-ip.hinet.net
Software: nginx /
Resource Hash: 064d495188fca0dcc4871eceb6b60d3ba947dee7ea96f44a66b34c0532484e22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads-cdn.tenmax.io/template-v2/single-element-fixed/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Mon, 29 Aug 2022 00:46:11 GMT
Content-Encoding: gzip
Content-MD5: XDOFQe99C4jumcw58zAJqQ==
X-Cache-Status: HIT
Transfer-Encoding: chunked
Server-Timing: cdn;desc=funP;dur=0.000
x-ms-lease-status: unlocked
Last-Modified: Tue, 09 Oct 2018 09:42:20 GMT
Server: nginx
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
x-ms-request-id: f3da521d-a01e-008b-1d85-ba8548000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Connection: keep-alive
x-ms-version: 2009-09-19

GET
H/1.1 200
OK logo.css
ads-cdn.tenmax.io/code/ 1 KB
1 KB 238ms
238ms Stylesheet
text/css 211.22.126.82
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-cdn.tenmax.io/code/logo.css
Requested by: Host: ads-cdn.tenmax.io
URL: https://ads-cdn.tenmax.io/code/ppstudio.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.22.126.82 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-22-126-82.hinet-ip.hinet.net
Software: nginx /
Resource Hash: d46a3ffab4d7121079278f925cb1b39180f62a0c305b065bec8e0305f5b2e4b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bongdaplus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Mon, 29 Aug 2022 00:46:11 GMT
Content-Encoding: gzip
Content-MD5: +Y06FC/q6sB9JY006iSweQ==
X-Cache-Status: HIT
Transfer-Encoding: chunked
Server-Timing: cdn;desc=funP;dur=0.000
x-ms-lease-status: unlocked
Last-Modified: Thu, 25 Aug 2022 06:45:05 GMT
Server: nginx
Content-Type: text/css
Access-Control-Allow-Origin: *
x-ms-request-id: 49bad86e-b01e-00f2-5baa-baec02000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Connection: keep-alive
x-ms-version: 2009-09-19

GET small.png
ads-cdn.tenmax.io/logo/tenmax/ 0
0

GET dc_oe=ChMI19bLs-nq-QIV-I79Bx0CewspEAAYACDg0-lKQhMIsquvs-nq-QIVKsYRCB3sMw90;met=1;&timestamp=1661733972001;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame D652 0
0

GET dc_oe=ChMIkuXLs-nq-QIVQN0RCB0NdQY0EAAYACCQvfdKQhMItKuvs-nq-QIVKsYRCB3sMw90;met=1;&timestamp=1661733972002;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 387C 0
0

GET dc_oe=ChMIwdzLs-nq-QIVPYv9Bx2AnwMxEAAYACDg0-lKQhMIs6uvs-nq-QIVKsYRCB3sMw90;met=1;&timestamp=1661733972016;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame DB4C 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ads.novanet.vn
URL: https://ads.novanet.vn/Ad?ssl=true&v=1661733961923&ssl=true&zone=10484&url=https%3A%2F%2Fbongdaplus%2Evn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208%2Ehtml&host=bongdaplus%2Evn&ref=&hl=2&br=3&brver=104&osname=1&osver=0&width=300&height=250&time=923&h5e=true&nnc=null&cenable=true&newnnc=false

Domain: ads-cdn.tenmax.io
URL: https://ads-cdn.tenmax.io/logo/tenmax/small.png

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI19bLs-nq-QIV-I79Bx0CewspEAAYACDg0-lKQhMIsquvs-nq-QIVKsYRCB3sMw90;met=1;&timestamp=1661733972001;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIkuXLs-nq-QIVQN0RCB0NdQY0EAAYACCQvfdKQhMItKuvs-nq-QIVKsYRCB3sMw90;met=1;&timestamp=1661733972002;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIwdzLs-nq-QIVPYv9Bx2AnwMxEAAYACDg0-lKQhMIs6uvs-nq-QIVKsYRCB3sMw90;met=1;&timestamp=1661733972016;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Verdicts & Comments Add Verdict or Comment

837 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

75 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bongdaplus.vn/v-league	1970-01-20 14:21:09	Name: _a3rd1488784986 Value: 0-9
.bongdaplus.vn/	1970-01-20 05:37:00	Name: _gid Value: GA1.2.818252612.1661733957
.bongdaplus.vn/	1970-01-20 05:35:34	Name: _gat_gtag_UA_20374657_1 Value: 1
bongdaplus.vn/	1970-01-20 05:35:35	Name: BongdaplusView_375216_0 Value: 1
.mgid.com/	1970-01-20 05:35:35	Name: __cf_bm Value: aA7mLaHNRsZT.1Y605eybd0_b2m8OdhjzvOCDjP4RYw-1661733958-0-AfqCBZRUPdbPJDi2IvNqnzoDjwOL73LBQjJmHazZ+ozfy8NHybqgHW1p8q9ciqJVbggEM4Dezxz71LIa9KSDE90=
bongdaplus.vn/	1970-01-20 05:35:35	Name: IRcookieTime Value: {"stopclick1":"1s","stopclick2":"1s","stopclick3":"3s","stopclick4":"4s","blockipclick2":"1s","blockipclick3":"2s","blockipclick5":"9s","blockipclick7":"1m","blockipclick9":"2m","blockipclick10":"5m","cookiesinterval":"30m","blockcookies":"720m","viewport":"true","cookiescheck":"true","blacklistip":"3m","stopadsclick":"0","adsrefresh":"true","adsrefreshtime":"40"}
bongdaplus.vn/	1970-01-20 05:36:17	Name: incRevIpCheck Value: 2a01:4a0:2b::8
.bongdaplus.vn/	1970-01-20 15:11:33	Name: _ga_P2DCN3SNWK Value: GS1.1.1661733959.1.0.1661733959.0.0.0
bongdaplus.vn/	1970-01-20 06:18:45	Name: _ubpbjs_userid_consent_data Value: 3524755945110770
bongdaplus.vn/	1970-01-20 07:45:09	Name: id5id.1st Value: %7B%22created_at%22%3A%222022-08-29T00%3A45%3A59.634607035Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
bongdaplus.vn/	1970-01-20 07:45:09	Name: id5id.1st_last Value: Mon%2C%2029%20Aug%202022%2000%3A45%3A59%20GMT
.bongdaplus.vn/	1970-01-20 15:11:33	Name: _uidcms Value: 1661733959664277231
.gammaplatform.com/	1970-01-20 15:11:33	Name: _aUID Value: 8n7tp79ixfrj
.gammaplatform.com/	1970-01-20 05:38:26	Name: _aGeoIp Value: DE\|Lappersdorf
.gammaplatform.com/	1970-01-20 05:45:38	Name: _aCMP_5 Value: 3
.gammaplatform.com/	1970-01-20 05:37:00	Name: _aCMP_7 Value: 1
.gammaplatform.com/	1970-01-20 05:57:09	Name: _aCMP_31 Value: 2
.gammaplatform.com/	1970-01-20 05:57:09	Name: _aCMP_35 Value: 0
.gammaplatform.com/	1970-01-20 05:57:09	Name: _aCMPD_1 Value: 1
.gammaplatform.com/	1970-01-20 05:45:38	Name: _aCMPD_2 Value: 1
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.bidswitch.net/	1970-01-20 14:21:09	Name: tuuid Value: ae01ed06-a198-4672-80df-01a8109778cc
.bidswitch.net/	1970-01-20 14:21:09	Name: c Value: 1661733960
.bidswitch.net/	1970-01-20 14:21:09	Name: tuuid_lu Value: 1661733960
.betweendigital.com/	1970-01-20 14:21:09	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 14:21:09	Name: tuuid Value: 642d30f7-1fcb-52f1-8a46-e862e94ae42a
.betweendigital.com/	1970-01-20 14:21:09	Name: ss Value: 1
.betweendigital.com/	1970-01-20 14:21:09	Name: ut Value: YwwMSAAFnYAFJtzInd3ijGbM-KpqZHFt0j6fpg==
bongdaplus.vn/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1339465%22%3A%7B%22page%22%3A1%2C%22time%22%3A1661733960656%7D%7D
.ambientdsp.com/	1970-01-20 05:37:00	Name: _aGeoIp Value: DE-Lappersdorf
.ambientdsp.com/	1970-01-20 15:11:33	Name: _aUID Value: wuoznpkz565
bongdaplus.vn/	1970-01-20 06:18:45	Name: _pbjs_userid_consent_data Value: 3524755945110770
.doubleclick.net/	1970-01-20 14:57:09	Name: IDE Value: AHWqTUk5M86dZtIcCKuwHotOpeAhm14TSmQ5KWMh93sOggG13PcaqbKoR9dlCmaxYC0
.adnxs.com/	1970-01-20 07:45:09	Name: uuid2 Value: 1276591833648336462
.casalemedia.com/	1970-01-20 14:21:09	Name: CMID Value: YwwMSCZBkDYtJjyTecgg4gAA
.casalemedia.com/	1970-01-20 07:45:09	Name: CMPS Value: 5170
.casalemedia.com/	1970-01-20 07:45:09	Name: CMPRO Value: 5170
.adnxs.com/	1970-01-20 07:45:09	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$Go.Dj)!]tc-8i_iqf!oN/@E'zz<Z0QS+p<Z1W%aNEL0NP)+2IOsq#^k)JXNY4L-LgTD._PlZ[C[-kX-9ahKN
.casalemedia.com/	1970-01-20 07:45:09	Name: CMTS Value: 1120
bongdaplus.vn/	1970-01-20 14:57:09	Name: cto_bidid Value: aOfxjV8xQm1BbkVUMmZKJTJGQ2Q1QVhVbDk0UmFjZUxDaTl5UlBydlVLYnFtSzUzcUozc0NYYlNtb2VyWVZ4aWhBRkhPYkprdGtaRnd0MU5jUVJPWGZ1OUhrY1pRJTNEJTNE
bongdaplus.vn/	1970-01-20 14:57:09	Name: cto_bundle Value: 8z00qV9kbjQwaHlTJTJGT0NaQTdXTTNZU1RCQzdnWVcxWEFUanVVU01Nb09KN0NMOGpIcGxVeUU5ZVR6QWpFdGxiM3VxOGh2QXE2Tk4zMzE3Q3lzWmRXSXNzMEVGQjFDQjMwSVVVd3RXQVRFTU1jakdZdGhJU1clMkZnJTJCSTk2c2ROaFUxM0ZRJTJG
.redintelligence.net/	1970-01-20 07:45:09	Name: 8lcfmzhxc8d6_uid Value: 9ceac840730bf8e1
pb.media01.eu/	1970-01-20 15:11:33	Name: DTU Value: 28EB9F940C2FB4AD22B75CF93C555A86
.retailads.net/	1970-01-20 06:18:45	Name: ppb2172 Value: 1566844598
.logging.admicro.vn/	1970-01-20 15:11:33	Name: __create Value: 1661733961
.logging.admicro.vn/	1970-01-20 15:11:33	Name: __uid Value: 2617339611365181740
.logging.admicro.vn/	1970-01-20 05:35:35	Name: linfo Value: 115_1661733961
.logging.admicro.vn/	1970-01-20 05:35:35	Name: __C Value: 115_1661733961
.logging.admicro.vn/	1970-01-20 05:37:00	Name: uinfo Value: -1
.logging.admicro.vn/	1970-01-20 15:11:33	Name: uuid2 Value: 1661733961776285800-23001014-e22bc58e-6734-4811-bb37-fe559f6ed98f
.logging.admicro.vn/	1970-01-20 05:37:00	Name: __tb Value: 0
.futalis.de/	1970-01-20 07:01:57	Name: raSIDb Value: 1566844598
bongdaplus.vn/	1970-01-20 15:11:33	Name: __RC Value: 115
bongdaplus.vn/	1970-01-20 15:11:33	Name: __R Value: 0
.logging.admicro.vn/	1970-01-20 05:35:34	Name: __OS Value: 10_Windows+10_+_+_14_104.0.5112.101__0
.lg.nanda.vn/	1970-01-20 15:11:33	Name: __uid Value: 3517339635583286192
.lg.nanda.vn/	1970-01-20 15:11:33	Name: __create Value: 1661733963
.amcdn.vn/	1970-01-20 15:11:33	Name: __uid Value: 8561733963347685564
.amcdn.vn/	1970-01-20 15:11:33	Name: __create Value: 1661733963
delivery.lavamedia.vn/	1969-12-31 23:59:59	Name: OAGEO Value: 2%7CDE%7CEU%7C1%7CWarburg%7C34414%7C51.4843%7C9.1544%7C200%7CEurope%2FBerlin%7C%7CNW%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
bongdaplus.vn/	1970-01-20 05:35:35	Name: gliaplayer_ssid Value: f5ae4e50-2733-11ed-8791-39d38387c415
.spotxchange.com/	1970-01-20 06:15:53	Name: audience Value: f5bcb253-2733-11ed-9fdc-1365eaaf0206
bongdaplus.vn/	1970-01-20 05:49:57	Name: __uif Value: __uid%3A2617339611365181740%7C__ui%3A-1%7C__create%3A1661733961
bongdaplus.vn/	1970-01-20 15:11:33	Name: __tb Value: 0
.aralego.com/	1970-01-20 14:21:09	Name: gdpr Value: 1
.aralego.com/	1970-01-20 14:21:09	Name: sspid Value: c9bc4410-dda6-3357-bd7c-c62877611261
.bongdaplus.vn/	1970-01-20 14:57:09	Name: __gads Value: ID=ea40787c55c69d63:T=1661733960:S=ALNI_MYEYpNEgav1s5x2e65CyCAPvGtHlg
delivery.lavamedia.vn/	1970-01-20 14:21:09	Name: OAID Value: a7ec99e2273b9440de1a4d91e8f5d7d0
.dailymotion.com/	1969-12-31 23:59:59	Name: dmvk Value: 630c0c4c763ee
.dailymotion.com/	1970-01-20 15:05:48	Name: ts Value: 229471
.dailymotion.com/	1970-01-20 15:05:48	Name: v1st Value: BFE642BE86603DC70C7DA257EAFD3C16
.dailymotion.com/	1970-01-20 15:05:48	Name: usprivacy Value: 1---
.adbro.me/	1970-01-20 14:21:09	Name: uid Value: b5e8c7d5-b034-43d9-8499-656c7caf55d8
.bongdaplus.vn/	1970-01-20 15:11:33	Name: _ga Value: GA1.2.1419012330.1661733957
.bongdaplus.vn/	1970-01-20 05:35:34	Name: _gat_adbroGA Value: 1

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://bongdaplus.vn/bundles/jquery?v=2svGaZRvs0AaMYTOAHSweCa27ehCpILIM0fY4jeMdDs1 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.pubmatic.com/AdServer/js/mshowad.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://bongdaplus.vn/bundles/jquery?v=2svGaZRvs0AaMYTOAHSweCa27ehCpILIM0fY4jeMdDs1 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.pubmatic.com/AdServer/js/mshowad.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://bongdaplus.vn/bundles/jquery?v=2svGaZRvs0AaMYTOAHSweCa27ehCpILIM0fY4jeMdDs1 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://script.novanet.vn/embed.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://bongdaplus.vn/bundles/jquery?v=2svGaZRvs0AaMYTOAHSweCa27ehCpILIM0fY4jeMdDs1 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pub.lavamedia.vn/sites/bongdaplus.vn_Zmedia/bongdaplus.vn_nativeinimage.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ads.pubmatic.com/AdServer/js/mshowad.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://sshowads.pubmatic.com/AdServer/AdServerServlet?operId=201&rs=2&pubId=161363&siteId=965675&adId=4509732&kadwidth=970&kadheight=250&sec=1&rid=254008038&pageURL=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&ranreq=0.39771948631528087&inIframe=0&screenResolution=1600x1200&adVisibility=2&adPosition=5026.59375x0&timezone=0&kltstamp=2022-8-29%200%3A45%3A58&ms=1&js=1&pmUniAdId=1&kadpageurl=https%3A%2F%2Fbongdaplus.vn%2F&schain=1.0%2C1!pubmatic.com%2C161363%2C1%2C%2C%2C, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ads.pubmatic.com/AdServer/js/mshowad.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://sshowads.pubmatic.com/AdServer/AdServerServlet?operId=201&rs=2&pubId=161363&siteId=965675&adId=4509732&kadwidth=970&kadheight=250&sec=1&rid=254008038&pageURL=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&ranreq=0.39771948631528087&inIframe=0&screenResolution=1600x1200&adVisibility=2&adPosition=5026.59375x0&timezone=0&kltstamp=2022-8-29%200%3A45%3A58&ms=1&js=1&pmUniAdId=1&kadpageurl=https%3A%2F%2Fbongdaplus.vn%2F&schain=1.0%2C1!pubmatic.com%2C161363%2C1%2C%2C%2C, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ads.pubmatic.com/AdServer/js/mshowad.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://gamma.cachefly.net/js/ad-exchange.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ads.pubmatic.com/AdServer/js/mshowad.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://gamma.cachefly.net/js/ad-exchange.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ads.pubmatic.com/AdServer/js/mshowad.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=161363&siteId=965675&adId=4509732&adType=3&adServerId=165&kefact=0.000000&kaxefact=0.000000&kadNetFrequecy=0&kadwidth=970&kadheight=250&kadsizeid=0&kltstamp=1661733959&indirectAdId=2720318&adServerOptimizerId=1&ranreq=0.39771948631528087&kpbmtpfact=0.000000&dcId=3&tldId=0&passback=3&svr=ADS23004&adsver=_3013135110&adsabzcid=0&cls=ADS&ekefact=RwwMY61GBAD7y52PUhALQimgCgMasJ3ilUiohF7PoScLcHXF&ekaxefact=RwwMY79GBAAGl2c6WULU9MaaCRQBIaRP7oKUwgqtFX5RpGyp&ekpbmtpfact=RwwMY85GBABR3-AM7SMpPUOZMIzm8wCPPXZMmF-2gPuc2yw6&pfi=1&domId=8447038278070297979&dc=lhr19&crID=0&campaignId=0&isRTB=0&cksum=FE00999AFF59BB4&ver=4&dateHr=2022082900&imprId=79B38E25-1CE6-4DBE-A272-96BFB0C74F76&oid=79B38E25-1CE6-4DBE-A272-96BFB0C74F76&cntryId=58&domain=bongdaplus.vn&sec=1&pmc=0&pAuSt=2&wops=0&sURL=bongdaplus.vn&BrID=5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://gamma.cachefly.net/js/ad-exchange.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tag.gammaplatform.com/adx/request/?wid=1488783994&zid=1488784986&content_page_url=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&urf=&zt=&cb=775805/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://gamma.cachefly.net/js/ad-exchange.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tag.gammaplatform.com/adx/request/?wid=1488783994&zid=1488784986&content_page_url=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&urf=&zt=&cb=775805/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tag.gammaplatform.com/adx/request/?wid=1488783994&zid=1488784986&content_page_url=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&urf=&zt=&cb=775805/(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://media1.admicro.vn/cms/arf-ka3ek337.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tag.gammaplatform.com/adx/request/?wid=1488783994&zid=1488784986&content_page_url=https%3A%2F%2Fbongdaplus.vn%2Fv-league%2Fviettel-binh-dinh-cung-thang-nha-giau-vuot-kho-3752162208.html&urf=&zt=&cb=775805/(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://media1.admicro.vn/cms/arf-ka3ek337.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://bongdaplus.vn/img/sg31-games/karatedo.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bongdaplus.vn/img/sg31-games/kick-boxing.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bongdaplus.vn/img/sg31-games/muay.png Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://geo.dailymotion.com/libs/player/x9u8j.js?GK_PV5_OMSDK=0(Line 38) Message: Allow attribute will take precedence over 'allowfullscreen'.
javascript	warning	URL: https://geo.dailymotion.com/player/x9u8j.html?video=k3Cf2C0ElSydrLyfsP6&mute=true&scaleMode=fit&syndication=1140577&GK_PV5_PHOTON=1 Message: The resource https://imasdk.googleapis.com/js/sdkloader/ima3.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5a9c3873c33303a4ac7e0ee43d1a44d8.safeframe.googlesyndication.com
5c11f8c8c813d559357605fbfd9a08ce.safeframe.googlesyndication.com
acdn.adnxs.com
ad-server.eu
ad.crwdcntrl.net
ade.googlesyndication.com
adi.admicro.vn
adminplayer.sohatv.vn
ads-cdn.tenmax.io
ads.betweendigital.com
ads.novanet.vn
ads.pubmatic.com
ads.tenmax.io
adservice.google.com
adservice.google.de
adv.office-partner.de
ajax.googleapis.com
aktrack.pubmatic.com
amcdn.vn
analytics.webgains.io
anymind360.com
api.unibots.in
api.webgains.io
apis.adbro.me
bcp.crwdcntrl.net
bd.urekamedia.com
biddr.brealtime.com
bongdaplus.vn
c.mgid.com
cdn.adbro.me
cdn.aralego.net
cdn.bongdaplus.vn
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.retailads.net
cdn.track.production.webgains.team
cdn.unibots.in
cdn.unibotscdn.com
cm.ambientdsp.com
cm.g.doubleclick.net
cm.gammaplatform.com
cm.mgid.com
connect.facebook.net
delivery.lavamedia.vn
dmxleo.dailymotion.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fgp.philacct.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
gamma.cachefly.net
geo.dailymotion.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90001.redintelligence.net
hal900020.redintelligence.net
hal900025.redintelligence.net
hal900027.redintelligence.net
hal90006.redintelligence.net
hb.aralego.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
images.dmca.com
imasdk.googleapis.com
increaserev.com
js.aiservice.vn
jsc.mgid.com
lg.nanda.vn
lg1.logging.admicro.vn
match.adsrvr.org
media1.admicro.vn
medialead.de
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pebed.dm-event.net
pixel.gliacloud.com
pixel.yabidos.com
player.gliacloud.com
pre.glotgrx.com
pro.ip-api.com
pub.lavamedia.vn
pub.lavanetwork.net
pv.medialead.de
rec.aiservice.vn
region1.google-analytics.com
rtb.tenmax.io
s-img.mgid.com
s0.2mdn.net
script.novanet.vn
secureads.increaserev.com
securepubads.g.doubleclick.net
servicer.mgid.com
speedtest.dailymotion.com
sshowads.pubmatic.com
ssp.tenmax.io
sspapi.admicro.vn
static.amcdn.vn
static.contineljs.com
static.philacct.com
static1.dmcdn.net
stats.g.doubleclick.net
sync.aralego.com
sync.search.spotxchange.com
sync.teads.tv
tag.adbro.me
tag.gammaplatform.com
tenmax-static.cacafly.net
tenmaxsgads.blob.core.windows.net
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
us-u.openx.net
vendorlist.dmcdn.net
www.cloudflare.com
www.dailymotion.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ade.googlesyndication.com
ads-cdn.tenmax.io
ads.novanet.vn
103.151.240.2
104.16.200.58
104.17.119.107
104.18.19.126
104.19.134.78
104.19.136.78
104.215.146.81
104.96.128.226
123.30.139.122
123.30.139.73
123.30.151.81
123.30.151.88
138.199.37.231
138.201.135.164
138.201.63.164
138.201.84.245
14.225.10.11
14.225.10.21
141.95.98.66
142.250.185.98
142.250.186.34
142.250.74.194
145.239.193.130
151.101.193.108
151.139.242.29
167.233.14.134
171.244.15.69
172.217.18.2
178.250.0.157
178.63.52.121
178.79.242.181
18.138.18.111
184.51.9.34
185.64.190.75
185.94.180.126
188.42.196.115
188.65.124.59
188.65.124.66
188.65.124.90
188.65.124.91
192.96.200.41
198.47.127.19
198.47.127.22
2001:4860:4802:34::36
205.234.175.175
211.21.190.218
211.22.126.82
216.58.212.130
23.205.235.133
23.35.236.201
23.98.75.180
2405:f980::1:10
2405:f980::1:13
2606:4700:10::6816:3456
2606:4700:10::ac43:1755
2606:4700:10::ac43:2682
2606:4700:20::681a:17e
2606:4700:20::681a:467
2606:4700:20::ac43:4a72
2606:4700:3038::6815:eb59
2606:4700::6810:5714
2606:4700::6810:75c3
2606:4700::6810:7c60
2a00:1450:4001:801::2008
2a00:1450:4001:806::200a
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2006
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9c
2a01:4f8:d0a:2321::2
2a02:2638::1c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::645
2a06:98c1:3121::3
2a0b:4d07:102::1
3.120.3.232
34.251.71.171
34.98.64.218
35.227.207.122
35.71.131.137
37.252.172.250
42.112.37.35
42.117.1.227
45.79.126.27
46.4.10.49
51.77.64.70
52.163.176.16
52.220.229.2
52.30.246.43
52.56.221.73
52.56.49.215
54.255.154.87
54.76.176.197
65.9.66.42
69.173.144.165
78.46.111.106
88.198.250.30
89.187.169.3
94.23.99.218
99.86.4.53
008a492f856df45e774e16d26f6a912594c09cad03768e2923463ed500e85955
00b76f924405015b59c87ce47507959e88f73faff262254f64a3757cbbe42ff8
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994
019287946d95dcc710607119492284d7910f93b4d27b4e61cb46f09e91055205
022b0aa122e8e8262d11edb96a3697887c470c73534d28686277a608f45de521
0234c86de864df424f931fb1ebc399acacbc06030394787e51c2f324aba9f7a3
026a7fc483a6a4bfde92dff5b8f52c5cb0a85fe4e561489ba609990316df5eaa
0365e3f4d308d0beec787524d9a2f686351e1011555515526ddfaf34176d0514
038e08cb8d62ec4242ffa022fdba6152be27483e9564139a8105374fb48d0ab7
0442f84c71871adc31f50fe1c360a4be4203b03e975a40c0f5a77793b8aafa02
044e94ddabc59a5834b4765c291ac1ec385e76c0d2b7da1c856b945a357ae179
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
064d495188fca0dcc4871eceb6b60d3ba947dee7ea96f44a66b34c0532484e22
07572f31a00b1843fc6d9a1eb3155eaf2a46089213d6740f302cf34f83738040
078a7ebda82cd6ffb00b71692e8e5290de0d16927f6380ec70f05684acbbf0bd
07e03fb927a1fe818ff67d26f201942028d3f9fa42264f04258b2fbf745e4b5c
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0877239101cbff856743513b4ea69fbaf9c580c8ae526e0a8d2ef1b770414094
09501fbc70b3df5c2f53290a57c61ab50e9517204048f9815ddb1bd1a0501484
0a208eec77bdae50b63eea030dcc66f21c1f8006c788ba02f46456e06b0286b9
0a9b34c99a9885c683a896ae11fd25a87202d2cd690ff18725c62815dae0a20c
0ae3017829c46e14f88353cadea0a8a4396b42d63637c3f8e2f3d0d0b3e79c3d
0b284304decd4ca4db4053be5ee8676a496bd0212a3a341eae024259ddb070f9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb0cb56b5d63ead37334b63667b6c8ec780abe8cac37d2c806d101144c20ed5
0c7d5ab7c7dec2558a13363161574f1662ff6ca2be05ddfb1d73f436fd68caf5
0c9f7cf605fe9b7997cd43da48328bdfc7166b1d3cc48a69fdc120ca09440ccb
0ca5f70c65e6cc505ff300e1e1ada082e0f3c9404f9ac1f6e0a4cb51a30717d4
0d60e74c119ae8e90c0d9b9937eaa88ab56782bc9acaa597d0e972e872c8bf87
0deb1fcf565517dfc11ad1cd47c3cca89162c046c2ebe174dd3c692e10a5ef6d
0e08a4b2dad935412be84ca5b57aabb165a589bffc3d7eb746450ecfba128822
0e89279483fb861861b57327cdda662db2b12537f759b1200006307c6f7f708d
0f0fb4b01ebe72db6ad4251b31d6849c51c5423ec62042a77923c876b0341d54
10981f8f2382369aa0e2033491f5b532e3e238719185364406e3891ee7339f4e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1145a041a43236c0d117e84adfab62d062938676efefd7288201219fb3c8e680
11a7c0580408c1be76a1af2fe4f05aaaf4635847386885f1340e57e2b56da3fb
1232fbed61715db738998bae623cfe431c8de8fe7dbaa6cb676f9310e7702769
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1298e48bb5667a9bc01b4d4aa8a3751c3649bcfd0ee520c22b273d96236f253e
139423b0348cf17467e5739cf89277d2742bf2ed586d0d323980cfac9f3abc5d
13b6581e5665a9e516751b0326354eaeb7853be7cbe4153adc6cad59b683e889
13c01c355d6b1471efbdcb9b2f0d4e855bf657bf66f0a30a881a2d93b105e75d
148022fcf56320601c688ec8f63c2c2edf5479551f6ff2a917caed119acaba0e
152b60c20455b294efc6aec5478a38b9d21ee458d02fe411b7eb87bc76c3f67e
15696c3b9e96e562441097f54828730fce55e3ceecacc05aee2a7d3e7650f6b3
15ae807677dd96a011e165275f01da048de00640adfa0f134a97e2632917fdfa
1613711bbb10f4c78ada4bf471bce3d1322d1b0f7275786ddb0ada6d20df81b8
18f1aced49f996cd2d6abe2e47aa4b928ac2885eba1658f6b44041b27af1287a
18fd0b51f81d75aec6bffa80211b2aa409afabbd946453e6063f000a2151b17f
1952d5ea0e20f90e5df467331285ee4f49996d1fdfa1a825b091845dd8e0fecd
19bc4b53ced6b52c0de571b8ae0d0b8fb09188ffe9c4251b8f62506b2d812b75
1b41055a1b6d07daf22d024960f80063cac8c8486635f79cdbbb3d1060da3e3c
1c1935591afc24072731b4586f475561e8e977a36dacf5cf7b459a14adfb7b05
1c777efde8537597a0ec5901c95f48843206990d489bcfa35bdefe2e2e49d50a
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1d2009e4aea51a8e6a0f6404f282d8948f473e26f80e45c7ed9bbb12e470d661
1ec8f932a53abf5237047528c8d541ce7970c5f187e8e34a3980757240f7cd34
1f931e18adcb0bf3d3762cb95dfe343bfc60d108abf06f1ca86c3889c9882184
204d819ff1a70e015a9c14663beef905e6d60312d3b651510e15beb1be7b783d
21a961491939d0b6f101f6a5f69d1afe54f51abf212a1430c7d92df5b0ad7b61
21d061724eea7ba70207488a7904f094724449cced745b73deacfe2c23b841c8
226da9f48ebc9864e8b739b01e030df91f4719e6848913a53ee56fd0598e6f32
22810d11db9e3b7a8869739cc149f2e0ddd53b0d8d47daf487a36071c935b472
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
242a54d4a8bd00e2f1068568a9d678b6079a32d04deb018459c6897723c402f4
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86
261075f38268ed40d6f8f02ea07b25a81975243b44f6a66f54b4af6749beae01
289e8bcac0574f4fc69e3c5d043055675e89bdf2e20197364cae75d63a3ab0f0
2a3da78f51ae44047a04da9343f3c9585bd4f05e171247f2b13f778927e6938f
2a8280fc86d184a0864eb033ea1b563a8f0e238b52d51c3c604c901b9fc7343e
2b00dc2e691d20fa1a7a9d0d2f1c6331fce115ad78ce7b70152cdf5f25466758
2b1da890affa3e6c19964b2374c65b931e322504d2e9c0777d5fb3ac29b68090
2b21a27575a54a68c3c294d2be79283d07127f078d53e694281de9d2e3929124
2cffcfaacd57b1261f9528bf5cf177907f5dbfc64d5f39796a8bb329e8d1a430
2e221305ae28c6a194cbc72d3555dfb5cc4e0a4da5205a0295d004d68bacfca6
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7b7470a6ea2fcf4a541efc8a22bcf4a0a243085664b36fd161ec8b3d5336eb
3153c27085802eefb01b348d02b285449539b7b2217dfe15bc38713cc143b166
327ab5ac2c2450c2cc55f53076dc4e427e4318ac9c846f4a192dcbe38e711d56
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33121a190fe341b5d3cca5eca2ee110ff13db5022f49cdb95396e55a8b50db61
34c2783955889deac2aa7c2924c1e0f4acc3e1e7fa7756bdcb2fb71a145fd9a4
351c1d6655444d1cea92df7ec6baebe01a0c03f2c3cb9be76e4ac7a7f61f9a6d
35c97e4cca560f7c02ee0447ec25b97f0a04ceb1271829f9f037222530c0792b
37672244a52270ade85c05501cf9a3d50c2417542537815c61e4bfc73a08be04
37dbd9c8838bf7334757a235906507a14287f9a2a676ca05b557d28939ef6c17
38bbcaec5cb774e2f991f236a69b7952424ae9dec3a6a788b1eda617683974a1
39ee71f05150c53a8511411e4878bf30cfced16c6e0f5a51794fe40ca5886274
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e199b8019a5af588b1c8697ddba67c9caf56cdcfaf27bb992ee0cba2f970dae
3e432cde51335ced38a487cfd97e7b3523e0863f3dd3ae0e40990ca620236b72
3f11ea09f5d7b9464f844fbe86016d22b3f2ea36ceec91993ae01c61e301a723
3f7ec7d03c22fa7ad6aded46122d2ea4c81a4c11f13ac1990a1e40f0703aa147
3f810ee2331d0485b52bcd7ff5ba1c55e32372dd56fe363b9d266aa85a10738e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40303a57b593feb48ba9040ed72ee5fcb55fbf38953344c09743114824909926
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
43eee97b916f7cae9cac6a504204f9b845ccb1c760f882bebd36fd6138948fca
440f0166e1519de9d0205385287c352e44d91198b2578bfd7138ce5146e1b1af
44bcd125e1b0a68234a78029da1dd530aaef5313dfff43a5f1d67f473e4ebee0
4519661bd0fd038549723cf4e4c0771a020c37054a0640773c578b71d3940b7a
469988d3c8c01780d601f947a6071de43a286f88cb325bcca9f510e9493ba4bd
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49558eb59906b76fdfdffe1a0fa6fce151a97c5557c2b123356cdd9f9e22e963
49907fa8e3c67675f143d2d13940ac5ebe29522c5feb70c570aab1e0c1fba2e3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd5260ea90808ac18a3ffde781c62f61e4c398b42d8d26e0a580a07f1db7834
4c67498e61b4fd83b2afc6b79ad322bf5f8a2d75478d29c71953e957f3b2e005
4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f
4d11136fe675c8b5f7c4d9702eb08c13349d3e441c65c6373d07798823dd8a7a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f92b7531b8be84f8ec216e97e26fd036c0105677a86708d2f1770201541dee3
5052c040fca127da60adcfc024f12ebaebed1e580475d9477fa22effa488b84d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51c3f4f3ef2984e833ae4a6307f53355051d3ba02625259f30dff89305f82991
53397e8cb7876e489ba3d1083644f5b222625c2c680b345d72518e43ab00866c
5350e40136d62c57afd4f1b060be9f53a79f9e7b45890edb22153936e65c31b0
5546d0ff1b85d0f8f104dd5ab27e302e9ed1d4f3639aa1699d4bf5ffcba58cd2
5574bf574baf4cd30f7d688072fe81de2ca3d4ae41a552e95597feae9eb1689d
559a79dfc55855934e68eae72c755fb1e381e5628cbf2928354ccb871e79beb9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b29652aff63528d8418d2d54265fbb0662fc581f2c786a6da062e8daf30103
55bfb9ad47894ed6dfcbf8ca87cfe17eafcdc83263c92ed650c60c641e1cc6a4
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
578c6bc79bd9ecc88572010e207a5096fa2f5c4959c6eb3457f94a35b8cd7962
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5865a4baadddae629b47e608ee23e84e913529a966d0951026cf68e038f01a8b
58da44613a9d090da0f7e9bb34f12438468f119a4a559d857bfd46db0a7da627
592981d629b8f6c7c30f896845758fb14dcf9ae3f19970d6a16659187cb3ae74
5939791999da690733c6ea56413f839646bf3e13dbf91d4e72ff7fe4ff21ceb9
5b03c373534630af1227f80129af67967bf2bf92c714b0f950a0afab0ab9aebb
5b90a610d7d016e93aa26ae47494e12495cb06fc887c2f1208c7d2bdd28a567d
5d0f7ab29686b654c8da7d354b6de499051f8849a747d4eb4f6fed216499053b
5d3935f754364c1fecb1bf02736ae62d2bec6ff5f16134d9c164e7e9ac829a2a
5d8d79b7f6c7888019b2fc878d9cafaa8b32a99d72ac2f33f1cf3d1b693efe38
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
60de5b6c89b1798dd63733cef509ea36f0a21475ff8c7ed6d007eb5d7200ec42
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63e55165cb26efa3df20628f8c2dfc0b13e7d7e7629761fe9f43b34d5498ea46
6404801f053e83baddebe03928a5980e241b5a03355e857b2f0fa08a06fd8439
642f146b443c8fccec40ebb23d6f55b821b0dfc6c0b05c0923aef88b69a920e0
65c270e8fa2f237334bf1931399d784288beab127d120120697dc51cf5276f1a
69c095218a41f63c1fc5a108346fa31503577aa41fc00a9fb99bcd6e942b2ee8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6489a7d04f10c1a0342b15616350774cb7fbe16e98341d13bde9ff539b7c51
6cffceab84a467166c18ba248a9e6ad6dd700294d65f96284dd7ce09c2f76b3d
6d5465f63253cc001e8237f3bc77e74c4a6321fa19e0c9f7f4cf879a7595aebe
6df910fcd643cbd56107145f5d9111812cc5a395aebffac18fffa0e687bb2501
6e469edd8bb85aa15616b181c9b0fffc73c3aebeb63a0f6119201a930f1748c4
7079c4a270a27cec5738869ff1c650bcb431e7427aa282e507005fbdd4102b4e
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623
72fde8b70588b988b58d54064a4ca3c092bf262d26f28278314842d994841170
73c69e61faf618b084ee16f0f85c9f67c916b26f38957a37b3769df366f26008
74f6e07677bbadba0d4f12ca87d592194535646d3bd7be6a687a51a35db94f5e
768677966f6b20ae9277176c55d6142241d084bf03fcf00e38820b415e6b3981
794a517d4fa302a47ad3df8f7566986ee333d2e02ff70a1f265668645574f690
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a48498f5db8ae8a7624a0150932e184eb1de17b6e2407d237aba929a60102ff
7b7159dee0b40d71f0bdb76ede03089892368ac691e0e13bcf96bdfeb2173b24
7bb50942bdac8ffe07d9ea86743f871425484d5f67a31b108d4cf1f79e1fdfee
7c804f59873212b2c2bc80375eb7bfe5574ce4115c35f3fd3ba04484d14a5f8c
7caed03b9ff5f829ff920fccb6142aa4a45944e2bc7b16051060cfce1f36a45c
7dbf3e1e6ab3244c06fb7cf5515e130b38eae37473dce4f8e279c3dcee192275
7dd34ce243727d4e17f47d507e0ab9de119f3be68ac893710ca75f42c21621b6
7e2cce7f73bc3f83060d91ca36fd92c07d5ecab40efa798a00e7526aa1e2e972
7e993eb98db05849910d8e25caa269e19ce18f74f846fc095c4cf3c7553e7c78
8046842cee252ba6b023a341edf49e091df274268bf1e816db3ac2fdccf0f863
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8162705b5bc98010ce7627c806178d6dc12be19d52d42870a342bc501e38d91a
82303473e3c990acccc11d4bbdd6f0d9a5debdeb9d9717074bbab023d5164cbc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86af650ed3452c03477e710c3d6f094d1198340d6111c0ebd73fefea6b92136c
86fea61899aa8fee9f8a560761e0e672adc50cc6efe4d863d4917239e794d057
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c9bbe742162fa5293b477b57ff3dee85206b67553d0a448a672ca207edf3760
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d78dbbecd229d23f3438cb0692401bc9dd0323a96dbbff657687849c153f7af
8d8d5648a9f1b36dd14faf9950380d6cc10fdb4434ef137af8a1b2032660dc2a
8e11196657c7714a0c107d58302d3196943fb9d38779ceccc9bf08ab89b9c3fe
8ee8cc3524ef2f28cbdcedf01c900a453b41b2ac8406f74023fe5cb8fcdcb308
91c90926e067942ddf4c93eac3e959a3c49eabf7e59be9ff1e33f645e8b496b7
927cacfdc833169c7198028d74935bb628fa945bea160684d92ac24a2513c0be
93299e37dcef382ea69e3e4e6fab10fc010ac2127e45e8b3874cbc28a8bf4fb5
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
93e382a900efba61c3e1a03d38c46678b2f55dd5b5cabfe2a38dcd78c5fdd495
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
981921c1fc5f74a7486afe18f42a342c0caf6b4de02476647a4ebc9be8a81e60
98bfc487823740fa3cf98756e8e62451867bfea08f8a6b8a848b2a74c4ef7ab3
98eeae7da9f01d54069ef3d56197ce881d448c5694776e10727746f2246870c3
99a4bbac12ba61a36d59f8b3decba8f90deec6e5c13dfa28a4d2cd65e9f48b7e
9b5a6af364cf3c48620c91908f0538b82cd6bd475f59bec5476e4b65e30780d2
9b74c67c147f5f4f1c65d8c4a2f58b361dc149bce292b83c074f6462cd9ecde3
9e6f8318b9d9b1766bac67f67543acca790025702cc4f565b4db01de19963548
9e9efcb83c65b19c1e5beda26cfd017576e8ed57bd67876ca87f7634ffc8bf8e
9f0384a2c4cddef7a95fce9cc026e0901482723d031610c2dc33f23864e8d5c3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a05abfa9ba902a9800f3a0a167ef489c66dbe7a072c4143146b69ade3038e321
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2fe8722e4b3f295274b5bc20261be61b319954ad768e38920a77e5cddd991ba
a32d926f7bb8fa275b1d9eda555b8e20534b38afe4e6918f6931b5934f8dd1eb
a35a51e32439cce8b4dd6734f65c18debec94ca81a30640b2ccaba988ce1639e
a4a0b85cedb268e0a9ff2b7a5f6b4f6d97ff1fabcb8f68f95251b36fa924e4f3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e05606b9ebdfed1222f72aba2bf464fb426c565c04f95db25e31f275872cc4
a68fcee04f6a1d6cfb2379cb7abf3cadad924ecca77c51f57dd191e7897e1a66
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a73f1e987c5c4ba6c6a44858165373f19de25e2a76279fa4074d951df8d152a3
a75bc6748f11f9c8d00e15ac501b01bb0bdc6b95c1a82b385b4ac8c78fdf39cd
a9c088d0bed5d4045ee54d91d4895f923caf85ada29048d8c458c35a6f1fa5e7
aa2cb5be32f08b6785703cde0c424fc80377a73d0c5518a5ac618adacc6c41e7
aa8cc6a5990d8b1b22a60cce1a006516706feaefdc09e5db8d94f41e85097be1
aab9e2e7c2f73090b47d4bfd4c17c79b9cfbf629e28d86a15bd79c414d7e2ec4
aace4c9b060146b9f61eed19bb66274f80496c05abd2bb05b838c75e0ed6e9f2
aad48e612efa9d7364a3ad0e06aaa0d46320b7a57cc13697a8997ee9ef7c9101
ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9
acd9d4cd7d0cb85abe0411ae9419a6edaebfc178ee733ac1b42f4159f1207342
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af12c096e170df6f4065048948d920207f7a9810fcf07896f1744d8dac9e6885
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27bbc6b538839546fe9c525b1cf88a4ff42986fc4c141fb002e152e67ab7149
b29149c7b0f754d9475a99bf20c9fb483a3decfec2ca36b7793bdb627cc11700
b2d748a7780ad4718cc34e8fa177ad0b9cddf64a0d106d4fc8ff40df51891c62
b38605a757493a1c40b44fba5067fc91d45e1fcba2005381bc9a1a8c16ebd05d
b42a8f061d537e435665bdaff50d139a57e2e9cea90aaca41d0e29d535358245
b53c2627dfab90adf4c1390e721a4f4ff030ce216a10f064cf4fea4f17c1a95e
b570ff0b65addb8846c8058012feebb8042ed02092ba8ccf8c104a9947899203
b63ac2b23b1437bea5c260f9f10ef111a261dc2778c65dd9ac59a24ffc51590d
b6cf400994136752808f6b55a50068d1743f1b38409f349504b55adbea3e5511
b9f237c470e5f7e47ebcd83e623e923b39fae432ebf49c6e04710bb056562761
ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485
bae15f95fbc648c43777ae5f02f3fff34e9066d436f977c03848f7fbf623ce7a
bb3a0b14d2820bcc0d3ebb3aaa6164286aa6bcdee11adf95905e76a75d9fd274
bb72b5f4123d51b4d7f486b834b4fef020000100a01afca311bc99822627dd4e
bbf725af901c16b2cae1d7975ef1d333a8ccccf2bea304aa738ff26640b42d30
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bd15182f08b6edd3c141ee2d23237e5103788415ca8267b5d8dc539fbd33d323
c08b4b19d3e685e573be8c23b4f455fc0ac3eb111530a13f0a2e73c7b88ed20b
c0adfe08302c6aca5a6134a34b1fe705d888f08a12a4d4aa3102c9c07a08d825
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c0f1d94bb70ffce78152b14fff0708c81d1c3e493f3b9dc0c93fd4e2076a2992
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c29d05994ebf8816d5b84993a6001884d5902dc37478ded7dfc7a0ed46e31c61
c37df288752e6f220cadbb1c1c9a14f987f62316a6987029df22e03e02c192f6
c43915049054d340f1c86af6977b96f8c79291c698bb33228a41a80649e0e653
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c4820acfd38e3af0e4654b00f0e39eb97ede5f9d325ca68170e1adfdc9d72b40
c4da19491323d8d60c03e8853f7ee48a90b310f2b77401549e1ea38c92279dc1
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c5450db47a29ecefc177e0971aebf148dc086bc2cb0cdeb1ce557638372113cb
c5524fec1e5504c4154a12b6097b8ba03a366c961d625c0147f28dbc7b16a34b
c63d04eaeb5e778371fa6382a0bd5496a80b82bef25302e79151489a31e29e5a
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368
c73804db3104d48cd1b2ff8cdab51e3069f74bd8906915de56b36132850943ce
c8121fc0108df78656b87370d403b619235f07ab18d720d8795529a85f67f1b5
c8d1432f818ce537e575b7808c6df7cec1a9137a78251d477e347a3982c1adc1
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9b64e51e10a124f9295d53e256465d2cf2db9060a7099ec9f9f4e064ec0d8f2
c9efd7fc7c05338def25dbdf68063a4efe9d34dd3bc854fae26cff90fbeef9e0
ca356d69f023a86170e7197b26266cc9f913b54fc90e96a760cec4152b7848b1
cc403de119d14765db15bcdadc8a2f4be7e32819fc56f976678f3406f196e68c
cd2294234d033ddfaf66ae3a7d45f5ff0636294cd0df1a9b36c863a6ba409626
ce4b251fccd0768f59398f76e9f0f22d0d1d875ea8b745c2c7248713034d814c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf80cc40303fc66454d523ddf9b9601674cc19f699bd840091af34f6ad23332b
cfbf85349e010714e5e86b712ac7dcae4d17f48e9cbff4157d6a995e74a5ac49
d02f0eac80179ced49946852170823b5bbdf962effc707f12b1a42ef10618c1d
d06bb96a2fa14b24dc3007fa87dc1cbd3031fdc6baca346081f57614568482ee
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d15414e3d12080fa59d0fad5f7bc47c71e7d49fcaf998f13ae2f3858cccf4962
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d20b4da129f642804459f05f5a0b911d92c3257796e9e77d51e3fad52d17e5ed
d28a3f7833fdc781f6d80b1354bb20bcf1aa50355525cc092fe0e10e00aff7e3
d2aba43b2f7dc73a8f138c5b6f2380b61a1ce4d706c1b625e896b9c909083555
d46a3ffab4d7121079278f925cb1b39180f62a0c305b065bec8e0305f5b2e4b5
d4928b122a9d092dc5d7c6ef44f4d66b1eff39a58ee33547dddbc1cb44400ffa
d4bc4b0a73c7880a721486b69750fe1290ae7f0cb4e83bf01b988522752794c4
d64ede886a459dc3475ba66135c45fba44d7d68e9a0ecc161af98f1087090822
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17
d741850cf4fa08cabc8fc8d73a1b099408e4f85e014cd2e08017423ecf9dc1e6
d82e79f001a8e94fe29d762e62e6cb4297738e3a9f5373e74248630a360fa0c6
d99d75a84d928b19c3a8a725a2fc4285412f96242e11af976306a10d51a26eda
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e07e37efcbafd74604f163c877247e93fa0fc269891026f386670427743474f7
e0c668ea42e25726dc5dc1244101d01455e26ac3c7b2da2b7ae9415ea48e4aac
e100b9ec450ea7453713cc233893a533529d0a76803f3b35d922da3cff301968
e13e09fa3c8e7e9dc2c852a608e50cdf97e74a06d28557b0bff8cc5392612155
e17b6ed8992591c71226d4fabf3e3c950fd4fffc596f865ad4dd6f9762ce96c3
e1b49fbe9260523c078550f035d23d8bab2f0a1b5450873965eead957ff0a841
e1ddb0bd4f279f24d00dee6fd0d2c188384b92a99dddfae587f7f0cea876a7e7
e1f3432e50849a4441e0ed30b773a7b5cab00716a62fb4cde1af95cd094d04da
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3440de1ee1bb3ab66c29563e17eb4bf54af4b626d1c5699cda704802a4f1a92
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40c74232db01d5bf33bab74b26cc3c3bc02c04a70cb539e62bda8391a306a51
e4617a5b39cda8cd99c5725cd79a12bf58f402b90f76c364ec7de7852ec15050
e536a158a9991e43e482c7b26796cb761f79a9e9fdf23c1274f8b9c30caecaa8
e5390516c1911fd1e0621b9736946759a56f0d0cff9671e5d4fa2aa11e80b846
e61fd45407ec94fcaf4f11a2a4cb98fc514a45a56d73be14ed0cbe8d896a4f4f
e6600dc3d4a01ea1e1f10f82d3046b4995142fa6c8d5e8564b0c3674f02fd85b
e7be357ddd89fe4f85dd3a2f16929f2344148d0ede966e9bf92febe1b998cc9b
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e85305c861f4d07b53fddbab9bd7a23ccd27f205e2eb088a4d99e2aca5cdab96
e8cef7681505748235ee32368c0fa14d0f63ef2163d50208bc0369df3912770d
e92131580be33adc0f7f3e63a86eb2fda7a504d599e1347cef2dba0ddb5ffa45
e9c5d540ca15f9e3fe0e7d830e36d306a59481e9cf6f3c9e07be4bdba5732768
eadd8fd658f956e748d413915e11e7ec4d0b481f32be1b76483d61cb8a343316
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec67132e5c9bf3970bb1fd7ff7d1af523ef919c33a0aad70bf3076aff2e5e89d
ecdc1a24a0a56f42da0ee128d4c2e35235ef86acfbf98aab933aeb9cc5813bed
ed063a25eca9287d2f15a3b03460fe21d96da08d395832d368c8bfc61ef11f26
ee0b4a263c36dbbfa3074ac082822dfb8edbdb4aeaaa3b0c39b755ead4bf3110
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef0423678b64273b3ed7c54d42b196336fbf0d0114fd7b018fe3848fcc42478d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1fd7e40db07cda820fb7de71f1d901dff4dea6b042433d39277ce581962fd5
f1abb286d1717fdf74dde53c804db0e079607143466de5a8873782d973a9965c
f242962ab816cec971ddfa32f4108054205e7a60fc4216c511a7dc4885d9ca13
f2bdb38871c75238340b8d25ea4ce6023ff045c1472e4bb47373faf66ffbcf5d
f32cf2bda124e2ae84d14dfeee3ae15a41f45797cafb30253a1b30375346e23f
f3ba0e62f56eda713cffebaef2120dba4f5d372c07b6e8fa276e269b336f4090
f4ad7e9484f6692604b3f655fbaea24510d150f8711629b400e3df608e8ee587
f61688005182d603aef2a4c6ef98f941f7337340e7b6db48c6b2bae62eec4a37
f627c263ea8004adc0ce483b25204b1b39437b0c437f8a820b62d1323707c67b
f72f79730eb9cbad4fbf513eb950c1b52aa4f7e7013566ee70f29f1696dfae9a
f74a32e5a4f6d1cae28c38950b2295074af158c8c1d30af26cd94151cf62ce15
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
f9047b80e8f427e88ee89204e2425aacb25d3916a00faa2a536e328fcafec318
fa76424920e150778194ca1b8ed906ee70bd35b17ac01aa25f2293249c108777
fb58471848f71c62b2d36d8c3c495acf62109dd480bc0a0bb013f078655cb9ff
fbc2996447e9dca6dc4afaaff217feffd2e046c5a2811ef8c880fccf7a1df7df
fc375e5895482c998a5d2df369d3e4fa035e4d5df110a75bf343da53d713ace7

bongdaplus.vn Open in urlscan Pro 42.117.1.227 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

644 Requests

92 %HTTPS

33 %IPv6

73 Domains

131 Subdomains

108 IPs

15 Countries

11072 kBTransfer

21632 kBSize

75 Cookies

5 Outgoing links

Redirected requests

644 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bongdaplus.vn Open in urlscan Pro
42.117.1.227 Public Scan

Screenshot
Live screenshot

Full Image

644
Requests

92 %
HTTPS

33 %
IPv6

73
Domains

131
Subdomains

108
IPs

15
Countries

11072 kB
Transfer

21632 kB
Size

75
Cookies

644 HTTP transactions
13 data transactions