tinhte.vn Open in urlscan Pro
125.212.247.8 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tinhte.vn/members/nflowtech.2978799/
Submission: On May 24 via manual (May 24th 2023, 1:30:23 pm UTC) from IN — Scanned from DE

Summary HTTP 95 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 12 domains to perform 95 HTTP transactions. The main IP is 125.212.247.8, located in Ho Chi Minh City, Viet Nam and belongs to VIETEL-AS-AP Viettel Group, VN. The main domain is tinhte.vn. The Cisco Umbrella rank of the primary domain is 128625.
TLS certificate: Issued by R3 on March 6th 2023. Valid for: 3 months.

This is the only time tinhte.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	125.212.247.8 125.212.247.8	7552 (VIETEL-AS...) (VIETEL-AS-AP Viettel Group)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
23	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1 14	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
95	20

18 125.212.247.8 (Ho Chi Minh City, Viet Nam)

ASN7552 (VIETEL-AS-AP Viettel Group, VN)

tinhte.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	googlesyndication.com 1 redirects 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 tpc.googlesyndication.com — Cisco Umbrella Rank: 132	136 KB
18	tinhte.vn tinhte.vn — Cisco Umbrella Rank: 128625	264 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	138 KB
9	google.com apis.google.com — Cisco Umbrella Rank: 109 region1.analytics.google.com — Cisco Umbrella Rank: 3686 accounts.google.com — Cisco Umbrella Rank: 33 adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	120 KB
7	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 76 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184	206 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 320 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 589 fonts.googleapis.com — Cisco Umbrella Rank: 35	36 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	131 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	230 B
2	google.de www.google.de — Cisco Umbrella Rank: 6080 adservice.google.de — Cisco Umbrella Rank: 9037	939 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 157	114 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	159 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2230	54 B
95	12

	Domain	Requested by
18	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com tinhte.vn www.gstatic.com 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com www.googletagservices.com
18	tinhte.vn	tinhte.vn
14	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net tpc.googlesyndication.com 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
8	www.gstatic.com	tinhte.vn accounts.google.com 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net tinhte.vn 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
3	785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	accounts.google.com	apis.google.com tinhte.vn www.gstatic.com
3	apis.google.com	tinhte.vn apis.google.com
3	www.googletagservices.com	ajax.googleapis.com 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
2	www.facebook.com	tinhte.vn
2	firebaseinstallations.googleapis.com	www.gstatic.com
2	connect.facebook.net	tinhte.vn connect.facebook.net
2	www.googletagmanager.com	tinhte.vn www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.google.de	tinhte.vn
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	ajax.googleapis.com	tinhte.vn
95	23

This site contains links to these domains. Also see Links.

Domain
camera.tinhte.vn
nhattao.com
www.facebook.com
xe.tinhte.vn
nflowtech.com
feeds.feedburner.com
www.khacten.com
apachai.com
www.1tudien.com
www.5giay.vn
www.webtretho.com
bkvn.com
fb.com
twitter.com
www.youtube.com
plus.google.com
mudim.googlecode.com

Subject Issuer	Validity	Valid
tinhte.vn R3	`2023-03-06` - `2023-06-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-02` - `2023-05-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://tinhte.vn/members/nflowtech.2978799/
Frame ID: 1C7CAE0E0CA0AD80C004C9C316A75A2B
Requests: 44 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 2769B5EDA6525C74C6223423A0468B7A
Requests: 4 HTTP requests in this frame

Frame: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 84584E1A13AC78BA369ABC5834AD24E4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0E03911F1997C06C9FA64C3ECB9BFB27
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5A00409494492886C8D054A700517609
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 926FCB96500C1354E81790938822115D
Requests: 2 HTTP requests in this frame

Frame: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 347A5E0C40E39CCC7DC2B8690024A28C
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js
Frame ID: AB148A7F78E260B709419FFD9CFE37CC
Requests: 1 HTTP requests in this frame

Frame: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CBE84099AF78E80D384D844342ED4BC5
Requests: 27 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js
Frame ID: BEE41C3B3E8137FE5D328C69FBC8BCDF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

nflowtech | Tinhte.vn

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

95
Requests

99 %
HTTPS

95 %
IPv6

12
Domains

23
Subdomains

20
IPs

4
Countries

1305 kB
Transfer

3685 kB
Size

12
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://camera.tinhte.vn/
Title: Camera

Search URL Search Domain Scan URL

URL: https://nhattao.com/f/camera.556/
Title: Mua Bán Camera

Search URL Search Domain Scan URL

URL: http://www.facebook.com/camera.tinhte.vn
Title: Facebook

Search URL Search Domain Scan URL

URL: https://xe.tinhte.vn/
Title: Xe

Search URL Search Domain Scan URL

URL: https://nhattao.com/f/dien-thoai.543/
Title: Mua bán điện thoại

Search URL Search Domain Scan URL

URL: https://nhattao.com/f/may-tinh.553/
Title: Mua bán máy tính

Search URL Search Domain Scan URL

URL: https://nhattao.com/f/may-tinh-bang.548/
Title: Mua bán máy tính bảng

Search URL Search Domain Scan URL

URL: https://nhattao.com/f/do-cong-nghe.562/
Title: Mua bán đồ công nghệ

Search URL Search Domain Scan URL

URL: https://nhattao.com/f/xe.532/
Title: Mua bán xe

Search URL Search Domain Scan URL

URL: https://nhattao.com/f/dien-may.602/
Title: Điện máy

Search URL Search Domain Scan URL

URL: https://nhattao.com/f/sim-dien-thoai.533/
Title: Mua bán sim, sim 3g

Search URL Search Domain Scan URL

URL: https://nflowtech.com/insights/category/seo/
Title: https://nflowtech.com/insights/category/seo/

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/tinhte
Title: Tinhte.vn RSS

Search URL Search Domain Scan URL

URL: http://www.khacten.com/
Title: Khacten.com

Search URL Search Domain Scan URL

URL: https://apachai.com/
Title: Apachai

Search URL Search Domain Scan URL

URL: http://www.1tudien.com/
Title: 1TuDien.com

Search URL Search Domain Scan URL

URL: http://www.5giay.vn/
Title: 5Giay.vn

Search URL Search Domain Scan URL

URL: http://www.webtretho.com/
Title: Webtretho.com

Search URL Search Domain Scan URL

URL: https://bkvn.com/
Title: Biker Vietnam

Search URL Search Domain Scan URL

URL: https://fb.com/tinhte

Search URL Search Domain Scan URL

URL: https://twitter.com/tinhtefan

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/tinhtevideo

Search URL Search Domain Scan URL

URL: https://plus.google.com/+tinhte

Search URL Search Domain Scan URL

URL: http://mudim.googlecode.com/
Title: Mudim

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

95 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
tinhte.vn/members/nflowtech.2978799/ 57 KB
16 KB 1123ms
547ms Document
text/html 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL

https://tinhte.vn/members/nflowtech.2978799/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),

Reverse DNS

Software

nginx /

Resource Hash

6468d8eae0646f81042b0fae4a527e49928c0ec8e2cc27ee0b7059e64c811f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-control: private, max-age=0
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 24 May 2023 13:30:16 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Wed, 24 May 2023 13:30:16 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1

GET
H/1.1 200
OK css.php
tinhte.vn/ 87 KB
19 KB 541ms
541ms Stylesheet
text/css 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/css.php?css=xenforo,form,public&style=85&dir=LTR&d=1684722403
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 38a0cab40a9e38b9d9de8917056e09aaebae7f40ab8ad28b8fba99de8abec7f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/members/nflowtech.2978799/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 13:30:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 May 2023 02:26:43 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public
Expires: Wed, 01 Jan 2020 00:00:00 GMT

GET
H/1.1 200
OK css.php
tinhte.vn/ 16 KB
4 KB 383ms
274ms Stylesheet
text/css 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/css.php?css=bdad,bdsigninwithapple_button,facebook,google,login_bar,member_view,message_simple,nat_public_css,twitter,uix_extendedFooter&style=85&dir=LTR&d=1684722403
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 6d037e538a58d57577002b0cc2f54ec670a8fac3110f05ca760436030f186577

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/members/nflowtech.2978799/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 13:30:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 May 2023 02:26:43 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public
Expires: Wed, 01 Jan 2020 00:00:00 GMT

GET
H/1.1 200
OK css.php
tinhte.vn/ 78 KB
16 KB 663ms
279ms Stylesheet
text/css 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/css.php?css=uix,uiflex,dimota&style=85&dir=LTR&d=1684722403
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: c925de120c3e4e5360949cb3899d31179e23689428ff8f090cec31748668e0c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/members/nflowtech.2978799/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 13:30:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 May 2023 02:26:43 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public
Expires: Wed, 01 Jan 2020 00:00:00 GMT

GET
H/1.1 200
OK css.php
tinhte.vn/ 36 KB
8 KB 806ms
272ms Stylesheet
text/css 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/css.php?css=EXTRA&style=85&dir=LTR&d=1684722403
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 3dd183b281d3f2fe04a206f55e78914f5edb6da7dab09584d821a64998180ca3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/members/nflowtech.2978799/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 13:30:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 May 2023 02:26:43 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public
Expires: Wed, 01 Jan 2020 00:00:00 GMT

GET
H/1.1 200
OK font-awesome.min.css
tinhte.vn/styles/uiflex/uix/css/ 28 KB
7 KB 805ms
271ms Stylesheet
text/css 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/styles/uiflex/uix/css/font-awesome.min.css
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/members/nflowtech.2978799/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 13:30:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 May 2023 08:04:46 GMT
Server: nginx
ETag: W/"646dc51e-7187"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: text/css
Cache-Control: max-age=31536000, public
Expires: Thu, 23 May 2024 13:30:17 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 131ms
41ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 11:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 May 2024 11:30:08 GMT

GET
H/1.1 200
OK xenforo.js Show response
tinhte.vn/js/xenforo/ 166 KB
53 KB 819ms
278ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/js/xenforo/xenforo.js?_v=5e07e9ea
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: d4abe0ab3ebdcc83eccd33a616828aef540e3eb1392169c9cd97ea71ac6dff2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/members/nflowtech.2978799/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 13:30:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 May 2023 08:04:45 GMT
Server: nginx
ETag: W/"646dc51d-29747"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Expires: Thu, 23 May 2024 13:30:17 GMT

GET
H/1.1 200
OK cors.min.js Show response
tinhte.vn/js/bdReroute/ 302 B
632 B 820ms
270ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/js/bdReroute/cors.min.js?_v=5e07e9ea
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: a721e5bcec174ca1fb65ddcd5fce3fe7c73f62dbd1a28ab6376b282e70985f80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/members/nflowtech.2978799/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 13:30:17 GMT
Last-Modified: Wed, 24 May 2023 08:04:45 GMT
Server: nginx
ETag: "646dc51d-12e"
Vary: Origin
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 302
Expires: Thu, 23 May 2024 13:30:17 GMT

GET
H/1.1 200
OK quick_reply_profile.js Show response
tinhte.vn/js/xenforo/ 2 KB
3 KB 826ms
271ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/js/xenforo/quick_reply_profile.js?_v=5e07e9ea
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: d7fa4d8d6241eac2c0a2a7ad98c59a0b51291800f549b8abec82c9ec697c4f7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/members/nflowtech.2978799/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 13:30:17 GMT
Last-Modified: Wed, 24 May 2023 08:04:45 GMT
Server: nginx
ETag: "646dc51d-989"
Vary: Origin
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 2441
Expires: Thu, 23 May 2024 13:30:17 GMT

GET
H/1.1 200
OK loader.min.js Show response
tinhte.vn/js/bdAd/ 3 KB
3 KB 943ms
280ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/js/bdAd/loader.min.js?_v=5e07e9ea
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 4e85bc98122717e398bc7a85587e79c0c4761e6eda4b9b48757936c284383ddf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/members/nflowtech.2978799/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 13:30:17 GMT
Last-Modified: Wed, 24 May 2023 08:04:45 GMT
Server: nginx
ETag: "646dc51d-a3d"
Vary: Origin
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 2621
Expires: Thu, 23 May 2024 13:30:17 GMT

GET
H/1.1 200
OK mudim.js Show response
tinhte.vn/js/vim/ 21 KB
10 KB 1078ms
271ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/js/vim/mudim.js?_v=5e07e9ea
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: c8866444fa94d600f25d84554edc9d6ed1aa0b2c4f232057040ceec743e4779c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/members/nflowtech.2978799/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 13:30:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 May 2023 08:04:45 GMT
Server: nginx
ETag: W/"646dc51d-55df"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Expires: Thu, 23 May 2024 13:30:17 GMT

GET
H/1.1 200
OK preview.min.js Show response
tinhte.vn/js/Tinhte/XenTag/ 448 B
778 B 1077ms
270ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/js/Tinhte/XenTag/preview.min.js?_v=5e07e9ea
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 74d7769cba3b7e8b597892ce352e3130f38ba2056a74c7b944e262d64b89f1a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/members/nflowtech.2978799/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 13:30:17 GMT
Last-Modified: Wed, 24 May 2023 08:04:45 GMT
Server: nginx
ETag: "646dc51d-1c0"
Vary: Origin
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 448
Expires: Thu, 23 May 2024 13:30:17 GMT

GET
H/1.1 200
OK functions.min.js Show response
tinhte.vn/js/audentio/uiflex/ 143 KB
35 KB 1362ms
542ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/js/audentio/uiflex/functions.min.js?_v=5e07e9ea_1.5.21.0_2
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: c7428f4465dd36da8014a7f90613f1ce73deeefd2cf31ee056c13f2a73137f43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/members/nflowtech.2978799/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 13:30:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 May 2023 08:04:45 GMT
Server: nginx
ETag: W/"646dc51d-23ae2"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Expires: Thu, 23 May 2024 13:30:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
87 KB 157ms
68ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EHPF9BTE3E

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e2d979d698b778dea5b3d75dd5941f7e2ce26f34c46a3d72f76b3cacd48ecade

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 13:30:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89027
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 May 2023 13:30:18 GMT

GET
H/1.1 200
OK logo_small.png
tinhte.vn/styles/uiflex/dimota/ 7 KB
7 KB 269ms
268ms Image
image/png 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinhte.vn/styles/uiflex/dimota/logo_small.png
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: b7fcae64a91e4fe18790234505d58c7c38222526b359f69035710c1942e33f83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/members/nflowtech.2978799/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 13:30:18 GMT
Last-Modified: Wed, 24 May 2023 08:04:46 GMT
Server: nginx
ETag: "646dc51e-1a26"
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 6694
Expires: Thu, 23 May 2024 13:30:18 GMT

GET
H/1.1 200
OK avatar_8.png
tinhte.vn/styles/default/TinhteMods/avatars/ 9 KB
9 KB 249ms
248ms Image
image/png 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinhte.vn/styles/default/TinhteMods/avatars/avatar_8.png
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 32d093159756c9c2270cef89318f1e0f77e97ebd48e38156df4c28bbc2aa91e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/members/nflowtech.2978799/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 13:30:18 GMT
Last-Modified: Wed, 24 May 2023 08:04:46 GMT
Server: nginx
ETag: "646dc51e-22e4"
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 8932
Expires: Thu, 23 May 2024 13:30:18 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/7.5.2/ 16 KB
6 KB 348ms
42ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.5.2/firebase-app.js

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7115cf06d4df2dac1341740391401d708853a555b5b5bbfdf135491e9e58446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 05:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 374581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5581
x-xss-protection: 0
last-modified: Fri, 06 Dec 2019 21:21:46 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 May 2024 05:27:17 GMT

GET
H2 200 firebase-analytics.js Show response
www.gstatic.com/firebasejs/7.5.2/ 22 KB
7 KB 75ms
45ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.5.2/firebase-analytics.js

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aaff843d07f3d074dd6dc797a05226cccff351ee6ce849b316070b54a6e8701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7256
x-xss-protection: 0
last-modified: Fri, 06 Dec 2019 21:21:46 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 May 2024 14:11:52 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 122ms
40ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8fbf7e16e3604db25ab37c4a496865033167bb550e3b2e92f1070424f48723a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 24 May 2023 13:30:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27497
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: fxgAogBBNVyyXbvTtI7FbG5KcRl7nZy0IRru6Haj8jZKBFt5v9fZPOiGmag0QqgoU/JEgE1eWERhQJYPyutEtQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK issue144_66x66.png
tinhte.vn/styles/uiflex/ 3 KB
3 KB 246ms
246ms Image
image/png 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinhte.vn/styles/uiflex/issue144_66x66.png
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/css.php?css=EXTRA&style=85&dir=LTR&d=1684722403
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: d1904ce3bf0eec24efb6dc26d4a75882d2d781925309ec88b0136b1b02045476

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/css.php?css=EXTRA&style=85&dir=LTR&d=1684722403
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 13:30:18 GMT
Last-Modified: Wed, 24 May 2023 08:01:10 GMT
Server: nginx
ETag: "646dc446-a1d"
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 2589
Expires: Thu, 23 May 2024 13:30:18 GMT

GET
H/1.1 200
OK form-button-white-25px.png
tinhte.vn/styles/uiflex/xenforo/gradients/ 192 B
508 B 245ms
245ms Image
image/png 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinhte.vn/styles/uiflex/xenforo/gradients/form-button-white-25px.png
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/css.php?css=xenforo,form,public&style=85&dir=LTR&d=1684722403
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 6a7df56f580bf0b383dfcacf6f1962e04f5acbb343b270fa4749a16864cac5ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/css.php?css=xenforo,form,public&style=85&dir=LTR&d=1684722403
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 13:30:18 GMT
Last-Modified: Wed, 24 May 2023 08:04:46 GMT
Server: nginx
ETag: "646dc51e-c0"
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 192
Expires: Thu, 23 May 2024 13:30:18 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
tinhte.vn/styles/uiflex/uix/fonts/ 70 KB
71 KB 254ms
254ms Font
font/woff2 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/styles/uiflex/uix/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/styles/uiflex/uix/css/font-awesome.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://tinhte.vn/styles/uiflex/uix/css/font-awesome.min.css
Origin: https://tinhte.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 13:30:18 GMT
Last-Modified: Wed, 24 May 2023 08:04:46 GMT
Server: nginx
ETag: "646dc51e-118d8"
Vary: Origin
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: font/woff2
Access-Control-Allow-Origin: https://tinhte.vn
Cache-Control: max-age=31536000, public
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 71896
Expires: Thu, 23 May 2024 13:30:18 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 76 KB
25 KB 176ms
87ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js?origin=tinhte.vn&_=1684935017540

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a5a6a3550629fab40c305061f38ee37e8805f35635b67a4d7ce066f1687bb72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 13:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25311
x-xss-protection: 0
server: cafe
etag: 411 / 19501 / m202305180101 / config-hash: 11214031862051598875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 24 May 2023 13:30:18 GMT

GET
H2 200 api:client.js Show response
apis.google.com/js/ 18 KB
7 KB 137ms
48ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api:client.js

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/js/xenforo/xenforo.js?_v=5e07e9ea

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

601011cf2e653026a810c298d57b01536a51e0edccf07810c11675c7522eeb2a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 May 2023 13:30:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7118
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "4efb9e2f91fd06ea"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 13:30:18 GMT

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/tinhte-apps/ 623 B
675 B 358ms
358ms Fetch
application/json 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/tinhte-apps/installations

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.5.2/firebase-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0edf333f58b6eb48c1187af6e38afb1a762b8e858757e8c26643ecb0b2068e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://tinhte.vn/
x-goog-api-key: AIzaSyDWAPFMaWXFbERvNRUpiMdEvvVEo4_4gtc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

date: Wed, 24 May 2023 13:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://tinhte.vn
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 485
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/tinhte-apps/ Frame 0
0 152ms
51ms Preflight
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/tinhte-apps/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://tinhte.vn
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://tinhte.vn
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 24 May 2023 13:30:18 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 480704548985430 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 42ms
41ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/480704548985430?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9180951f2607bef1f27ae9efb7dbfc1ae75394128eff4da38090ca67a60c955f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 24 May 2023 13:30:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87924
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: STWBfcFz8OO4l69jMvKzIbSxgX7zU9YcPW6UWpC5sHopnQ78xgcUuwc9CpVj/ehAnDjZhmK5vaI5XFbDt780yg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.WnxEgvkNgAg.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O7Sgrhowig-zfKO-dPnUfkkJkpg/ 315 KB
108 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.WnxEgvkNgAg.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O7Sgrhowig-zfKO-dPnUfkkJkpg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api:client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72a16432c9b5501a7ded930d43ecc113abd3f58704b22f4fe7a5156f841d46e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 23:24:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109962
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 16:21:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 23:24:28 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.WnxEgvkNgAg.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O7Sgrhowig-zfKO-dPnUfkkJkpg/ 62 B
154 B 129ms
129ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.WnxEgvkNgAg.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O7Sgrhowig-zfKO-dPnUfkkJkpg/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api:client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 04:57:36 GMT
x-content-type-options: nosniff
age: 117162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 16:21:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 04:57:36 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 139ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EHPF9BTE3E&gtm=45je35m0&_p=1615264951&_gaz=1&cid=411576919.1684935018&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1684935018&sct=1&seg=0&dl=https%3A%2F%2Ftinhte.vn%2Fmembers%2Fnflowtech.2978799%2F&dt=nflowtech%20%7C%20Tinhte.vn&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EHPF9BTE3E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 13:30:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tinhte.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 144ms
48ms Ping
text/plain 2a00:1450:400c:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EHPF9BTE3E&cid=411576919.1684935018&gtm=45je35m0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EHPF9BTE3E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 13:30:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tinhte.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 198 KB
71 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L2J9ZH0B0E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EHPF9BTE3E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4085a696936b5ec53fd22e2c44cefead8227802b0b3ce0f48f9ddba8d30d4e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 13:30:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72885
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 May 2023 13:30:18 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 168ms
78ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EHPF9BTE3E&cid=411576919.1684935018&gtm=45je35m0&aip=1&z=609122489

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 13:30:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 123ms
40ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=480704548985430&ev=PageView&dl=https%3A%2F%2Ftinhte.vn%2Fmembers%2Fnflowtech.2978799%2F&rl=&if=false&ts=1684935018437&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1684935018436.1737755763&it=1684935018316&coo=false&rqm=GET

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 24 May 2023 13:30:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/ 408 KB
126 KB 148ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?origin=tinhte.vn&_=1684935017540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef30c883b4b4e4b45057fb38e75477aa1b847d061b19ff032e26c5d3a789961c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 09:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13743
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128769
x-xss-protection: 0
server: cafe
etag: 11452098575748349983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 23 May 2024 09:41:15 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 60 B
592 B 181ms
74ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=tinhte.vn

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?origin=tinhte.vn&_=1684935017540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aca76e18451aef01eb2d1ffc4e9773d561def4b7fc9d31dcd08f09a7555d645e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 13:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50
x-xss-protection: 0
expires: Wed, 24 May 2023 13:30:18 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 47ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-L2J9ZH0B0E&gtm=45je35m0&_p=1615264951&_fid=dpcDRX1XxKomg3dvyqw388&cid=411576919.1684935018&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684935018&sct=1&seg=0&dl=https%3A%2F%2Ftinhte.vn%2Fmembers%2Fnflowtech.2978799%2F&dt=nflowtech%20%7C%20Tinhte.vn&en=page_view&_fv=1&_ss=1&_ee=1&ep.origin=firebase
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L2J9ZH0B0E&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 13:30:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tinhte.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 2769 280 B
1 KB 141ms
52ms Document
text/html 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.WnxEgvkNgAg.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O7Sgrhowig-zfKO-dPnUfkkJkpg/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f050f74cb21b55f33af1953889cf7412b2c9dacf0f4a4e69b79acece29a8a5c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DV0HOoXvOeRQXABw69dm8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tinhte.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-DV0HOoXvOeRQXABw69dm8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 13:30:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.qnYSxJIaCys.es5.O/d=1/rs=AOaEmlFefDlc-P5LfTibVsKYCVCN_p5rhQ/ Frame 2769 101 KB
35 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.qnYSxJIaCys.es5.O/d=1/rs=AOaEmlFefDlc-P5LfTibVsKYCVCN_p5rhQ/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d3c63a3abb186a48ac52bfc3f1fbad81a8b6f1a9ae59a421a4c821b1871d13b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:57:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35329
x-xss-protection: 0
last-modified: Sat, 13 May 2023 00:40:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 22:57:47 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 137ms
49ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tinhte.vn

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 13:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 138ms
49ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tinhte.vn

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 13:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 117 KB
38 KB 867ms
866ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3554119150681467&correlator=1127472514561894&eid=31072879&output=ldjh&gdfp_req=1&vrg=202305180101&ptt=17&impl=fifs&iu_parts=3823916%2CTinhte_Desktop_Forum_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=2628168687&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1684935018753&lmt=1684935016&dlt=1684935016720&idt=2004&adxs=436&adys=125&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Ftinhte.vn%2Fmembers%2Fnflowtech.2978799%2F&frm=20&vis=1&psz=1600x90&msz=728x-1&fws=4&ohw=728&ga_vid=411576919.1684935018&ga_sid=1684935019&ga_hid=1615264951&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ad2dda4ed3d0bb25b3a85296abf85865113585c9873460b24b9ec2c3a96df1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 13:30:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38253
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tinhte.vn
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 129 KB
41 KB 1380ms
1379ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3554119150681467&correlator=1127472514561894&eid=31072879&output=ldjh&gdfp_req=1&vrg=202305180101&ptt=17&impl=fifs&iu_parts=3823916%2CTinhte_Desktop_Bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&adks=983309566&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1684935018787&lmt=1684935016&dlt=1684935016720&idt=2004&adxs=436&adys=810&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Ftinhte.vn%2Fmembers%2Fnflowtech.2978799%2F&frm=20&vis=1&psz=1138x90&msz=728x-1&fws=4&ohw=728&ga_vid=411576919.1684935018&ga_sid=1684935019&ga_hid=1615264951&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95ae65450ec3200ab5bf28c4a0afaa0828ce381e69b5bc751c79c76f06878acd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 13:30:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41510
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tinhte.vn
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8458 6 KB
3 KB 180ms
47ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tinhte.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 13:30:18 GMT
expires: Thu, 23 May 2024 13:30:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 2769 2 KB
915 B 58ms
57ms Other
text/html 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

683de4b908bf5e289f918f7479b0fad1f8dc7e0f7a7221195446671de58a6e8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 24 May 2023 13:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 2769 49 B
663 B 56ms
56ms XHR
application/json 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Ftinhte.vn&client_id=572333712218-17emelrtbjqlumrd326fbnrjb2ma4kh5.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.qnYSxJIaCys.es5.O/d=1/rs=AOaEmlFefDlc-P5LfTibVsKYCVCN_p5rhQ/m=base

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-bzcHuUHcVvcGAk_yIhYYOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 13:30:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-bzcHuUHcVvcGAk_yIhYYOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-encoding: gzip
cross-origin-embedder-policy: require-corp
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin
content-type: application/json; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 24 May 2023 13:30:18 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 0E03 0
45 B 41ms
40ms Document
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://tinhte.vn
Referer: https://tinhte.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://tinhte.vn
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 13:30:18 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 183ms
89ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cdd51d758c24dd4609ea9a59fcd5d5b4f4ac3470fb4fb0f165cc659f167cfec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 13:30:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11112
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 154ms
59ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 13:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 May 2023 13:30:19 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5A00 13 KB
5 KB 41ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tinhte.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1413
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 13:06:46 GMT
expires: Thu, 23 May 2024 13:06:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 926F 783 B
1 KB 149ms
60ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

97b8570c5d15f9ed6c0c47a7aaa08440b8d47f04b398444a7957c1998f3953f9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s5SN2H0L2snp3pNAh2QtGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tinhte.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-s5SN2H0L2snp3pNAh2QtGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 13:30:19 GMT
expires: Wed, 24 May 2023 13:30:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A00 37 KB
14 KB 122ms
41ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 11:34:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14642
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 May 2024 11:34:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 926F 0
0 74ms
73ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305180101&jk=3554119150681467&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5A00 0
10 B 40ms
39ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Dbh5aw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 13:30:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 347A 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tinhte.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 13:30:18 GMT
expires: Thu, 23 May 2024 13:30:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 347A 4 KB
1 KB 140ms
49ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
URL: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 May 2023 13:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 May 2023 13:13:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 May 2023 13:30:19 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 347A 2 KB
765 B 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
URL: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:21:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:21:32 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 347A 0
0 84ms
84ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C18IiahFuZKTzM4-qnsEP_PS5qA_vg8Shbr_Ir6y_DszHmqb9CBABILqSnpoBYJWCgICQB6ABsLqh1wPIAQmpAl9W57-wGLI-4AIAqAMByAPLBKoE9AFP0G-ST2G1CycWEHfhqNptrHQaS-g7Zp6a3dit2XDdA2fjnvz3WJzSdWdBCeMNkWJwaZPXIYqcxLoae_ymuTZ7g_Sn5deX0yEiagB7PF6amSAKRlWlo-QxQ4By468atVDKOBOhWq-I8GX1zsbiK7j0qo30P-oYGPe8UGAR6T821zAMvqEktYF7ZtGZoGpYEiVISvZ_BNMLa4ftWvyP1QW0NjUtc54xHwdA_OujeX4Bxs-C-xuRnxUNHfa-6B2HZ398vMfocGgR335Du4aWqBTUc6QhsMQzcLuTtkAaD-VO3-hFFYOufWnIcdNfg1DAmj0vQMxVwATJmKmq4APgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHxfetPqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCJzQPSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoByAsB2BMMiBQC0BUBgBcBshceChwIABIUcHViLTE1NDg3MDE0NDMwNjk4MjEYtOwP&sigh=SmB60rt9V3U&uach_m=[UACH]&cid=CAQSSwBygQiDWy3jvrXmwj0lYQNEXf3bTvPL1nIzhFd5hh6XyyexKp2vT3q57sFjt7ygyxTLUEUoQy6tVGtEan-t2Ip7DoeJ_lQ9no7bgRgB&template_id=494
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame 347A 22 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Host: 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
URL: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:18:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 347A 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
URL: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:41:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 10:41:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 347A 19 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
URL: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:18:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 347A 171 KB
53 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
URL: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 13:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 13:30:19 GMT

GET
H3 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame 347A 32 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
URL: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Wed, 17 May 2023 01:31:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 07:59:56 GMT

GET
DATA 200
OK truncated
/ Frame 347A 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame 347A
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

40ms
40ms

Image
image/png

2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Host: 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
URL: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 19:41:57 GMT
x-content-type-options: nosniff
age: 323302
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 19:41:57 GMT

Redirect headers

date: Wed, 24 May 2023 09:29:51 GMT
x-content-type-options: nosniff
server: cafe
age: 14428
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 23 Jun 2023 09:29:51 GMT

GET
DATA 200
OK truncated
/ Frame 347A 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fafdfbb5c73d056bb8efaeee32abc44948da13359d9914484eccf971856063c3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 347A 16 KB
16 KB 128ms
39ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 21:03:36 GMT
x-content-type-options: nosniff
age: 318404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 21:03:36 GMT

GET
H3 200 cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js Show response
pagead2.googlesyndication.com/bg/ Frame AB14 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/members/nflowtech.2978799/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 11:34:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14642
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 May 2024 11:34:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 78ms
77ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305180101&jk=3554119150681467&bg=!Hh2lHUnNAAZ8_aWmXP07ADkAdvg8WjrFXsG8kej4BNZdfT9zPLsOOrBVLvpbUlGfQ75URmT35Bck70nVIcIyT0uChb14Vi8lSoACAAAAR1IAAAAEaAEHmQKcUyrPaZbgRQoYyPrjZpepETJ-DfhmeCsdJAXCzlyEr0xg-v7vgyjYl51a6Ibg3LU9lPjtx_8tZECiifgwk4bxw_Q-lDq3F6OvGIS8OjDlqGM71k-xTUmS_OmiweZg63rXCpauHUmmPTvxj2P36tvjq4E1R3CMphaJBEnYalH8b9IOa19iQHwnSZ1iv6rLQW4Uqi9dteZ9GTe2oseY7pdxzCrsuY3f8vR2LfQCwT3mOQln_nZ_vO4aa438hEBmLTbaRZ7lYFBHbmSfe8a58Gh9X4tbykNlIYjMpPTVD5r3SRAk5xdDr17yfZQ5aAJbozMLVUHKMYRrnYR_YwzLArkLYWPeeCa4kGesTldg0W3PUbpU2omHm4W_8XuLq6eZ2qZFqRbwvrOIJDs9Tit6pG2hOYYDYzclrt07jWpk1eK2oLSZZ8p6ke2xQXTPZ3liFA0JAKOPDuR-4ISGxxCgrQpEvsV-K1Nb7Rhfc8QopsBPpDiz7zs7-okY-4aR-TFYHt2IN8lML2XnkDRTmV87gyEeCPFRLKPA6YnR9MImzL-NdFZKYDMUVNq9Eqe1--IEyXQTpJ7zGtsyyKRv2iBKJw4rTc0Fe8vOO6Pqt5pCVehndpJoJmYPB_4FNU9Jx7_J3EYI88ulwP1nqpHy7SUhbql7iUgh67NY7h1XTpa45AICqd7l0ZcVVKvt6J4X-o--nYbkzPhN6YN2yROhE9uouXTz2yqXa9Mq3OpF44fYy4Z-X_N0mKit4Hz2QeXj_hhQRN4XBs7awtWK-70NkvLKbT7X4Hg4uSBzJJQVTuDvjPWVA5DP1jRZz2psSGtTrtSsUy8nOjnobeSaJMEe74xbZyH_pyuhtjn-LmlYPwbsN0qXbpiNZRTPdUL2A_OvqBc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 container.html Show response
785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CBE8 6 KB
3 KB 41ms
41ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tinhte.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 13:30:18 GMT
expires: Thu, 23 May 2024 13:30:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ef33bde3b6f53b5d50fc677805f1b9fa.js Show response
www.gstatic.com/mysidia/ Frame CBE8 8 KB
4 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef33bde3b6f53b5d50fc677805f1b9fa.js?tag=client_fast_engine_2019

Requested by

Host: 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
URL: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3674
x-xss-protection: 0
last-modified: Fri, 19 May 2023 05:26:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 20:24:23 GMT

GET
H3 200 d1bbada8119eddf93206e27576ae28d4.js Show response
www.gstatic.com/mysidia/ Frame CBE8 18 KB
8 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d1bbada8119eddf93206e27576ae28d4.js?tag=pingback

Requested by

Host: 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
URL: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e0f1700b1d1dcfe759e56eb0d0b5059000ead196eff285702dc59c757d493c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 16:44:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7721
x-xss-protection: 0
last-modified: Wed, 17 May 2023 01:31:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 16:44:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CBE8 14 KB
1 KB 53ms
51ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
URL: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 May 2023 13:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 May 2023 13:14:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 May 2023 13:30:20 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame CBE8 2 KB
765 B 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
URL: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:21:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:21:32 GMT

GET
H3 200 136beb7e84d4b05a5b5bba85738ca9f6.js Show response
www.gstatic.com/mysidia/ Frame CBE8 6 KB
2 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/136beb7e84d4b05a5b5bba85738ca9f6.js?tag=analytics_pingback_2019

Requested by

Host: 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
URL: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 00:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2330
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:52:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 22 Aug 2023 00:47:31 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame CBE8 22 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Host: 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
URL: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:18:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame CBE8 3 KB
1 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
URL: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:41:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 10:41:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame CBE8 19 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
URL: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:18:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CBE8 171 KB
53 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
URL: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 13:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 13:30:20 GMT

GET
H3 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame CBE8 32 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
URL: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Wed, 17 May 2023 01:31:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 07:59:56 GMT

GET
H3 200 14044378171500417091
tpc.googlesyndication.com/simgad/ Frame CBE8 16 KB
16 KB 40ms
40ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14044378171500417091?w=100&h=100

Requested by

Host: 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
URL: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

722050a67eb3739f2447b77be53381aef2915b6188cab9a485518f5c3388e0f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 09:19:31 GMT
x-content-type-options: nosniff
age: 360649
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16434
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 08:37:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 09:19:31 GMT

GET
DATA 200
OK truncated
/ Frame CBE8 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CBE8 0
20 B 75ms
75ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRArIQAAAAAAACBAMAQKDRADIQAAANDMrF1AMAQSGkNJZTB3SXFJanY4Q0ZTRzZKd0lkQndJQ1BBIiZsb2NhdGlvbi9sb2NhdGlvbl9leHRlbnNpb25fYmFubmVyX29jaCgc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d1bbada8119eddf93206e27576ae28d4.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 13:30:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CBE8 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRAKIQAAAAAAAPA_MAQSGkNJZTB3SXFJanY4Q0ZTRzZKd0lkQndJQ1BBIiZsb2NhdGlvbi9sb2NhdGlvbl9leHRlbnNpb25fYmFubmVyX29jaCgc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d1bbada8119eddf93206e27576ae28d4.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 13:30:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CBE8 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRANIQAAAAAAAAAAMAQKDBAeKgY3Mjh4OTAwBAoMEBkqBjcyOHg5MDAEEhpDSWUwd0lxSWp2OENGU0c2SndJZEJ3SUNQQSImbG9jYXRpb24vbG9jYXRpb25fZXh0ZW5zaW9uX2Jhbm5lcl9vY2goHA==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d1bbada8119eddf93206e27576ae28d4.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 13:30:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CBE8 0
20 B 74ms
73ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRAOIQAAAAAAAAAAMAQSGkNJZTB3SXFJanY4Q0ZTRzZKd0lkQndJQ1BBIiZsb2NhdGlvbi9sb2NhdGlvbl9leHRlbnNpb25fYmFubmVyX29jaCgc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d1bbada8119eddf93206e27576ae28d4.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 13:30:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CBE8 0
20 B 75ms
75ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRAEIQAAAGBmpl5AMAQSGkNJZTB3SXFJanY4Q0ZTRzZKd0lkQndJQ1BBIiZsb2NhdGlvbi9sb2NhdGlvbl9leHRlbnNpb25fYmFubmVyX29jaCgc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d1bbada8119eddf93206e27576ae28d4.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 13:30:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CBE8 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRAPIQAAAAAAAAAAMAQSGkNJZTB3SXFJanY4Q0ZTRzZKd0lkQndJQ1BBIiZsb2NhdGlvbi9sb2NhdGlvbl9leHRlbnNpb25fYmFubmVyX29jaCgc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d1bbada8119eddf93206e27576ae28d4.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 13:30:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CBE8 0
20 B 75ms
74ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRArIQAAAAAAADRAMAQKDRAFIQAAAGBmxl5AMAQSGkNJZTB3SXFJanY4Q0ZTRzZKd0lkQndJQ1BBIiZsb2NhdGlvbi9sb2NhdGlvbl9leHRlbnNpb25fYmFubmVyX29jaCgc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d1bbada8119eddf93206e27576ae28d4.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 13:30:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CBE8 0
0 85ms
85ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cqb7EaxFuZMfSJKH0nsEPh4SI4AOTipSycJudkZOeEWQQASC6kp6aAWCVsoKCmAegAdj2lrcCyAEJqQJfVue_sBiyPuACAKgDAcgDywSqBPMBT9AhUMAS69qIWn7MlWmGkuL_tfLFU6jDbwZ_i9y2Ekk4pgeJHj2qu10jdM-tO_vBGAW-cl6YxLyur8L0oWMfyuhk7pHGQVcAW79Fze_OjKp-4GUsIboxBMB24I-o4X45jc95HOHgWnEjFICQD3o5KFfCaDd5duevd5ft137E3KiVN2ONzU8H4WX2UK94KiN-9HyOaLtkamHubsPcX2SxNxk12vARY3s2L29ZiEGJfGt8oTlWgPNgDP2i87CWtf9cZEzlcvkjJJYU0ZRz3wm47RZAX7BmuStxnDsHcZnLWneo22LfOxePz4HK41QbQnJtb5FKwATdj9_6_APgBAGSBQQIBBgBkgUECAUYBKAGLoAHkInpyAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC-owLSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoByAsBmAyX4L2WhAS4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTE1NDg3MDE0NDMwNjk4MjEYtOwP&sigh=Sd59Raoraus&uach_m=[UACH]&cid=CAQSSwBygQiDNYp3ZwbUjXx-ImxdvmjPlM17mvxG2lwhYrFTFpNhUHt2CzFyqzQd8Uzcxgoo72-aV0E2cyaRYyAXQ_uFOyrUU3CL0OeirxgB&template_id=515
Requested by: Host: 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
URL: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame CBE8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32f3c5cc597b51f7245fe050b91df877995574747d19e3bf0b08f3f999c76349

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CBE8 0
20 B 76ms
76ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d1bbada8119eddf93206e27576ae28d4.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 13:30:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame CBE8 33 KB
33 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 66063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 19:09:17 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CBE8 0
20 B 75ms
74ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRAUIQAAAADwofZAMAQKDRAVIQAAAAAAACZAMAQKDRAWIQAAAAAAABBAMAQKDRAYIQAAADAzM2ZAMAQSGkNJZTB3SXFJanY4Q0ZTRzZKd0lkQndJQ1BBIiZsb2NhdGlvbi9sb2NhdGlvbl9leHRlbnNpb25fYmFubmVyX29jaCgc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d1bbada8119eddf93206e27576ae28d4.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 13:30:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js Show response
pagead2.googlesyndication.com/bg/ Frame BEE4 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js

Requested by

Host: 785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
URL: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 11:34:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14642
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 May 2024 11:34:47 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CBE8 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRAyIQAAAACYmek_MAQKDRAzIQAAAABoZvY_MAQKDRA0IQAAAABoZvY_MAQKDRA1IQAAAABoZvY_MAQKDRA2IQAAAABoZvY_MAQKDRA3IQAAAABoZvY_MAQKDRA4IQAAAAA0M_s_MAQKDRA5IQAAAEAzM0VAMAQKDRA6IQAAAKCZmUVAMAQKDRA7IQAAAGhmlmNAMAQKDRA8IQAAAGhmlmNAMAQKDRA9IQAAANDMvGNAMAQKDRA-IQAAAAAAUGRAMAQKDRA_IQAAADAzU2RAMAQKDRBAIQAAANDMzGZAMAQSGkNJZTB3SXFJanY4Q0ZTRzZKd0lkQndJQ1BBIiZsb2NhdGlvbi9sb2NhdGlvbl9leHRlbnNpb25fYmFubmVyX29jaCgc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d1bbada8119eddf93206e27576ae28d4.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 13:30:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 347A 42 B
174 B 78ms
77ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaKnUyJ3TrQfnBxCTYSqylA6BPcLAecfnud8D60wjZQP2v8AKqHmuHPQauHbBdNEkHBBldG9mAvocqwtyl0oTTR9iiVcmagLblmP_tr8-RmsuZmDf1Cs-_W5vVQjXIUOVzkJTFfw&sai=AMfl-YTfBADCgR4g0tzZrOsdZikbWpk2dHdrxeXYJ90OqUYQsTrPB32CX0J-leg_xVx7snQ1pXzTGBaabnTwTaOt0vZ7F6zTjtXEBHrhLAaVYATLb44GqUW8I56fIqJzShlGE0vvb2CDoTyeWos8&sig=Cg0ArKJSzJAcRQ5EKY7WEAE&cid=CAQSSwBygQiDWy3jvrXmwj0lYQNEXf3bTvPL1nIzhFd5hh6XyyexKp2vT3q57sFjt7ygyxTLUEUoQy6tVGtEan-t2Ip7DoeJ_lQ9no7bgRgB&id=lidar2&mcvt=1000&p=125,436,215,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230522&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2628168687&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684935019679&rpt=235&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 13:30:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CBE8 42 B
64 B 80ms
79ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstacq2zPkVettMrUfdMQdJpSYkf_CZa6thAR3qKT2At9YTgvIs5BAmmx2meFisBmjtUTLVNm8nBabwgKmizW0HrMsIM1GElY0KqwkVH45BpSUk9OMd__jVFtWBMx4gy1CgiNKYZMkUEgu3OlCmJGj8Nit_uUDRKSnPoD4Y2AbUPXT10XlRXQ2gHRSp7flrb2AGdqvTSecioXn4x1Bu_ZsIUBrEkvL94VHyfuGOIBlot9Cx88_t7FOZYeIaPdSbqmgDrcd2rvzVvIRaby_1I8SJGPJEAiWtqz0EpCGI6eZk0sp5KYK7-XrIKc_XnbpNQLdCZkDzasGC8gd_r3NB8Rh_ZxCvPaNHHdV270rBZo0pOWAtmWqJ6DedZ72G95hGJMQtLcpPIPoS0DIcLbYHzVO0RQm3xFDJtDd3WUj3hzjGpJkEtvvyD6YYCIHabOJ60NLbXg90ApesfOPYzn0NC4lHn2-v4AAOgTmvrAZFMET2RLTyldMrQjhNdzdnUfaGEvC6yby4uu4EK_5istB-fr00whTE-ufASI600hAH4TZSaToHGwzwc7uTJERs8FykgU_V6OqmCYG8vamaZfh7ynzuM0M2_rp0U6GYNKTluuKmTYha1vU62meX_hUweIZCX6Usfs-qBg0grluY366u8ZnkAhq4xre3ue6wmK07Dj-O_jBPVZWNz4FHUAgw_4yNWgfLbB5EtHjJTQEIo9g8T6aValzqqvBZ97F8Gt6p9SOel4FNUtuLRjcCKHwaiZ9mxmI1a2ejrNwDMcjt86bCb3G0fj1z-Txi6jEyCxhWaqG4vVe-GOlU0NJKmg6C1qC3Qy9zzwscD9pyYFFpib6PkMO92a-7d4vFCWrpMlOuuj_jZxTqYM15PHESVFXlfy5wEM4TJQfZlBadGakfotJcvFeE9ZB0bJf95b3iMYhSa78Tv6GhdT-dMbYO2uPq-i_W-ue6-SDZGYxZGA-H8UNaPqNwiDQbFzzY_qmsGVINUk161XzcowqQ-nMW7zwcEkCxltIpEeX65lOEqPNF0FRXqPwXxOyXL0jpSYE4WPniBwBvRhvuFScyVMCVb7UIfbmJ_5epNFask5nEfDcfFt_SXSbyjhnE3v6x00U9ago1Kpbs2ng&sai=AMfl-YRa1XPlTs3HFbShyANvoWaqNyS905fd38pPUxzVG7UNOXPJjsNiozxDEtTe1k38AEe6tlRWEeaejI9Mc3Vx0zvaBTNIVIFBA00cOoQ9Ts0ozRc40zKMT_L1ZLqXtq4po4c7pAUq_mJrcJOYXmLdMsKEkUc12SH0TQ&sig=Cg0ArKJSzDYE9TiEl4A4EAE&cid=CAQSSwBygQiDNYp3ZwbUjXx-ImxdvmjPlM17mvxG2lwhYrFTFpNhUHt2CzFyqzQd8Uzcxgoo72-aV0E2cyaRYyAXQ_uFOyrUU3CL0OeirxgB&id=lidar2&mcvt=1000&p=810,436,900,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230522&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=983309566&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684935020188&rpt=179&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 13:30:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tinhte.vn/	1969-12-31 23:59:59	Name: tt_session Value: cb26705088e8229ba88a49ebaaacc5c2
tinhte.vn/	1970-01-20 12:12:19	Name: xf_vim\|mudim-settings Value: 26
.tinhte.vn/	1970-01-20 21:38:15	Name: _ga_EHPF9BTE3E Value: GS1.1.1684935018.1.0.1684935018.60.0.0
.tinhte.vn/	1970-01-20 21:38:15	Name: _ga Value: GA1.1.411576919.1684935018
.tinhte.vn/	1970-01-20 14:11:51	Name: _fbp Value: fb.1.1684935018436.1737755763
.tinhte.vn/	1970-01-20 21:38:15	Name: _ga_L2J9ZH0B0E Value: GS1.1.1684935018.1.0.1684935018.0.0.0
.tinhte.vn/	1970-01-20 21:38:15	Name: G_ENABLED_IDPS Value: google
.google.com/	1970-01-20 16:25:46	Name: NID Value: 511=sRlqa89u3V5eJta0hP2E_tgoCn14KXXJtF2AKXimCvAQonkZQzafQ2Qb9Ev6wVCR4Zx_GS2ujbXIO-KmAtWO1sAnAdfhk5K5oHsNQEZkqZcIlIvIgUukmlfPHnugu5xj72SRFeSwB7nBgZqFDNYnjMLk4TGukoPu2luLGIN_yXo
.doubleclick.net/	1970-01-20 21:23:51	Name: IDE Value: AHWqTUn_9mnuF9_pm-9lopM7W8hswj1dFn8uTeDUNyFo52npIF27fzHzKyyPQlmqtJU
.doubleclick.net/	1970-01-20 12:02:15	Name: test_cookie Value: CheckForPermission
.tinhte.vn/	1970-01-20 21:23:51	Name: __gads Value: ID=64de3446d7054dc6:T=1684935018:S=ALNI_MbfR18qud1ZdP8lfCg4wfh6mJDksg
.tinhte.vn/	1970-01-20 21:23:51	Name: __gpi Value: UID=00000c33ae24e157:T=1684935018:RT=1684935018:S=ALNI_MYz_J5V3W-f1QbLnZ8JpelckDcMCQ

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.WnxEgvkNgAg.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O7Sgrhowig-zfKO-dPnUfkkJkpg/cb=gapi.loaded_0?le=scs(Line 407) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

785a82602631a5cdd1334b8a1d168469.safeframe.googlesyndication.com
accounts.google.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
apis.google.com
connect.facebook.net
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
pagead2.googlesyndication.com
region1.analytics.google.com
region1.google-analytics.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tinhte.vn
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
125.212.247.8
2001:4860:4802:32::36
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2001
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200d
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c0b::9d
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0aaff843d07f3d074dd6dc797a05226cccff351ee6ce849b316070b54a6e8701
0cdd51d758c24dd4609ea9a59fcd5d5b4f4ac3470fb4fb0f165cc659f167cfec
0edf333f58b6eb48c1187af6e38afb1a762b8e858757e8c26643ecb0b2068e0f
220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32d093159756c9c2270cef89318f1e0f77e97ebd48e38156df4c28bbc2aa91e5
32f3c5cc597b51f7245fe050b91df877995574747d19e3bf0b08f3f999c76349
38a0cab40a9e38b9d9de8917056e09aaebae7f40ab8ad28b8fba99de8abec7f1
3dd183b281d3f2fe04a206f55e78914f5edb6da7dab09584d821a64998180ca3
4085a696936b5ec53fd22e2c44cefead8227802b0b3ce0f48f9ddba8d30d4e63
452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
4d3c63a3abb186a48ac52bfc3f1fbad81a8b6f1a9ae59a421a4c821b1871d13b
4e85bc98122717e398bc7a85587e79c0c4761e6eda4b9b48757936c284383ddf
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ad2dda4ed3d0bb25b3a85296abf85865113585c9873460b24b9ec2c3a96df1d
601011cf2e653026a810c298d57b01536a51e0edccf07810c11675c7522eeb2a
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6468d8eae0646f81042b0fae4a527e49928c0ec8e2cc27ee0b7059e64c811f60
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
683de4b908bf5e289f918f7479b0fad1f8dc7e0f7a7221195446671de58a6e8e
6a7df56f580bf0b383dfcacf6f1962e04f5acbb343b270fa4749a16864cac5ac
6d037e538a58d57577002b0cc2f54ec670a8fac3110f05ca760436030f186577
707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb
722050a67eb3739f2447b77be53381aef2915b6188cab9a485518f5c3388e0f3
72a16432c9b5501a7ded930d43ecc113abd3f58704b22f4fe7a5156f841d46e0
74d7769cba3b7e8b597892ce352e3130f38ba2056a74c7b944e262d64b89f1a8
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7f050f74cb21b55f33af1953889cf7412b2c9dacf0f4a4e69b79acece29a8a5c
8a5a6a3550629fab40c305061f38ee37e8805f35635b67a4d7ce066f1687bb72
8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de
9180951f2607bef1f27ae9efb7dbfc1ae75394128eff4da38090ca67a60c955f
95ae65450ec3200ab5bf28c4a0afaa0828ce381e69b5bc751c79c76f06878acd
97b8570c5d15f9ed6c0c47a7aaa08440b8d47f04b398444a7957c1998f3953f9
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
9e0f1700b1d1dcfe759e56eb0d0b5059000ead196eff285702dc59c757d493c4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a721e5bcec174ca1fb65ddcd5fce3fe7c73f62dbd1a28ab6376b282e70985f80
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aca76e18451aef01eb2d1ffc4e9773d561def4b7fc9d31dcd08f09a7555d645e
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b7fcae64a91e4fe18790234505d58c7c38222526b359f69035710c1942e33f83
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c7428f4465dd36da8014a7f90613f1ce73deeefd2cf31ee056c13f2a73137f43
c8866444fa94d600f25d84554edc9d6ed1aa0b2c4f232057040ceec743e4779c
c925de120c3e4e5360949cb3899d31179e23689428ff8f090cec31748668e0c7
d1904ce3bf0eec24efb6dc26d4a75882d2d781925309ec88b0136b1b02045476
d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee
d4abe0ab3ebdcc83eccd33a616828aef540e3eb1392169c9cd97ea71ac6dff2e
d7115cf06d4df2dac1341740391401d708853a555b5b5bbfdf135491e9e58446
d7fa4d8d6241eac2c0a2a7ad98c59a0b51291800f549b8abec82c9ec697c4f7f
e2d979d698b778dea5b3d75dd5941f7e2ce26f34c46a3d72f76b3cacd48ecade
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef30c883b4b4e4b45057fb38e75477aa1b847d061b19ff032e26c5d3a789961c
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f8fbf7e16e3604db25ab37c4a496865033167bb550e3b2e92f1070424f48723a
fafdfbb5c73d056bb8efaeee32abc44948da13359d9914484eccf971856063c3

tinhte.vn Open in urlscan Pro 125.212.247.8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

95 Requests

99 %HTTPS

95 %IPv6

12 Domains

23 Subdomains

20 IPs

4 Countries

1305 kBTransfer

3685 kBSize

12 Cookies

24 Outgoing links

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tinhte.vn Open in urlscan Pro
125.212.247.8 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

99 %
HTTPS

95 %
IPv6

12
Domains

23
Subdomains

20
IPs

4
Countries

1305 kB
Transfer

3685 kB
Size

12
Cookies

95 HTTP transactions
4 data transactions