tinhte.vn Open in urlscan Pro
125.212.247.8 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Submission: On March 16 via manual (March 16th 2022, 6:47:41 am UTC) from VN — Scanned from DE

Summary HTTP 493 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 81 IPs in 9 countries across 61 domains to perform 493 HTTP transactions. The main IP is 125.212.247.8, located in Ho Chi Minh City, Viet Nam and belongs to VIETEL-AS-AP Viettel Group, VN. The main domain is tinhte.vn. The Cisco Umbrella rank of the primary domain is 138396.
TLS certificate: Issued by R3 on March 7th 2022. Valid for: 3 months.

This is the only time tinhte.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
69	125.212.247.8 125.212.247.8	7552 (VIETEL-AS...) (VIETEL-AS-AP Viettel Group)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
7	2405:f980::1:10 2405:f980::1:10	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
15	2405:f980::1:13 2405:f980::1:13	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
34	125.212.247.214 125.212.247.214	7552 (VIETEL-AS...) (VIETEL-AS-AP Viettel Group)
1	2a02:26f0:fb:... 2a02:26f0:fb:5a3::7ca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	123.31.39.137 123.31.39.137	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2016	15169 (GOOGLE) (GOOGLE)
1	123.30.177.116 123.30.177.116	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
17	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
9	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
21	123.30.151.88 123.30.151.88	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
8	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:400e:80d::2001	15169 (GOOGLE) (GOOGLE)
2	123.30.175.112 123.30.175.112	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
14	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.246.197.130 34.246.197.130	16509 (AMAZON-02) (AMAZON-02)
4 5	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
4 4	52.215.248.120 52.215.248.120	16509 (AMAZON-02) (AMAZON-02)
7 48	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 1	18.156.47.94 18.156.47.94	16509 (AMAZON-02) (AMAZON-02)
2 4	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4 4	104.92.72.137 104.92.72.137	16625 (AKAMAI-AS) (AKAMAI-AS)
7 7	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 5	2a05:d01c:1d8... 2a05:d01c:1d8:8101:6a54:37cb:fd61:b021	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	123.30.242.13 123.30.242.13	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
1	123.30.151.76 123.30.151.76	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
4	142.250.179.130 142.250.179.130	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
2 4	2.21.141.232 2.21.141.232	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.90.104.248 104.90.104.248	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	123.30.175.51 123.30.175.51	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
6	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
5 5	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	146.59.70.99 146.59.70.99	16276 (OVH) (OVH)
3 3	3.67.115.82 3.67.115.82	16509 (AMAZON-02) (AMAZON-02)
5 6	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
8	138.201.63.150 138.201.63.150	24940 (HETZNER-AS) (HETZNER-AS)
1 2	52.213.111.123 52.213.111.123	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	138.201.84.245 138.201.84.245	24940 (HETZNER-AS) (HETZNER-AS)
1 4	94.130.102.164 94.130.102.164	24940 (HETZNER-AS) (HETZNER-AS)
4	2600:9000:225... 2600:9000:225f:5e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	123.30.151.81 123.30.151.81	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
2	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
2	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
10	46.236.13.147 46.236.13.147	12703 (PULSANT-AS) (PULSANT-AS)
2 4	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
2 2	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
2	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e051	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	123.30.168.3 123.30.168.3	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
1	123.30.175.43 123.30.175.43	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
6	34.237.61.1 34.237.61.1	14618 (AMAZON-AES) (AMAZON-AES)
3	18.66.97.9 18.66.97.9	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	84.200.5.215 84.200.5.215	31400 (ACCELERAT...) (ACCELERATED-IT)
1	46.4.62.19 46.4.62.19	24940 (HETZNER-AS) (HETZNER-AS)
1	78.46.85.162 78.46.85.162	24940 (HETZNER-AS) (HETZNER-AS)
10	52.30.107.253 52.30.107.253	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::18 2a02:2638::18	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:224... 2600:9000:224a:4800:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
493	81

69 125.212.247.8 (Ho Chi Minh City, Viet Nam)

ASN7552 (VIETEL-AS-AP Viettel Group, VN)

tinhte.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2405:f980::1:10 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)

static.amcdn.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amcdn.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sspapi.admicro.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg.nanda.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2405:f980::1:13 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)

media1.admicro.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 125.212.247.214 (Ho Chi Minh City, Viet Nam)

ASN7552 (VIETEL-AS-AP Viettel Group, VN)
PTR: viettel4.vimobi.com

photo2.tinhte.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:fb:5a3::7ca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

js.rfp.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 123.31.39.137 (Hanoi, Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

imgproxy.k7.tinhte.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 123.30.177.116 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

cdn2.cache.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 123.30.151.88 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

lg1.logging.admicro.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:400e:80d::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 123.30.175.112 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: coccoc.com

ssp.qc.coccoc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.197.130 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-197-130.eu-west-1.compute.amazonaws.com

secure-gg.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States) 4 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.215.248.120 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-248-120.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 142.250.186.130 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.47.94 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-47-94.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.92.72.137 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-72-137.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.190.78 (United Kingdom) 7 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a05:d01c:1d8:8101:6a54:37cb:fd61:b021 (London, United Kingdom) 4 redirects

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 123.30.242.13 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

adi.admicro.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 123.30.151.76 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

adminplayer.sohatv.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.179.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams17s10-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.21.141.232 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.22 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.90.104.248 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-104-248.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.126 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 123.30.175.51 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: coccoc.com

qccoccocmedia.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.139 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.70.99 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3210071.ip-146-59-70.eu

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.67.115.82 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-115-82.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.126.56.137 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 138.201.63.150 (Reilingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.150.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.111.123 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-111-123.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.245 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de

hal900025.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 94.130.102.164 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de

hal900012.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:225f:5e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 123.30.151.81 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

fgp.philacct.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 145.239.193.130 (France) 4 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.250.30 (Hamburg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.23.99.218 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f7::5c7b:e051 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 123.30.168.3 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

qc-static.coccoc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 123.30.175.43 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: coccoc.com

display.qc.coccoc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.237.61.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-61-1.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.97.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-9.fra56.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN31400 (ACCELERATED-IT, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.62.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads4.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.30.107.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-107-253.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:4800:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
106	tinhte.vn tinhte.vn — Cisco Umbrella Rank: 138396 photo2.tinhte.vn — Cisco Umbrella Rank: 241027 imgproxy.k7.tinhte.vn — Cisco Umbrella Rank: 280942	4 MB
79	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 cm.g.doubleclick.net — Cisco Umbrella Rank: 176 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 71352	317 KB
69	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com	475 KB
42	admicro.vn media1.admicro.vn — Cisco Umbrella Rank: 25501 lg1.logging.admicro.vn — Cisco Umbrella Rank: 21870 adi.admicro.vn — Cisco Umbrella Rank: 31297 sspapi.admicro.vn — Cisco Umbrella Rank: 32676	288 KB
23	criteo.net pix.eu.criteo.net — Cisco Umbrella Rank: 7328 static.criteo.net — Cisco Umbrella Rank: 600 csm.eu.criteo.net — Cisco Umbrella Rank: 7422	54 KB
16	redintelligence.net 2 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 28803 hal900025.redintelligence.net — Cisco Umbrella Rank: 222939 hal900012.redintelligence.net — Cisco Umbrella Rank: 233627	118 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 2174 ad4m.at — Cisco Umbrella Rank: 1742 assets.ad4m.at — Cisco Umbrella Rank: 32740	273 KB
13	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18655 api.webgains.io — Cisco Umbrella Rank: 47350	154 KB
13	google.com adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
12	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 660 static.adsafeprotected.com — Cisco Umbrella Rank: 500 dt.adsafeprotected.com — Cisco Umbrella Rank: 458	131 KB
10	webgains.com track.webgains.com — Cisco Umbrella Rank: 35662	103 KB
8	openx.net us-u.openx.net — Cisco Umbrella Rank: 323 rtb.openx.net — Cisco Umbrella Rank: 1359	1 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	277 KB
7	yahoo.com 5 redirects ads.yahoo.com — Cisco Umbrella Rank: 816 ups.analytics.yahoo.com — Cisco Umbrella Rank: 268	2 KB
7	pubmatic.com 7 redirects image6.pubmatic.com — Cisco Umbrella Rank: 571	3 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	72 KB
6	medialead.de 6 redirects pv.medialead.de — Cisco Umbrella Rank: 39406 medialead.de — Cisco Umbrella Rank: 38865	2 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 251 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 564 fonts.googleapis.com — Cisco Umbrella Rank: 35	36 KB
5	rubiconproject.com 5 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 289	2 KB
5	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	472 KB
5	innovid.com 4 redirects ag.innovid.com — Cisco Umbrella Rank: 1391	2 KB
5	quantserve.com 4 redirects cms.quantserve.com — Cisco Umbrella Rank: 929	2 KB
5	criteo.com cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9702 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12341 ads.eu.criteo.com — Cisco Umbrella Rank: 7435	59 KB
5	google.de adservice.google.de — Cisco Umbrella Rank: 8832 www.google.de — Cisco Umbrella Rank: 6433	2 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 480	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496	4 KB
4	addthis.com 4 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1530	3 KB
4	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 565	1 KB
4	everesttech.net 4 redirects pixel.everesttech.net — Cisco Umbrella Rank: 2828	1 KB
4	coccoc.com ssp.qc.coccoc.com — Cisco Umbrella Rank: 41583 qc-static.coccoc.com — Cisco Umbrella Rank: 32556 display.qc.coccoc.com — Cisco Umbrella Rank: 88328	67 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	516 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	150 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	195 KB
4	amcdn.vn static.amcdn.vn — Cisco Umbrella Rank: 28369 amcdn.vn — Cisco Umbrella Rank: 24921	16 KB
3	advertising.com 3 redirects pixel.advertising.com — Cisco Umbrella Rank: 307	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 205	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net — Cisco Umbrella Rank: 46354	775 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 48610	576 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 293	912 B
2	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 64653	624 B
2	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 202756	2 KB
2	media01.eu pb.media01.eu — Cisco Umbrella Rank: 39676	786 B
2	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 794	430 B
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 91678 static-de.ad4mat.net — Cisco Umbrella Rank: 128562	4 KB
2	gemius.pl 2 redirects googlecm.hit.gemius.pl — Cisco Umbrella Rank: 7401	506 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 870	344 B
2	imrworldwide.com secure-gg.imrworldwide.com — Cisco Umbrella Rank: 2586 secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1442	460 B
1	blau.de partner.blau.de — Cisco Umbrella Rank: 58770	1 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 51158	2 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1243	63 KB
1	philacct.com fgp.philacct.com — Cisco Umbrella Rank: 35991	197 B
1	nanda.vn lg.nanda.vn — Cisco Umbrella Rank: 34242	461 B
1	qccoccocmedia.vn qccoccocmedia.vn — Cisco Umbrella Rank: 35689	7 KB
1	sohatv.vn adminplayer.sohatv.vn — Cisco Umbrella Rank: 29297	10 KB
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 492	765 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	643 B
1	cache.vn cdn2.cache.vn — Cisco Umbrella Rank: 46205	13 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 107	24 KB
1	fout.jp js.rfp.fout.jp — Cisco Umbrella Rank: 41366	16 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	4 KB
493	61

	Domain	Requested by
69	tinhte.vn	tinhte.vn ajax.googleapis.com
48	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net tinhte.vn 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
35	pagead2.googlesyndication.com	tinhte.vn pagead2.googlesyndication.com googleads.g.doubleclick.net 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
34	photo2.tinhte.vn	tinhte.vn
28	tpc.googlesyndication.com	googleads.g.doubleclick.net tinhte.vn 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com
21	lg1.logging.admicro.vn	tinhte.vn static.amcdn.vn media1.admicro.vn
15	media1.admicro.vn	tinhte.vn static.amcdn.vn media1.admicro.vn
14	pix.eu.criteo.net	googleads.g.doubleclick.net ads.eu.criteo.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com tinhte.vn
10	api.webgains.io	analytics.webgains.io
10	track.webgains.com	tinhte.vn 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com as.ad4m.at
8	hal9000.redintelligence.net	6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com hal900025.redintelligence.net hal900012.redintelligence.net
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net tinhte.vn
8	www.googletagservices.com	tinhte.vn googleads.g.doubleclick.net 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
7	static.criteo.net	ads.eu.criteo.com
7	image6.pubmatic.com	7 redirects
7	www.google.com	tinhte.vn googleads.g.doubleclick.net 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com tpc.googlesyndication.com
6	assets.ad4m.at	as.ad4m.at
6	dt.adsafeprotected.com	6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com tinhte.vn
6	ups.analytics.yahoo.com	5 redirects googleads.g.doubleclick.net
6	rtb.openx.net	6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net 5994599.fls.doubleclick.net
5	pixel.rubiconproject.com	5 redirects
5	s0.2mdn.net	6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com tinhte.vn s0.2mdn.net
5	ag.innovid.com	4 redirects googleads.g.doubleclick.net
5	cms.quantserve.com	4 redirects googleads.g.doubleclick.net
4	5994599.fls.doubleclick.net	2 redirects tinhte.vn
4	pv.medialead.de	4 redirects
4	static.adsafeprotected.com	fw.adsafeprotected.com 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
4	ad4m.at	as.ad4m.at ad4m.at
4	hal900012.redintelligence.net	1 redirects 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com hal900012.redintelligence.net
4	hal900025.redintelligence.net	1 redirects 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com hal900025.redintelligence.net
4	as.ad4m.at	6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com as.ad4m.at ad4m.at
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	googleads4.g.doubleclick.net	tinhte.vn
4	adi.admicro.vn	media1.admicro.vn
4	e.dlx.addthis.com	4 redirects
4	id.rlcdn.com	2 redirects 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com googleads.g.doubleclick.net
4	pixel.everesttech.net	4 redirects
4	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	www.facebook.com	tinhte.vn
4	www.googletagmanager.com	www.gstatic.com www.googletagmanager.com adv.office-partner.de
4	connect.facebook.net	tinhte.vn connect.facebook.net
4	www.gstatic.com	tinhte.vn googleads.g.doubleclick.net
3	analytics.webgains.io	track.webgains.com
3	pixel.advertising.com	3 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	googleads.g.doubleclick.net hal900025.redintelligence.net hal900012.redintelligence.net
3	www.google-analytics.com	tinhte.vn www.google-analytics.com www.googletagmanager.com
3	imgproxy.k7.tinhte.vn	tinhte.vn
2	csm.eu.criteo.net	ads.eu.criteo.com
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	match.adsrvr.org	2 redirects
2	ad-server.eu	6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
2	medialead.de	2 redirects
2	adv.office-partner.de	hal900025.redintelligence.net hal900012.redintelligence.net
2	pb.media01.eu	hal900025.redintelligence.net hal900012.redintelligence.net
2	odr.mookie1.com	6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com googleads.g.doubleclick.net
2	fw.adsafeprotected.com	1 redirects tinhte.vn
2	googlecm.hit.gemius.pl	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	sspapi.admicro.vn	media1.admicro.vn
2	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
2	cat.fr.eu.criteo.com	googleads.g.doubleclick.net ads.eu.criteo.com
2	ssp.qc.coccoc.com	cdn2.cache.vn qccoccocmedia.vn
2	amcdn.vn	tinhte.vn
2	firebaseinstallations.googleapis.com	www.gstatic.com
2	static.amcdn.vn	tinhte.vn lg1.logging.admicro.vn
1	secure-gl.imrworldwide.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	partner.blau.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	display.qc.coccoc.com	qccoccocmedia.vn
1	qc-static.coccoc.com	qccoccocmedia.vn
1	code.createjs.com	s0.2mdn.net
1	static-de.ad4mat.net	as.ad4m.at
1	fgp.philacct.com	tinhte.vn
1	prod-rtb.ad4mat.net	tinhte.vn
1	lg.nanda.vn	tinhte.vn
1	qccoccocmedia.vn	cdn2.cache.vn
1	ads.yahoo.com	googleads.g.doubleclick.net
1	adminplayer.sohatv.vn	media1.admicro.vn
1	d.agkn.com	1 redirects
1	secure-gg.imrworldwide.com	googleads.g.doubleclick.net
1	www.google.de	tinhte.vn
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn2.cache.vn	tinhte.vn
1	i.ytimg.com	tinhte.vn
1	js.rfp.fout.jp	tinhte.vn
1	ajax.googleapis.com	tinhte.vn
1	cdnjs.cloudflare.com	tinhte.vn
493	97

This site contains links to these domains. Also see Links.

Domain
twitter.com
wingiare.com
www.theverge.com
www.youtube.com
feeds.feedburner.com
nhattao.com
khacten.com
chimua.vn
www.1tudien.com
www.nhaccuatui.com
www.5giay.vn
www.webtretho.com
bkvn.com
www.facebook.com
www.flickr.com
plus.google.com

Subject Issuer	Validity	Valid
tinhte.vn R3	`2022-03-07` - `2022-06-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.amcdn.vn Sectigo RSA Domain Validation Secure Server CA	`2021-12-08` - `2023-01-08`	a year	crt.sh
*.admicro.vn Sectigo RSA Domain Validation Secure Server CA	`2021-11-25` - `2022-11-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.rfp.fout.jp DigiCert SHA2 Secure Server CA	`2021-06-20` - `2022-06-29`	a year	crt.sh
imgproxy.k7.tinhte.vn R3	`2022-02-19` - `2022-05-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-23` - `2022-03-23`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
cdn2.cache.vn AlphaSSL CA - SHA256 - G2	`2021-06-09` - `2022-07-11`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.logging.admicro.vn Sectigo RSA Domain Validation Secure Server CA	`2020-06-30` - `2022-06-30`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.qc.coccoc.com AlphaSSL CA - SHA256 - G2	`2021-06-09` - `2022-07-11`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
*.sohatv.vn Sectigo RSA Domain Validation Secure Server CA	`2021-10-29` - `2022-10-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-02-07` - `2022-03-30`	2 months	crt.sh
qccoccocmedia.vn AlphaSSL CA - SHA256 - G2	`2021-06-09` - `2022-07-11`	a year	crt.sh
*.nanda.vn Sectigo RSA Domain Validation Secure Server CA	`2020-06-03` - `2022-06-03`	2 years	crt.sh
redintelligence.net R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-02-19` - `2022-05-20`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.philacct.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-10-24`	a year	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
adv.office-partner.de R3	`2022-03-07` - `2022-06-05`	3 months	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
qc-static.coccoc.com AlphaSSL CA - SHA256 - G2	`2022-03-09` - `2023-04-10`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
*.webgains.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh

This page contains 46 frames:

Primary Page: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Frame ID: 100C7921B41EF4CD3B09A9BF25737D70
Requests: 200 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20190131/zrt_lookup.html
Frame ID: 270486129CB8C9BEDBA01F44A4104E12
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4328742155432872&output=html&adk=1812271804&adf=3025194257&lmt=1647413248&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647413247804&bpp=2&bdt=877&idt=216&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7002574165498&frm=20&pv=2&ga_vid=1323063238.1647413248&ga_sid=1647413248&ga_hid=371717794&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065531&oid=2&pvsid=365009433287654&pem=129&tmod=1540678822&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=235
Frame ID: BB61EF52084ACBA534F615E8AE2B3D0E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 01284A885A5F534B3E4D6D5919E4A1CE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4328742155432872&output=html&h=1066&slotname=9899595386&adk=3462276760&adf=283292611&pi=t.ma~as.9899595386&w=310&cr_col=1&cr_row=13&fwrn=4&lmt=1647413250&rafmt=9&psa=0&format=310x1066&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&flash=0&crui=image_sidebyside&fwr=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647413249813&bpp=3&bdt=2886&idt=3&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D505bfcd1677e4221-2289cd105ccd0088%3AT%3D1647413248%3ART%3D1647413248%3AS%3DALNI_MaP3lcfHCdFZqSC4jU3_C8wvcbCuQ&prev_fmts=0x0&nras=1&correlator=7002574165498&frm=20&pv=1&ga_vid=1323063238.1647413248&ga_sid=1647413248&ga_hid=371717794&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1042&ady=1260&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065531&oid=2&pvsid=365009433287654&pem=129&tmod=1540678822&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=2GZNamYcJX&p=https%3A//tinhte.vn&dtd=589
Frame ID: D7B07EC80D80EB8008A87CA452B241A4
Requests: 20 HTTP requests in this frame

Frame: https://lg1.logging.admicro.vn/_tracking1.gif?dg=774e265a7903b2f677dad103aacd5a10&fl=-1.-1.&je=0&sr=1600x1200&sc=24&hn=tinhte.vn&p=%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&r=&cat=&g=0&i=s%3B1647413248338%3B0%3B0%3B1%3B0%3B0%3B1600x1200%3B0%3B0%3B774e265a7903b2f677dad103aacd5a10%3B774e265a7903b2f677dad103aacd5a10%3BGA1.1.1323063238.1647413248%3B-1647413246176%3B10%3B371%3B365%3B369%3B0%3B1617%3B-1647413246176&rdm=0.9484220904851746&ce=1&lc=&cr=&ui=
Frame ID: B20C8AEF5A950A33265D85C62DFB7C78
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 482864AE11D51BCD776D2701CF2FE750
Requests: 9 HTTP requests in this frame

Frame: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 076DF946D2DD3A021D1885B3A36AA3BC
Requests: 1 HTTP requests in this frame

Frame: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4F41F34929E008AC410340FBDBBC02AB
Requests: 14 HTTP requests in this frame

Frame: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 89DBE67F8310C740F32CCC9E97961F60
Requests: 19 HTTP requests in this frame

Frame: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 051C69E00EAA5F005700FCFD43D81295
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhjjs9vEATAB&v=APEucNXiFr2dTwI4iiT-eCjaMm69o2MaBSSvvjMl8S781vrcXIcmDOTwnZAgj7zGwvhbVje354d53rUQmLPuSLO3O71SHYwwg0Mxa7GMm__1MW4rAXH35QgrKSQeEoHSQCAjRIYtJ5sDNxdUUMI8sRETTXbGoyNiQFyYXrsMsO_TGOGao_Yw3Js
Frame ID: 0035B124BA4ED666BDC0B497DE92FB06
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNUc4Sa1s4W2WxtLvolh6xtWsI6eXxy7_Wykh-EVJN1rggCn8oha2d1LseYtebQ1Nn3aBJd153fWpvTz9I0ML1qF_thMXZ8cm5UoJ03ek0HqnaxArXleQyvsMsyLuS_glUh6iebwNM4sED9MDIjWmGQb1qbemfnmamhfwuUtP78-OjlS0Rs
Frame ID: B079B633DCC1B74F5E05A530DD553B98
Requests: 5 HTTP requests in this frame

Frame: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 05DEDFB368E087C9B283DB858D64741B
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVJQVSiZEudgwARTOR-2wBtHnNpZp_SpAgeCIWVQnlKkelIaBD5XuYC9WzisraUmntByhlNqcoKfXozdPpVecE52wNnUCpVHVwq1-xxZs9S8mkQ5F7MJEBbepjMG5XFoNQo6fosDSS6mwstEVrs_Xr91xfptX5cpso9VxMkzoSKZnXiVqI
Frame ID: EB3CD84DE03C9AD4E691B37F41AF08C3
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2090049AD68006583F69D4E943D5BD5B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4B241FB27A2608E952DDE51C1102E7B1
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIYtqjQwQEwAQ&v=APEucNXX_bgei_n23eAr7733oJX7cNTl4HbQBE78sUqE3B0o6IM8OURtLYYX-D-YTSnFx_XeQV00LdEOAj-Umw48BFE5ljKfHczZtvCmT6eTaGn-hZYbdBpF1nSbbEDQgO1f72J8f4vdv7jhvEk9zfqm2IaqAs-GpuBF9U6C6EBc_iEaHA6uMsc
Frame ID: 49E09C232591C3EF2B27F7238A078B77
Requests: 4 HTTP requests in this frame

Frame: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 98C66120F6AC751AF5BFC737D0C9BAB0
Requests: 9 HTTP requests in this frame

Frame: https://qccoccocmedia.vn/get_adm?id=1cf562a1-1da8-49f7-af15-3c25938ba3d7&reqid=7196d993-a10b-4e77-b386-ceb5971b5180
Frame ID: CA7E0C18DAA41198CF3FB3580A82E6B8
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 47A35FBD5E717DE9A2F92A1ADEFCA36A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 79CFACC993B2F65811F6F0FCE1320B89
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1km6rgykhkz0a6fy8tr7zj6na2h9fv7h58xb7krkazxtenpdewmx516vwabmv3e8hjm57f2dwbmebmwqfs98n8k3vj1fbe8nwdfged0stnw11sgpnbj6gtdvfda9vg2z89nj53f7vw2vxc3wqtmym5pmp36s2js1953yap94d3tax9s7rx2bg54j7ra9jw3ahnjzpk2k12gj1kte7hm2zpbjetxndxhf6n5qjqfpww908st6616zg35ay55mh8vhx27q6dcrqhzpg3w3454bv1ktch4ehzmdv6rgn7ffk89a145qbn1638h7kz3b5ap9e1wj7j63kcags97tjz6n7wypa3bb58svgzr2tdm9hyjrg706k52sed30b3peyvr57vcr70wznfwvq0p5bgx4b5pmjax62pq9d7x9x5g680sfjht8vdd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXacxA4gxYuP1DpvsgAeopaL4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAcKu6N0DyAEJqQLPqCIQ6WWyPuACAKgDAaoEwwJP0LnDUMkBButJEIziMmtI9j0MaDv0ydqzGytlJftagq1nUv8uC8cmcTieyUwE9BIHLOR8EXThZ4zQPXfJM37uxW793_Z--eX1Yhg8Y3MelQIEoQG_AZS46u2PNXUVTkKUmrdSMRDbpsB9KgV94YrXKCcN9cRwD_xlmXz2TotbckSRdccUD33RUK3WaZQlGMct1xYDaU-FsQx6Uxt-CmAqmjIci7SNZM-GN2Ha4grJeaad15V42EmsTNanUzIQ3rmsIQfw7o08CG2qPjRqnSMEAXS3RQbQf9RRmdy5p2D3oKvzkrZvyc9upwUVjbk8atEkBhJe3hSxEGKB6dk9MTyE4cmGbLVjnoryTDL2cb-LAHYy6SVpsLDWPaguA_V2C4KolwUO7MbmKq9BBeWKA1IIq6xAuAxSXlOCjl1yV8lD3mg75OAEAYAGgoaOsvyw2Zb6AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3dbWuYYFUIAxeuhUr_3DwOC57jYg%26client%3Dca-pub-4328742155432872%26adurl%3D
Frame ID: FC692008741DD9A695B8CA046826907F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 80537BF556A22C5D02EECEC8FF16C3CC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 06DA0BAC5BC5B429415810A498A2F448
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7660565476681256380/index.html
Frame ID: 1B0F7A6F8B736DCB0DF6A129CFCE4AC4
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EB2EBEE28ABDB065081AA0198F168C23
Requests: 3 HTTP requests in this frame

Frame: https://fgp.philacct.com/genuuidpc
Frame ID: 643C1C7780E33DEA1CCF6CFB09C075BF
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=71770400030503500710612011900025&actionid=981741&produktid=&dt_url=
Frame ID: B97E373AF17C094BC9E8F768F863894D
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: E13720050850DFAA6ED36F7784944567
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLuz_c2EyvYCFTFFHQkdJaUNLQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8513424182466.683
Frame ID: 58A791C51DFC139C4B15080974DF2B37
Requests: 2 HTTP requests in this frame

Frame: https://hal900025.redintelligence.net/request_content.php?s=71770400030503500710612011900025&a=720163e3
Frame ID: DC0A2D05FDA9E27736EE6B25F6D6F44E
Requests: 6 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72482400022588400710612011900012&actionid=981741&produktid=&dt_url=
Frame ID: D7496057B93D0E4E6325D1B4A023BE66
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: FBCC0D21FF6A4FE7117D4DAAD6015D5C
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPK1_c2EyvYCFa1FHQkdMcIBiQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5344401744805.531
Frame ID: 58BFBDFED7AA2EA18DB5D1C8850BC5E2
Requests: 2 HTTP requests in this frame

Frame: https://hal900012.redintelligence.net/request_content.php?s=72482400022588400710612011900012&a=56e326cb
Frame ID: 9560C9169C4A3C14CDAB281C8B230925
Requests: 6 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 7E8AF6888550AFD2D0413E48B5929A62
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F69615510EB2A2BF310947A2DA562050
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B6EAEF457C00791A8E5A26CD5B6B370C
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: E9D97B62B64AE82F40FF17A181D2B3B2
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nci&g=1fe6412b04a1dc712599cadd0e1a0767%2F13841441758141254669&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647413253606&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4v1gpmh9gsjsvqvrt9y71cr1t8cafmvxyefb1sfvp307sv3dcnn8r37fee9sp1swst6cdh8ksabk6cdw6wd1afk2hy9ks78zcnj9f31nt30dt7fc5wyv3a0t2e8xfk41jeq91h3gh8v4vpqg8z1herpwztk9kfg5saen1yc8ft5jatt34jpxsakhtzfyqebdbg2srv6rwss97t9ze23dk216998c6thfaa0m8gyab6gch4c4mvx7f8bxse8arv80m9p5dp9br3ptn4tr1g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXacxA4gxYuP1DpvsgAeopaL4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAcKu6N0DyAEJqQLPqCIQ6WWyPuACAKgDAaoEwwJP0LnDUMkBButJEIziMmtI9j0MaDv0ydqzGytlJftagq1nUv8uC8cmcTieyUwE9BIHLOR8EXThZ4zQPXfJM37uxW793_Z--eX1Yhg8Y3MelQIEoQG_AZS46u2PNXUVTkKUmrdSMRDbpsB9KgV94YrXKCcN9cRwD_xlmXz2TotbckSRdccUD33RUK3WaZQlGMct1xYDaU-FsQx6Uxt-CmAqmjIci7SNZM-GN2Ha4grJeaad15V42EmsTNanUzIQ3rmsIQfw7o08CG2qPjRqnSMEAXS3RQbQf9RRmdy5p2D3oKvzkrZvyc9upwUVjbk8atEkBhJe3hSxEGKB6dk9MTyE4cmGbLVjnoryTDL2cb-LAHYy6SVpsLDWPaguA_V2C4KolwUO7MbmKq9BBeWKA1IIq6xAuAxSXlOCjl1yV8lD3mg75OAEAYAGgoaOsvyw2Zb6AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3dbWuYYFUIAxeuhUr_3DwOC57jYg%252526client%25253Dca-pub-4328742155432872%252526adurl%25253D&y=1&z=0
Frame ID: 7F5E9B3468B87AC756C9AE75043D8E85
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4328742155432872&output=html&h=280&slotname=1959476942&adk=861964628&adf=694063878&pi=t.ma~as.1959476942&w=1104&fwrn=4&fwrnh=100&lmt=1647413253&rafmt=1&psa=1&format=1104x280&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647413253677&bpp=3&bdt=6750&idt=3&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D505bfcd1677e4221%3AT%3D1647413248%3AS%3DALNI_MaCNzVJX2BkxC3L7xdKC5ux7aWduw&prev_fmts=0x0%2C310x1066&nras=1&correlator=7002574165498&frm=20&pv=1&ga_vid=1323063238.1647413248&ga_sid=1647413248&ga_hid=371717794&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=248&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065531&oid=2&psts=AGkb-H8b_0ewmnN_hnqKt8mKtC7CHFoJvgcoSMtI9KUawtsCR86sKH-CPSIkMHaQ3fdQANavT_D6tORHsCIALw&pvsid=365009433287654&pem=129&tmod=1540678822&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=rRgBu5cOOf&p=https%3A//tinhte.vn&dtd=12
Frame ID: F8DD0F4B8CF0B1F995B942EB14F00610
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjGIBQAMfAcK7fBMAADLJ7oaGKC8wQr979AXkQ&u=%7C4lDBT3cx1%2Bcv%2FduExhR%2B2VH1k1RzeSHraY0xIY36mcQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy4EqircJuk9zwvv9cN56hfNNLyJ4OIQvhsr4rJOtEtHm3eWXUgda5Mdu9P8oYG2TkEpEiZaGuwADaUwzSRcLuKAb9RM2VA0EIJHMkR2fVWl7LB_gJKqa8WklVQ3gYd2zT6osM0bX4spBRHYnzqhmpO_PFND3jiMfE6Q4b6NUe7QXyueBwAxNBK2NOjzi2rF4sms9vSduX7KS4rsJQbh2iAZq_7D6n-M4gmLn2y8Uh7wr1kJmYsecVA0syxxBKyOyzXXjrmzpSuYxNCuOC8azfjTumZGj4WGa5YHrTKYwTOF-nZ4GCagQ-zbbdrTwNUShkqUrkloZKkHrCEEgF6YPviVXQJWByk2qpqk-m39DEIr-XDUCccsX8rtLEoLKHhOlZ8j_bxMgI5-b&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzKrGBYgxYof4MczgtwenloP4CMme0rFc1fbi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAdW20uoDyAEJqQLPqCIQ6WWyPqgDAaoEhwJP0ObqbxDh__Twjs2Epsn5mnjWNL_Q5QGLxY6IBivrTsDKlAOyP23S90bUShamSC3JM7_jzUul2E1tMPqFuxbhA2rBlre5yD6mYJhZILl4MHCyNCTYafYKNLK0eUQQpoe1u0CiuxdMQss9z0b01b3dDVwmFzSwZlH6uvlAU9f_QvLE3LG1X-eDf2JoE16DIcWKpzj0wIChPIGUuJGyVwQjou4CzOq4gXAjptYR2WSo9vqSexq9jYbVUP3dB3bi_-Y-yiiB3ArR4MtroRiA16s3GAiay7T6kFI6MECyL-CXVlfZvX-QaJo8I1qQCqDFdDbWySS80dZQ6cPnHf3ykJTy6VOd-RkiyIAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1JRbDbzDSg0wbRTPhFADXZiUhpmg%26client%3Dca-pub-4328742155432872%26adurl%3D
Frame ID: CC79F706EA1BD8660894DD295A36FF78
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C0E40372F3591C1A64629AD233FF7C0B
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CBBA61A875A7E7B14E6FD2A5DC818B5F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 02D03515DF3C958D8AEFAEB391FECE23
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Microsoft lại quảng cáo trong File Explorer, anh em có khó chịu?

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

493
Requests

89 %
HTTPS

43 %
IPv6

61
Domains

97
Subdomains

81
IPs

9
Countries

7540 kB
Transfer

15523 kB
Size

77
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/flobo09/status/1502645866204704773/photo/1
Title: Một người dùng Twitter

Search URL Search Domain Scan URL

URL: https://wingiare.com/key-windows-11-gia-re
Title: https://wingiare.com/key-windows-11-gia-re

Search URL Search Domain Scan URL

URL: https://www.theverge.com/2022/3/15/22979251/microsoft-file-explorer-ads-windows-11-testing
Title: https://www.theverge.com/2022/3/15/22979251/microsoft-file-explorer-ads-windows-11-testing

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/tinhtevideo/
Title: Video

Search URL Search Domain Scan URL

URL: https://feeds.feedburner.com/tinhte/
Title: Tinh tế RSS

Search URL Search Domain Scan URL

URL: https://nhattao.com/f/dien-thoai.543/
Title: Mua bán điện thoại

Search URL Search Domain Scan URL

URL: https://nhattao.com/f/may-tinh.553/
Title: Mua bán máy tính

Search URL Search Domain Scan URL

URL: https://nhattao.com/f/may-tinh-bang.548/
Title: Mua bán máy tính bảng

Search URL Search Domain Scan URL

URL: https://nhattao.com/f/camera.556/
Title: Mua bán camera

Search URL Search Domain Scan URL

URL: https://nhattao.com/f/dong-ho-thong-minh.585/
Title: Mua bán đồng hồ thông minh

Search URL Search Domain Scan URL

URL: https://nhattao.com/f/xe.532/
Title: Mua bán xe

Search URL Search Domain Scan URL

URL: https://nhattao.com/f/dien-may.602/
Title: Mua bán điện máy

Search URL Search Domain Scan URL

URL: https://nhattao.com/f/sim-dien-thoai.533/
Title: Mua bán sim, sim 3G

Search URL Search Domain Scan URL

URL: https://khacten.com/
Title: Khắc tên

Search URL Search Domain Scan URL

URL: https://chimua.vn/
Title: ChiMua.vn

Search URL Search Domain Scan URL

URL: http://www.1tudien.com/
Title: 1Tudien

Search URL Search Domain Scan URL

URL: https://www.nhaccuatui.com/
Title: NhacCuaTui

Search URL Search Domain Scan URL

URL: https://www.5giay.vn/
Title: 5Giay

Search URL Search Domain Scan URL

URL: https://www.webtretho.com/
Title: Webtretho

Search URL Search Domain Scan URL

URL: https://bkvn.com/
Title: Biker Vietnam

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tinhte/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.flickr.com/photos/tinhtephoto/
Title: Flickr

Search URL Search Domain Scan URL

URL: https://twitter.com/tinhtefan/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://plus.google.com/+tinhte/
Title: Google+

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 186

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIJDGJZDtKsP-fG-SJpdXgHLx1QP-Py5Nb0nr6khhwAiptrmyQzVijhLu7sqDsLAn14bLsr2SFhXKmCw53maJ-4kA12iYc&google_gid=CAESEM8sUfVc76cmClGZyQV3NVE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWpHSUF3QUFBSldqS1R4Qg&google_push=AYg5qPIJDGJZDtKsP-fG-SJpdXgHLx1QP-Py5Nb0nr6khhwAiptrmyQzVijhLu7sqDsLAn14bLsr2SFhXKmCw53maJ-4kA12iYc

Request Chain 187

https://d.agkn.com/pixel/2175/?google_gid=CAESEEWSzjKyyxjnOApe6CZYuVk&google_cver=1&google_push=AYg5qPIYEuWVEGMrY7ATynOTivVN4nxITiagggLQg8RHgAnQIzwBiT1BjQcuscj_B5zPM1AwcrCnbG60bN96axeKxjL9Bma3U-XG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIYEuWVEGMrY7ATynOTivVN4nxITiagggLQg8RHgAnQIzwBiT1BjQcuscj_B5zPM1AwcrCnbG60bN96axeKxjL9Bma3U-XG&google_hm=Q0FFU0VFV1N6akt5eXhqbk9BcGU2Q1pZdVZr

Request Chain 188

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPL_9qpku42tk_9omZ2I1jXyfgdx232L5Yhm4TXz0JB70svSSxt4E-cHHplAh9mBg5PAkdrpKtw1wQRm9DeBmC91t-y8TCt_&google_gid=CAESEOP-Mfm8mFbX6dJNXhfGgrQ&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCIOQxpEGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBMXzlxcGt1NDJ0a185b21aMkkxalh5ZmdkeDIzMkw1WWhtNFRYejBKQjcwc3ZTU3h0NEUtY0hIcGxBaDltQmc1UEFrZHJwS3R3MXdRUm05RGVCbUM5MXQteThUQ3Rf HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwT08wWkZOSl95YjVLQWs2SHl1M1d4YkFkb3Bnb1lwZzJldWc3WmJyeEhPbw==&google_push

Request Chain 189

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLzr_-i-OGuxoUe4xW6K5k1mKZp5JLQk3YPJoJZhMp_H44XoN-nps-UzTQQ-hlQogSk0xheapvqB8zNZvj_cVdrOH18uost&google_gid=CAESEB9GuSO4AUkv0S3SSLSffr4&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLzr_-i-OGuxoUe4xW6K5k1mKZp5JLQk3YPJoJZhMp_H44XoN-nps-UzTQQ-hlQogSk0xheapvqB8zNZvj_cVdrOH18uost&google_gid=CAESEB9GuSO4AUkv0S3SSLSffr4&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMTYwNjQ3MzEwMDAxMzMyNzY2MjY2Mw%3D%3D&google_push=AYg5qPLzr_-i-OGuxoUe4xW6K5k1mKZp5JLQk3YPJoJZhMp_H44XoN-nps-UzTQQ-hlQogSk0xheapvqB8zNZvj_cVdrOH18uost

Request Chain 190

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMluCw-TC4ZWabhMCNiFL5Y&google_cver=1&google_push=AYg5qPJ1zNLPlnVBQFq6RdVkhlu3dnLU2GJtpA2gALpMPxTXFWlFnk84aE1h-aCo4AVfOIV57aFg4YZSA4t_mina1VE6eOI9HLY HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMluCw-TC4ZWabhMCNiFL5Y&google_cver=1&google_push=AYg5qPJ1zNLPlnVBQFq6RdVkhlu3dnLU2GJtpA2gALpMPxTXFWlFnk84aE1h-aCo4AVfOIV57aFg4YZSA4t_mina1VE6eOI9HLY&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ1zNLPlnVBQFq6RdVkhlu3dnLU2GJtpA2gALpMPxTXFWlFnk84aE1h-aCo4AVfOIV57aFg4YZSA4t_mina1VE6eOI9HLY

Request Chain 243

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFuVeeZBC-8aXGcsRE8J-Dg&google_cver=1

Request Chain 244

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjGIAwatHlVODEZs3tnuaQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFuVeeZBC-8aXGcsRE8J-Dg&google_cver=1

Request Chain 245

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOjtuT5HACF2t4v8wHfNUAk&google_cver=1

Request Chain 246

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIwOTEyNTY1NjMxNDY3OTk0Ng%3D%3D

Request Chain 253

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIaBWx6xiIcrvXIILh1qru8&google_cver=1

Request Chain 255

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEOLVCF8-YJrNGnjuzbRLnHo&google_cver=1

Request Chain 264

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEIo5pqTF6qFABZT8nK8xNKo&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEIo5pqTF6qFABZT8nK8xNKo&google_cver=1&__user_check__=1&sync_id=f45f66bd-a4f4-11ec-8161-10ffbde80306

Request Chain 265

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=f45e6c52-a4f4-11ec-8302-1974e5cf0506 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZjQ1ZjY2N2MtYTRmNC0xMWVjLTgxNjEtMTBmZmJkZTgwMzA2

Request Chain 275

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKnxvEJ8FtDiM-VA1mW13Gg&google_cver=1&google_push=AYg5qPK8QCSPTXhsi8gaB6gRaoJIH-GuAbZCiaXcSa7Awy6HWT45lWlL-WbFc8fOJlVrhn_JQ2mPqawxhXLcqm730lC1DsUSPgSU HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPK8QCSPTXhsi8gaB6gRaoJIH-GuAbZCiaXcSa7Awy6HWT45lWlL-WbFc8fOJlVrhn_JQ2mPqawxhXLcqm730lC1DsUSPgSU&google_hm=sPSXW8dUTcOfp6QejnxeRw

Request Chain 276

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIsxqsD46H2H5ds_LzpxzFBXPhyVaXqDyWAQN2Q186Ttn948uQ9lKKYl03QpwLS_qoerPSlZrh5Rr9CBPQ0vx1jjez5DgaY&google_gid=CAESEM8sUfVc76cmClGZyQV3NVE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWpHSUJBQUFBUkF1TjFTMQ&google_push=AYg5qPIsxqsD46H2H5ds_LzpxzFBXPhyVaXqDyWAQN2Q186Ttn948uQ9lKKYl03QpwLS_qoerPSlZrh5Rr9CBPQ0vx1jjez5DgaY

Request Chain 278

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMluCw-TC4ZWabhMCNiFL5Y&google_cver=1&google_push=AYg5qPJeDWnqrq7RPa0z95q7f0jBV8rirpe3ePjSxl2sQ_cEJcGiR9ucf9JjmDw9itUrCzd8nFlnWsIMkXm91wuuxGHq61B1mDb_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJeDWnqrq7RPa0z95q7f0jBV8rirpe3ePjSxl2sQ_cEJcGiR9ucf9JjmDw9itUrCzd8nFlnWsIMkXm91wuuxGHq61B1mDb_

Request Chain 279

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA5WN69DkXgkope8Ki-glkI&google_cver=1&google_push=AYg5qPJc59zXzJGyGXq0Erz8vDTM41qDPf5sguR1EYcTSPgSXo6YJKwLnpM1kjcubkvkuvg0sXdPTwYFjjjZYLacPEkHo4BMlQd2oA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBUN0JDTVctMU4tOFk5VA==&google_push=AYg5qPJc59zXzJGyGXq0Erz8vDTM41qDPf5sguR1EYcTSPgSXo6YJKwLnpM1kjcubkvkuvg0sXdPTwYFjjjZYLacPEkHo4BMlQd2oA

Request Chain 280

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMa2SJ9Puev5L0dsrxNy5EU&google_cver=1&google_push=AYg5qPJmfOa2nQWkFCKBiM7levVblT9SFglL52Oab0nLdhPtoLNS5dbbTSNZt0LbstaI00cb4-c_UYH1h9J2zkUGbrQT_Xkccm3TEw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPJmfOa2nQWkFCKBiM7levVblT9SFglL52Oab0nLdhPtoLNS5dbbTSNZt0LbstaI00cb4-c_UYH1h9J2zkUGbrQT_Xkccm3TEw&google_hm=XSh_YfA4RGmvPveLSidiLw

Request Chain 281

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFUNaRYKxQVS-MzB3uOqMJY&google_cver=1&google_push=AYg5qPL1W6AQ_zA5cmdNWLohg-ggLIZ8p01q6mHUqtQhJVZWVP2NIsumgVco8_apWVadgYJVsIa-i7YVWQCX7qOY3nOsYYjihoCAwWc HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPL1W6AQ_zA5cmdNWLohg-ggLIZ8p01q6mHUqtQhJVZWVP2NIsumgVco8_apWVadgYJVsIa-i7YVWQCX7qOY3nOsYYjihoCAwWc&google_hm=

Request Chain 283

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESEG4r2uFnzmwh01c03zD7ntA&_origin=1&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEG4r2uFnzmwh01c03zD7ntA&_origin=1&google_cver=1&apid=UPf45d8e56-a4f4-11ec-93af-021f01e9bc5a HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEG4r2uFnzmwh01c03zD7ntA&_origin=1&google_cver=1&apid=UPf45d8e56-a4f4-11ec-93af-021f01e9bc5a&verify=true

Request Chain 284

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UPf45d8e56-a4f4-11ec-93af-021f01e9bc5a HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UPf45d8e56-a4f4-11ec-93af-021f01e9bc5a&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBmNDVkOGU1Ni1hNGY0LTExZWMtOTNhZi0wMjFmMDFlOWJjNWE%3D

Request Chain 285

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1saEwxWW14RTJ1RmJDUzFqaVdESmp2aEk1UnoxMEIyeH5B

Request Chain 305

https://hal900025.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=775bececd6&subid=&uid=ca8075ca900c4d9c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi8uKA4gxYsfmDoeJgQeV-Z6gD7XN-YNX_Ni5q-UM8C4QASCM-YEaYJXikIKgB8gBCakCz6giEOllsj6oAwGqBNwBT9C40gs9bGSIX-i1zWle1f4X_DhkST_tQUJnkQCRWVtIAdNLz6pQpyos6soTZ2Nryiq4qEahNyPjA-JTFU4EA3-RwOhLxo5loF6y-m4YcsSC-2OaVwDHGYT2Uyrnyiflt1EhEdHNOz7bEBdn0eSGM0dbO06JbUgkXfnxgb3KRE96QmZsy_HNKOFSIrZWkuOnZt4owQ1qksG0fN7f9Ne6CsO3O0vA30R7LXzI-OYCR6DzQ9OHK_654om-fFUvuvBw-8Kwd3uERqJBXx0QKgClXqKw-_SAljmjdnbt88AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJORowg6tnwFTXgZh8Fanq1VmJmKQhxLgBANSIwyGja36e-Qg0Q%26sig%3DAOD64_1j8IbNHURmDv_EuJ4Apb_Ur-oerg%26client%3Dca-pub-4328742155432872%26dbm_c%3DAKAmf-DfZez0W5vkNbdyhgB0AkXsyw7dHB_kiK1zmHqhJx3H3k4zvXgvHEDtXHZ_kzKuQ2aifp7EGZGuxYs7S5DSNDJ4CJRsrwSCBshMxNYGuz1HjIXTWnnK-Kk9yIN_HWLvw-sxgIhxBUZBmn65rIBwKApyDZgoZA%26cry%3D1%26dbm_d%3DAKAmf-CupFV6ottWqmt6iKHWANnNc-1ZiVf0nXBbEDVimTN1JW6srQaIhB6XMXOczRoQKOWGeIq9zCTofC4e42AtDchY8REvc_7lmsGow6If_ngqOSzZd-g-UrbAB4BMIxGbCBrA1dfNJ2hXvpAt9JNIKdKKIqJOQPrsA0yAbBTXNQY6K2nAX41_GchGoea7R3wNFqhVmfeiIjtry5bEl0IRLTfeTfuCVdKrAgNdUS627OurzCXO3th9fU-XhoPNKiblRF8LqtdPCj4Rmr2hFePDWTwD7e8C-FS99VxkI4c3gvLqI9Ky1LlWyxvdnsbD8tLMNSR--FkUDF7wYvdWelaEu9b-Y1cgeCZ5WAJnT5K4MnzG0EdJIIg1Zbdb6AOtZse8gmXTwf-L30xi4QgxpLKLwcCKeTmrhlIBA7wyiY1OEO7EnlRVreyTdgnIlyf1_AHkT2hfq4Vn973LwBYFylhcVjzMMFl6xyW9vXrqVmLnBYzeca3R3qB-sLvPSUuUGlqENjZxWIpeyGuW8Ay6aghytfl-TRSbpvbb2sC7obGDj75psFaQ2as%26adurl%3D&documentReferer=https%3A%2F%2Ftinhte.vn%2F&ancestorOrigins=https%3A%2F%2Ftinhte.vn&random=4449684827340&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900025.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=775bececd6&subid=&uid=ca8075ca900c4d9c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi8uKA4gxYsfmDoeJgQeV-Z6gD7XN-YNX_Ni5q-UM8C4QASCM-YEaYJXikIKgB8gBCakCz6giEOllsj6oAwGqBNwBT9C40gs9bGSIX-i1zWle1f4X_DhkST_tQUJnkQCRWVtIAdNLz6pQpyos6soTZ2Nryiq4qEahNyPjA-JTFU4EA3-RwOhLxo5loF6y-m4YcsSC-2OaVwDHGYT2Uyrnyiflt1EhEdHNOz7bEBdn0eSGM0dbO06JbUgkXfnxgb3KRE96QmZsy_HNKOFSIrZWkuOnZt4owQ1qksG0fN7f9Ne6CsO3O0vA30R7LXzI-OYCR6DzQ9OHK_654om-fFUvuvBw-8Kwd3uERqJBXx0QKgClXqKw-_SAljmjdnbt88AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJORowg6tnwFTXgZh8Fanq1VmJmKQhxLgBANSIwyGja36e-Qg0Q%26sig%3DAOD64_1j8IbNHURmDv_EuJ4Apb_Ur-oerg%26client%3Dca-pub-4328742155432872%26dbm_c%3DAKAmf-DfZez0W5vkNbdyhgB0AkXsyw7dHB_kiK1zmHqhJx3H3k4zvXgvHEDtXHZ_kzKuQ2aifp7EGZGuxYs7S5DSNDJ4CJRsrwSCBshMxNYGuz1HjIXTWnnK-Kk9yIN_HWLvw-sxgIhxBUZBmn65rIBwKApyDZgoZA%26cry%3D1%26dbm_d%3DAKAmf-CupFV6ottWqmt6iKHWANnNc-1ZiVf0nXBbEDVimTN1JW6srQaIhB6XMXOczRoQKOWGeIq9zCTofC4e42AtDchY8REvc_7lmsGow6If_ngqOSzZd-g-UrbAB4BMIxGbCBrA1dfNJ2hXvpAt9JNIKdKKIqJOQPrsA0yAbBTXNQY6K2nAX41_GchGoea7R3wNFqhVmfeiIjtry5bEl0IRLTfeTfuCVdKrAgNdUS627OurzCXO3th9fU-XhoPNKiblRF8LqtdPCj4Rmr2hFePDWTwD7e8C-FS99VxkI4c3gvLqI9Ky1LlWyxvdnsbD8tLMNSR--FkUDF7wYvdWelaEu9b-Y1cgeCZ5WAJnT5K4MnzG0EdJIIg1Zbdb6AOtZse8gmXTwf-L30xi4QgxpLKLwcCKeTmrhlIBA7wyiY1OEO7EnlRVreyTdgnIlyf1_AHkT2hfq4Vn973LwBYFylhcVjzMMFl6xyW9vXrqVmLnBYzeca3R3qB-sLvPSUuUGlqENjZxWIpeyGuW8Ay6aghytfl-TRSbpvbb2sC7obGDj75psFaQ2as%26adurl%3D&documentReferer=https%3A%2F%2Ftinhte.vn%2F&ancestorOrigins=https%3A%2F%2Ftinhte.vn&random=4449684827340&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 306

https://hal900012.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=44d2bf5e18&subid=&uid=dbbe8e4ac9751e7d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRgNKA4gxYpb1DofH7gOvwJGYDLXN-YNX_Ni5q-UM8C4QASCM-YEaYJXikIKgB8gBCakCz6giEOllsj6oAwGqBNwBT9BJY2dkN88ao2r1S0P-gQYYIrwq9pMJAR63AcqmdNdLk4LtwiNAQLqFX9PyAkWLZyjM0nIJqAo5DtmhPKkxnEQZvDXn-s0NRH7rsDzPG30O2faadn82NyXR0M_qJe9iPcj9nq0VPmLQ-cKFoLLIW_P44hvFKqW6r0xkyvg_u7DrOC11KfLF3FAjuWZhubyBAhI2Fsc6PmKXmx4VIeopvwShzKzpgiPiFUano6_5isVSNCmBDq_CB-58-oJny8M2keQCh7tkwHbO_nFUaYoRwqp3TRclRFYpDCV_cMAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJORoiBZ6_T6_J17-vGwoSBNn1QAdJCFpjCSykN2Hexuk48Utgg%26sig%3DAOD64_1tz8ZrIUnhS1MQUVEFj9INp8_bbQ%26client%3Dca-pub-4328742155432872%26dbm_c%3DAKAmf-B3iWYwmj1XwwQkJOvIWd9Oj6bBUI1jf7wmulBVoPCR8UlNau9N7v_l511o1X-PATC0wSGw2f7v8JgFu5bIopNjGmM3ZAGZa46QuKB5BQ3fd_JkUQcuVA7LdZrBFWTPidYv_7pWRStym3Mx-8dkbwIfP24kkA%26cry%3D1%26dbm_d%3DAKAmf-CEo-Moi2eEmDRq3tlebZTanzi4b0LnXcPMrboFCJrg6NmxauYm609l-9bCjnemPLeatKoXzzeIrF8Aef4YdhL2UM5Zwm7T99_sC2zqPcL7dnn_h5ZUdtlpeA78cQgTeL-2pAX5M1oSY_-13iWnRP1fhicxFXQTrHfjXy974LyA3zEgVcdgGcbhq-R_VKzj_HEOqYSdAmTFOwyBIPZOdq05LCy1ZhamsxSILmRhVFBiM2uJ6MiSnMOWpaIVBxFK7TbOgL3bMy4G0DnZ07Hv0Av6KkzTIq-CmiT8dXmffZ9yv431by7Q5oLendn89s1bgMSgthb2sdWIrydBbA9IPj2I6v1rrDgEs6nKjaPtlwNs1xZxk1kxjeE0b_5G94Gc5AhxXwGvsrSKMEUPtinAAR5PftrOT3J9ZIifG_4lycAN5OmNt2YEXLJQkel3n31CfIoYaL657pasRdZylHkLfBGS2OcVy1FEAYcpD5DKfVIcdFCkHe9BKxJy-GyVleS61VHsaN4tcpb9efreJBKvDOr9OMLBwxMFRb3V8YOndiGVgIKLhqQ%26adurl%3D&documentReferer=https%3A%2F%2Ftinhte.vn%2F&ancestorOrigins=https%3A%2F%2Ftinhte.vn&random=3807544422330&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900012.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=44d2bf5e18&subid=&uid=dbbe8e4ac9751e7d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRgNKA4gxYpb1DofH7gOvwJGYDLXN-YNX_Ni5q-UM8C4QASCM-YEaYJXikIKgB8gBCakCz6giEOllsj6oAwGqBNwBT9BJY2dkN88ao2r1S0P-gQYYIrwq9pMJAR63AcqmdNdLk4LtwiNAQLqFX9PyAkWLZyjM0nIJqAo5DtmhPKkxnEQZvDXn-s0NRH7rsDzPG30O2faadn82NyXR0M_qJe9iPcj9nq0VPmLQ-cKFoLLIW_P44hvFKqW6r0xkyvg_u7DrOC11KfLF3FAjuWZhubyBAhI2Fsc6PmKXmx4VIeopvwShzKzpgiPiFUano6_5isVSNCmBDq_CB-58-oJny8M2keQCh7tkwHbO_nFUaYoRwqp3TRclRFYpDCV_cMAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJORoiBZ6_T6_J17-vGwoSBNn1QAdJCFpjCSykN2Hexuk48Utgg%26sig%3DAOD64_1tz8ZrIUnhS1MQUVEFj9INp8_bbQ%26client%3Dca-pub-4328742155432872%26dbm_c%3DAKAmf-B3iWYwmj1XwwQkJOvIWd9Oj6bBUI1jf7wmulBVoPCR8UlNau9N7v_l511o1X-PATC0wSGw2f7v8JgFu5bIopNjGmM3ZAGZa46QuKB5BQ3fd_JkUQcuVA7LdZrBFWTPidYv_7pWRStym3Mx-8dkbwIfP24kkA%26cry%3D1%26dbm_d%3DAKAmf-CEo-Moi2eEmDRq3tlebZTanzi4b0LnXcPMrboFCJrg6NmxauYm609l-9bCjnemPLeatKoXzzeIrF8Aef4YdhL2UM5Zwm7T99_sC2zqPcL7dnn_h5ZUdtlpeA78cQgTeL-2pAX5M1oSY_-13iWnRP1fhicxFXQTrHfjXy974LyA3zEgVcdgGcbhq-R_VKzj_HEOqYSdAmTFOwyBIPZOdq05LCy1ZhamsxSILmRhVFBiM2uJ6MiSnMOWpaIVBxFK7TbOgL3bMy4G0DnZ07Hv0Av6KkzTIq-CmiT8dXmffZ9yv431by7Q5oLendn89s1bgMSgthb2sdWIrydBbA9IPj2I6v1rrDgEs6nKjaPtlwNs1xZxk1kxjeE0b_5G94Gc5AhxXwGvsrSKMEUPtinAAR5PftrOT3J9ZIifG_4lycAN5OmNt2YEXLJQkel3n31CfIoYaL657pasRdZylHkLfBGS2OcVy1FEAYcpD5DKfVIcdFCkHe9BKxJy-GyVleS61VHsaN4tcpb9efreJBKvDOr9OMLBwxMFRb3V8YOndiGVgIKLhqQ%26adurl%3D&documentReferer=https%3A%2F%2Ftinhte.vn%2F&ancestorOrigins=https%3A%2F%2Ftinhte.vn&random=3807544422330&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 315

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKnxvEJ8FtDiM-VA1mW13Gg&google_cver=1&google_push=AYg5qPIs9yWfNdboK2Ho2hQOjsl8hnb2sv3fb_9BIP3-SR1ai3YMzpoWb9N_mwaxlDu3BQz9yhqN2MbcTXk3Bpqa7XjZ1DW64Gg HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIs9yWfNdboK2Ho2hQOjsl8hnb2sv3fb_9BIP3-SR1ai3YMzpoWb9N_mwaxlDu3BQz9yhqN2MbcTXk3Bpqa7XjZ1DW64Gg&google_hm=sPSXW8dUTcOfp6QejnxeRw

Request Chain 316

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIWwzQTqVp8efn8uiv_XSeJ1yk-MpkP4yb37j4P0TM7ho-gYjcXSRQimEEjPdwEcKVKB5aFYy7OwXfP0KrC1Wfzv96U5phs&google_gid=CAESEM8sUfVc76cmClGZyQV3NVE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWpHSUJBQUFBVEM2dHdPMA&google_push=AYg5qPIWwzQTqVp8efn8uiv_XSeJ1yk-MpkP4yb37j4P0TM7ho-gYjcXSRQimEEjPdwEcKVKB5aFYy7OwXfP0KrC1Wfzv96U5phs

Request Chain 318

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMluCw-TC4ZWabhMCNiFL5Y&google_cver=1&google_push=AYg5qPKTbCKIQcXO7d0hjN9sYrNDOtYyAC6pN6RObPDMnscd-OYLJCghv7K2w1j9oURcxM_yca4nPtxCE5xNbqBP72eebhPiPLgY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKTbCKIQcXO7d0hjN9sYrNDOtYyAC6pN6RObPDMnscd-OYLJCghv7K2w1j9oURcxM_yca4nPtxCE5xNbqBP72eebhPiPLgY

Request Chain 319

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA5WN69DkXgkope8Ki-glkI&google_cver=1&google_push=AYg5qPI-D-CzTM7EEDeuAmqbw6w5_A21hwbEde2TdmUrYbA5WVvEYgduoz_EdFTxJ6ypBXbmjQcIjR8W3umGaSrZskUtpqlfYc-6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBUN0JDVjQtMTgtRlFROQ==&google_push=AYg5qPI-D-CzTM7EEDeuAmqbw6w5_A21hwbEde2TdmUrYbA5WVvEYgduoz_EdFTxJ6ypBXbmjQcIjR8W3umGaSrZskUtpqlfYc-6

Request Chain 320

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGFMxI17p6fGb7G9FS3Iqsl5vDYMsBP99imRgf6ewOc5Ig8IhWt9R7euxKU1ypjaD_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGFMxI17p6fGb7G9FS3Iqsl5vDYMsBP99imRgf6ewOc5Ig8IhWt9R7euxKU1ypjaD_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGFMxI17p6fGb7G9FS3Iqsl5vDYMsBP99imRgf6ewOc5Ig8IhWt9R7euxKU1ypjaD_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGFMxI17p6fGb7G9FS3Iqsl5vDYMsBP99imRgf6ewOc5Ig8IhWt9R7euxKU1ypjaD_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGFMxI17p6fGb7G9FS3Iqsl5vDYMsBP99imRgf6ewOc5Ig8IhWt9R7euxKU1ypjaD_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGFMxI17p6fGb7G9FS3Iqsl5vDYMsBP99imRgf6ewOc5Ig8IhWt9R7euxKU1ypjaD_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGFMxI17p6fGb7G9FS3Iqsl5vDYMsBP99imRgf6ewOc5Ig8IhWt9R7euxKU1ypjaD_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGFMxI17p6fGb7G9FS3Iqsl5vDYMsBP99imRgf6ewOc5Ig8IhWt9R7euxKU1ypjaD_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGFMxI17p6fGb7G9FS3Iqsl5vDYMsBP99imRgf6ewOc5Ig8IhWt9R7euxKU1ypjaD_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGFMxI17p6fGb7G9FS3Iqsl5vDYMsBP99imRgf6ewOc5Ig8IhWt9R7euxKU1ypjaD_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGFMxI17p6fGb7G9FS3Iqsl5vDYMsBP99imRgf6ewOc5Ig8IhWt9R7euxKU1ypjaD_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGFMxI17p6fGb7G9FS3Iqsl5vDYMsBP99imRgf6ewOc5Ig8IhWt9R7euxKU1ypjaD_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGFMxI17p6fGb7G9FS3Iqsl5vDYMsBP99imRgf6ewOc5Ig8IhWt9R7euxKU1ypjaD_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGFMxI17p6fGb7G9FS3Iqsl5vDYMsBP99imRgf6ewOc5Ig8IhWt9R7euxKU1ypjaD_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGFMxI17p6fGb7G9FS3Iqsl5vDYMsBP99imRgf6ewOc5Ig8IhWt9R7euxKU1ypjaD_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGFMxI17p6fGb7G9FS3Iqsl5vDYMsBP99imRgf6ewOc5Ig8IhWt9R7euxKU1ypjaD_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGFMxI17p6fGb7G9FS3Iqsl5vDYMsBP99imRgf6ewOc5Ig8IhWt9R7euxKU1ypjaD_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGFMxI17p6fGb7G9FS3Iqsl5vDYMsBP99imRgf6ewOc5Ig8IhWt9R7euxKU1ypjaD_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGFMxI17p6fGb7G9FS3Iqsl5vDYMsBP99imRgf6ewOc5Ig8IhWt9R7euxKU1ypjaD_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGFMxI17p6fGb7G9FS3Iqsl5vDYMsBP99imRgf6ewOc5Ig8IhWt9R7euxKU1ypjaD_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGFMxI17p6fGb7G9FS3Iqsl5vDYMsBP99imRgf6ewOc5Ig8IhWt9R7euxKU1ypjaD_

Request Chain 321

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMa2SJ9Puev5L0dsrxNy5EU&google_cver=1&google_push=AYg5qPIEkNcoazX3LlZyR2w4eKBLTKWznhqH5L229Gh1kh3FJSfqOetGrQpX4ZoN9yuefkTy3h_3RpgFhgz8wyxRaFgnPXAkNQY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPIEkNcoazX3LlZyR2w4eKBLTKWznhqH5L229Gh1kh3FJSfqOetGrQpX4ZoN9yuefkTy3h_3RpgFhgz8wyxRaFgnPXAkNQY&google_hm=XSh_YfA4RGmvPveLSidiLw

Request Chain 329

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLDW4yk-K32AP_gV2mq0mSA0QQe6nWLkxk9-UFD7qjNM3KHNoZ98VnzoF_zOebgjY8VPcgNkN8U2i0tVuGnnJPhwHzIcQFV5Q&google_gid=CAESEM8sUfVc76cmClGZyQV3NVE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWpHSUJBQUFBVVZ5bFh6dw&google_push=AYg5qPLDW4yk-K32AP_gV2mq0mSA0QQe6nWLkxk9-UFD7qjNM3KHNoZ98VnzoF_zOebgjY8VPcgNkN8U2i0tVuGnnJPhwHzIcQFV5Q

Request Chain 332

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA5WN69DkXgkope8Ki-glkI&google_cver=1&google_push=AYg5qPKvfaw0xyh0Rdwetclu1TDE0bXxb0q9FFqswkuL13oDBIPRDkCD3In6FU7HxDubvO2GbiT0vfbpFZDlqVFIkfSxCZTdCqFSEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBUN0JDWUgtSS1IM0Y4&google_push=AYg5qPKvfaw0xyh0Rdwetclu1TDE0bXxb0q9FFqswkuL13oDBIPRDkCD3In6FU7HxDubvO2GbiT0vfbpFZDlqVFIkfSxCZTdCqFSEA

Request Chain 333

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GIjlGZ8ppu0J HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GIjlGZ8ppu0J&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GIjlGZ8ppu0J&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GIjlGZ8ppu0J&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GIjlGZ8ppu0J&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GIjlGZ8ppu0J&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GIjlGZ8ppu0J&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GIjlGZ8ppu0J&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GIjlGZ8ppu0J&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GIjlGZ8ppu0J&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GIjlGZ8ppu0J&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GIjlGZ8ppu0J&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GIjlGZ8ppu0J&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GIjlGZ8ppu0J&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GIjlGZ8ppu0J&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GIjlGZ8ppu0J&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GIjlGZ8ppu0J&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GIjlGZ8ppu0J&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GIjlGZ8ppu0J&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GIjlGZ8ppu0J&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GIjlGZ8ppu0J&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1

Request Chain 334

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMa2SJ9Puev5L0dsrxNy5EU&google_cver=1&google_push=AYg5qPLnHnBY-fAe0RPkSRYEnRFqEdGu97nB9l7IxmNl_f3ePTKZg0Y1_K-av6OgdkZ1nqemeLfHn5hXR2Aa0rECZrmUrlH6wh_XIA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLnHnBY-fAe0RPkSRYEnRFqEdGu97nB9l7IxmNl_f3ePTKZg0Y1_K-av6OgdkZ1nqemeLfHn5hXR2Aa0rECZrmUrlH6wh_XIA&google_hm=XSh_YfA4RGmvPveLSidiLw

Request Chain 335

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFUNaRYKxQVS-MzB3uOqMJY&google_cver=1&google_push=AYg5qPLugNPYyOJ-TO-GWWrso7r3CdVB4b8KI_v_iNdMuUWb8hXLE_EUMyEIVECHfSupGN-l8VQLDNLXs2sGL650QAacwDBdHjR_OBg HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLugNPYyOJ-TO-GWWrso7r3CdVB4b8KI_v_iNdMuUWb8hXLE_EUMyEIVECHfSupGN-l8VQLDNLXs2sGL650QAacwDBdHjR_OBg&google_hm=

Request Chain 341

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=71770400030503500710612011900025&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=71770400030503500710612011900025&actionid=981741&produktid=&dt_url=

Request Chain 345

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8513424182466.683 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLuz_c2EyvYCFTFFHQkdJaUNLQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8513424182466.683

Request Chain 347

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=71770400030503500710612011900025 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=71770400030503500710612011900025 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 348

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=72482400022588400710612011900012&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72482400022588400710612011900012&actionid=981741&produktid=&dt_url=

Request Chain 352

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5344401744805.531 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPK1_c2EyvYCFa1FHQkdMcIBiQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5344401744805.531

Request Chain 354

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=72482400022588400710612011900012 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=72482400022588400710612011900012 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 358

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adqjgml&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adqjgml&ttd_tpi=1 HTTP 302
https://lg1.logging.admicro.vn/mapid?src=admttd&uid=674df52f-73e4-45b2-9905-bfb64b7ee98d

Request Chain 370

https://fw.adsafeprotected.com/rfw/st/949432/60827839/skeleton.js?ias_dspID=3&ias_campId=26650973&ias_pubId=pub-4328742155432872&ias_chanId=1&ias_placementId=16184950690&bidurl=https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ing9p_oOXvAwlgOsYenjsA&adsafe_url=https%3A%2F%2Ftinhte.vn%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:4b00390f-7086-fac9-28a0-5e3b9da871d4,c:70luOd,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5cfdcd9f87-lxn2k,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:734,fm:t0dY7o0+11%7C12%7C13%7C141%7C15%7C16%7C171%7C1721%7C173%7C181%7C1821%7C183%7C184%7C185%7C186%7C187%7C191%7C1921%7C193%7C194%7C195%7C196%7C197%7C1a*.949432-60827839%7C1a1%7C1a2%7C1a3%7C1a4%7C1b11%7C1b2%7C1c1%7C1d%7C1e%7C1f,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:765,oid:f46ca95e-a4f4-11ec-920b-765d0af32fb5,v:19.8.299,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/passback_300x600.js

Request Chain 392

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKnxvEJ8FtDiM-VA1mW13Gg&google_cver=1&google_push=AYg5qPI4MdwywQm9vpxk7cm5fVO8SNPWOYqZ5FkeTyFcXZcrV8o85JZbLI91W2f3N8Kaw19sG5wT0OFtaQDU_kez0hhZz94vduT8 HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI4MdwywQm9vpxk7cm5fVO8SNPWOYqZ5FkeTyFcXZcrV8o85JZbLI91W2f3N8Kaw19sG5wT0OFtaQDU_kez0hhZz94vduT8&google_hm=sPSXW8dUTcOfp6QejnxeRw

Request Chain 393

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPI38x-x6BPbkCDqIxHLVpQ9z6He_x8uVjTn7Mk8dfS0P0ZRTK-F0tpjOp4l2zUkzkRtQITFMpG3zw7Y3KF694fAHFK41-gD&google_gid=CAESEB9GuSO4AUkv0S3SSLSffr4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMTYwNjQ3MzEwMDAxMzMyNzY2MjY2Mw%3D%3D&google_push=AYg5qPI38x-x6BPbkCDqIxHLVpQ9z6He_x8uVjTn7Mk8dfS0P0ZRTK-F0tpjOp4l2zUkzkRtQITFMpG3zw7Y3KF694fAHFK41-gD

Request Chain 395

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMluCw-TC4ZWabhMCNiFL5Y&google_cver=1&google_push=AYg5qPITacn5zjMZtNpONjiW1C5ZZrmpveK1jx84L4yGC-IgxeXuNuHgr-sk30PK8h3sEWmaVVkG2koEUTout0Vix08e176y1_wE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPITacn5zjMZtNpONjiW1C5ZZrmpveK1jx84L4yGC-IgxeXuNuHgr-sk30PK8h3sEWmaVVkG2koEUTout0Vix08e176y1_wE

Request Chain 396

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA5WN69DkXgkope8Ki-glkI&google_cver=1&google_push=AYg5qPIrd6LOxzNaKt8ETo-1OPRKQYD9Xd-LLmXUprrUFGOPEReJ7bn_rQdZiBgbZcCZYkgvtEpXfsRxmdoI36oTo5HjJfWGZg9p HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBUN0JET0MtVi1GVlc3&google_push=AYg5qPIrd6LOxzNaKt8ETo-1OPRKQYD9Xd-LLmXUprrUFGOPEReJ7bn_rQdZiBgbZcCZYkgvtEpXfsRxmdoI36oTo5HjJfWGZg9p

Request Chain 397

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhRP4xSuczVoWItvXVN9n_AMEFnliLUeIwciAb9tkRm-e8E8hneNLzgl7TMmo49pvJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhRP4xSuczVoWItvXVN9n_AMEFnliLUeIwciAb9tkRm-e8E8hneNLzgl7TMmo49pvJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhRP4xSuczVoWItvXVN9n_AMEFnliLUeIwciAb9tkRm-e8E8hneNLzgl7TMmo49pvJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhRP4xSuczVoWItvXVN9n_AMEFnliLUeIwciAb9tkRm-e8E8hneNLzgl7TMmo49pvJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhRP4xSuczVoWItvXVN9n_AMEFnliLUeIwciAb9tkRm-e8E8hneNLzgl7TMmo49pvJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhRP4xSuczVoWItvXVN9n_AMEFnliLUeIwciAb9tkRm-e8E8hneNLzgl7TMmo49pvJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhRP4xSuczVoWItvXVN9n_AMEFnliLUeIwciAb9tkRm-e8E8hneNLzgl7TMmo49pvJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhRP4xSuczVoWItvXVN9n_AMEFnliLUeIwciAb9tkRm-e8E8hneNLzgl7TMmo49pvJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhRP4xSuczVoWItvXVN9n_AMEFnliLUeIwciAb9tkRm-e8E8hneNLzgl7TMmo49pvJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhRP4xSuczVoWItvXVN9n_AMEFnliLUeIwciAb9tkRm-e8E8hneNLzgl7TMmo49pvJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhRP4xSuczVoWItvXVN9n_AMEFnliLUeIwciAb9tkRm-e8E8hneNLzgl7TMmo49pvJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhRP4xSuczVoWItvXVN9n_AMEFnliLUeIwciAb9tkRm-e8E8hneNLzgl7TMmo49pvJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhRP4xSuczVoWItvXVN9n_AMEFnliLUeIwciAb9tkRm-e8E8hneNLzgl7TMmo49pvJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhRP4xSuczVoWItvXVN9n_AMEFnliLUeIwciAb9tkRm-e8E8hneNLzgl7TMmo49pvJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhRP4xSuczVoWItvXVN9n_AMEFnliLUeIwciAb9tkRm-e8E8hneNLzgl7TMmo49pvJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhRP4xSuczVoWItvXVN9n_AMEFnliLUeIwciAb9tkRm-e8E8hneNLzgl7TMmo49pvJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhRP4xSuczVoWItvXVN9n_AMEFnliLUeIwciAb9tkRm-e8E8hneNLzgl7TMmo49pvJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhRP4xSuczVoWItvXVN9n_AMEFnliLUeIwciAb9tkRm-e8E8hneNLzgl7TMmo49pvJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhRP4xSuczVoWItvXVN9n_AMEFnliLUeIwciAb9tkRm-e8E8hneNLzgl7TMmo49pvJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhRP4xSuczVoWItvXVN9n_AMEFnliLUeIwciAb9tkRm-e8E8hneNLzgl7TMmo49pvJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhRP4xSuczVoWItvXVN9n_AMEFnliLUeIwciAb9tkRm-e8E8hneNLzgl7TMmo49pvJ

Request Chain 398

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMa2SJ9Puev5L0dsrxNy5EU&google_cver=1&google_push=AYg5qPJBCJP7yA0EwjfG3YndakQa8LWByi-Wtt4gOkNER1xGm52l5cl6ym7fpMYpvLgO2MifitZec68n2SVm2nUhz1SgPz4W4Wg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPJBCJP7yA0EwjfG3YndakQa8LWByi-Wtt4gOkNER1xGm52l5cl6ym7fpMYpvLgO2MifitZec68n2SVm2nUhz1SgPz4W4Wg&google_hm=XSh_YfA4RGmvPveLSidiLw

Request Chain 407

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKnxvEJ8FtDiM-VA1mW13Gg&google_cver=1&google_push=AYg5qPI4y6KNXZLfmQh9Hfh0uuGjXUz0NAgZ80-vOMPzeQlbkx6qH6-IWXBTOhs9bbTzWqMOy9QGSVnuq6f9u-zN2p7O1MZyAFo HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI4y6KNXZLfmQh9Hfh0uuGjXUz0NAgZ80-vOMPzeQlbkx6qH6-IWXBTOhs9bbTzWqMOy9QGSVnuq6f9u-zN2p7O1MZyAFo&google_hm=sPSXW8dUTcOfp6QejnxeRw

Request Chain 409

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKUgom3B2nwM7y6-TW2aHviAUyKjrNH3lRPbhK9QLTbwaRer6BhKObTfd-zTh4rGZyQ6JEDa4adFcQ5n9u2ttiT4OjqHis&google_gid=CAESEB9GuSO4AUkv0S3SSLSffr4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMTYwNjQ3MzEwMDAxMzMyNzY2MjY2Mw%3D%3D&google_push=AYg5qPKUgom3B2nwM7y6-TW2aHviAUyKjrNH3lRPbhK9QLTbwaRer6BhKObTfd-zTh4rGZyQ6JEDa4adFcQ5n9u2ttiT4OjqHis

Request Chain 411

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMluCw-TC4ZWabhMCNiFL5Y&google_cver=1&google_push=AYg5qPLixTHFJh3syr-dXe5bm8xQsIJm6rb3gQprhD6kReCYlB4K7BqGt9b1gPo1c-O-FvzLt-fq25bD5syLgM4NmYEfe9Zjv9M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLixTHFJh3syr-dXe5bm8xQsIJm6rb3gQprhD6kReCYlB4K7BqGt9b1gPo1c-O-FvzLt-fq25bD5syLgM4NmYEfe9Zjv9M

Request Chain 412

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA5WN69DkXgkope8Ki-glkI&google_cver=1&google_push=AYg5qPK6QsYb7IFULPnDX-RW2JV_12W8A1uIoO1qwIbRaSmbIPGBm16Top7lwxvAMXQ25Mg8TjUjERTP6_vX7Xt05uIwO_VtioA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBUN0JEUEctUi1EWFpa&google_push=AYg5qPK6QsYb7IFULPnDX-RW2JV_12W8A1uIoO1qwIbRaSmbIPGBm16Top7lwxvAMXQ25Mg8TjUjERTP6_vX7Xt05uIwO_VtioA

Request Chain 413

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX1MPa_9nbM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX1MPa_9nbM&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX1MPa_9nbM&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX1MPa_9nbM&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX1MPa_9nbM&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX1MPa_9nbM&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX1MPa_9nbM&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX1MPa_9nbM&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX1MPa_9nbM&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX1MPa_9nbM&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX1MPa_9nbM&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX1MPa_9nbM&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX1MPa_9nbM&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX1MPa_9nbM&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX1MPa_9nbM&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX1MPa_9nbM&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX1MPa_9nbM&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX1MPa_9nbM&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX1MPa_9nbM&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX1MPa_9nbM&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX1MPa_9nbM&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1

Request Chain 431

https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuid3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nciasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuid3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nciasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022031607473365697728795X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuid3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nciasuid__suite_Netmix_Reach13_BlackFridayPush&spid=2022031607473365697728795X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuid3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nciasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211

Request Chain 434

https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuid3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nciasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuid3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nciasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022031607473365697728793X113752V1225131106MSoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuid3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nciasuid__suite_Netmix_Reach13_BlackFridayPush

Request Chain 464

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMluCw-TC4ZWabhMCNiFL5Y&google_cver=1&google_push=AYg5qPKU_96eIhx1GtigGNyE3JHvZmZSA1IaO3qsguWqfuSxI6aFye_9GuacspulkH79K7GpvbaOvLaOVvG-ZoVwutuVE0mMbdY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKU_96eIhx1GtigGNyE3JHvZmZSA1IaO3qsguWqfuSxI6aFye_9GuacspulkH79K7GpvbaOvLaOVvG-ZoVwutuVE0mMbdY

493 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/ 881 KB
113 KB 748ms
365ms Document
text/html 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Next.js
Resource Hash: 894179a40fe5bfcaa822c7ed86c2b140b528c9d4f7f0059669b34111ead36ba1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Wed, 16 Mar 2022 06:47:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
x-powered-by: Next.js
etag: "dc381-jOQ4368iQgtM6WZXTFSnVCTQGdk"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=60
x-app-server: nginx-thread-64fc5c79cc-jhlhj
x-app-cache: EXPIRED

GET
H/1.1 200
OK tinhteTheme-v8.11.5.js Show response
tinhte.vn/static/js/ 5 KB
2 KB 557ms
185ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/static/js/tinhteTheme-v8.11.5.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: ce252b5f9b60739252a1b2613d1854ff770398b3363f80c83f6e2bd5f16132cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:27 GMT
content-encoding: gzip
etag: W/"13ee-17f66a206e8"
last-modified: Mon, 07 Mar 2022 23:06:09 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: MISS
Transfer-Encoding: chunked

GET
H/1.1 200
OK all.css
tinhte.vn/static/fonts/FontAwesome/ 40 KB
9 KB 525ms
184ms Stylesheet
text/css 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/static/fonts/FontAwesome/all.css
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: 43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:27 GMT
content-encoding: gzip
etag: W/"a069-17f66a206e8"
last-modified: Mon, 07 Mar 2022 23:06:09 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
x-app-cache: MISS
Transfer-Encoding: chunked

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 52 KB
4 KB 51ms
20ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 564659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3279
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-ce35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEHT%2BbnQd3NGLRr3Oc8D58K3YuE8OjnT%2BtzrQqgO3Nx%2Bzzt5Wbv2jMoxUJCvFPB8Z2fx8ArwQtnNLVh4jHP7JAsLmU2z8XpwvshxOVsesC3pnMcJOoFSUiSWs4PoGKUA%2FHtdYPv6tun6Qtx6tDsVQez5"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ecb8999aa978ff4-FRA
expires: Mon, 06 Mar 2023 06:47:26 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
34 KB 125ms
40ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 21:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Mar 2023 21:09:58 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
53 KB 167ms
79ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d60213f6262d93ffd58e9e140c1179e07a1ef0f7fc1329b61479d3031ab4b82b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53880
x-xss-protection: 0
server: cafe
etag: 15738999004206756337
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 06:47:27 GMT

GET
H2 200 cdn.js Show response
static.amcdn.vn/tka/ 26 KB
7 KB 800ms
226ms Script
application/x-javascript 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.amcdn.vn/tka/cdn.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: 84336382b409b34c47e802a0ee62875d632123f9138052109f22ec5caafb874e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:28 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 07:22:11 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 16 Mar 2022 06:57:28 GMT

GET
H2 200 Arf.min.js Show response
media1.admicro.vn/cms/ 278 KB
87 KB 889ms
218ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/cms/Arf.min.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: 658b6e82561efba7dc3816608f2ccd5022bbb7ba15b81a4bd50a3a783da7b020

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:28 GMT
content-encoding: gzip
last-modified: Fri, 18 Feb 2022 04:39:02 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 16 Mar 2022 06:57:28 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/7.5.2/ 16 KB
6 KB 127ms
41ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.5.2/firebase-app.js

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7115cf06d4df2dac1341740391401d708853a555b5b5bbfdf135491e9e58446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 15:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5581
x-xss-protection: 0
last-modified: Fri, 06 Dec 2019 21:21:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
expires: Tue, 14 Mar 2023 15:51:14 GMT

GET
H2 200 firebase-analytics.js Show response
www.gstatic.com/firebasejs/7.5.2/ 22 KB
7 KB 129ms
44ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.5.2/firebase-analytics.js

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aaff843d07f3d074dd6dc797a05226cccff351ee6ce849b316070b54a6e8701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 03:33:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7256
x-xss-protection: 0
last-modified: Fri, 06 Dec 2019 21:21:46 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Mar 2023 03:33:01 GMT

GET
H/1.1 200
OK a6ab7b925218c907984e.css
tinhte.vn/_next/static/css/ 63 KB
13 KB 703ms
351ms Stylesheet
text/css 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/css/a6ab7b925218c907984e.css
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: 0f1e24d28920644dc123be8b65f95e7ec512149e1434c8da33bcaefca5993237

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:27 GMT
content-encoding: gzip
etag: W/"fc89-17f338612b8"
last-modified: Sat, 26 Feb 2022 00:54:59 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 656e1005981642150b63.css
tinhte.vn/_next/static/css/ 7 KB
2 KB 534ms
179ms Stylesheet
text/css 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/css/656e1005981642150b63.css
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: fb811b2d43afd60ad897498b2fda66b7e11fb46c4bec9fecaf82a6957f5fda0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:27 GMT
content-encoding: gzip
etag: W/"1dde-17f338612b8"
last-modified: Sat, 26 Feb 2022 00:54:59 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK webpack-c2355d7d10a61d4f7fa2.js Show response
tinhte.vn/_next/static/chunks/ 2 KB
1 KB 194ms
188ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/webpack-c2355d7d10a61d4f7fa2.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: 0c5572c936903c9d755f7d3e3f5bc96f84843f82c1ed24bb3d54ed068c4142ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:27 GMT
content-encoding: gzip
etag: W/"6df-17f747bf4b8"
last-modified: Thu, 10 Mar 2022 15:39:15 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK framework-89a4433d27792394ead4.js Show response
tinhte.vn/_next/static/chunks/ 128 KB
42 KB 363ms
357ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/framework-89a4433d27792394ead4.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: cd82643b91689e4ef488478d382170fc4951d251e1b45b35527ef634fc0655fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:27 GMT
content-encoding: gzip
etag: W/"1ffdf-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK main-1a8ab6958d75eb67f0c6.js Show response
tinhte.vn/_next/static/chunks/ 76 KB
24 KB 195ms
188ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/main-1a8ab6958d75eb67f0c6.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: 9d67aa5b7c9ba83630611e222db37d296bea8bf2d28db047e69bed1c01ef6acb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:27 GMT
content-encoding: gzip
etag: W/"12e95-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK _app-2fc8f250cd424c30ae18.js Show response
tinhte.vn/_next/static/chunks/pages/ 23 KB
9 KB 195ms
189ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/pages/_app-2fc8f250cd424c30ae18.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: 70283d549fee6151ce5fd76fa0fdd4c5ae1741b25f41930e1d1245717b55ef39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:27 GMT
content-encoding: gzip
etag: W/"5c9a-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 75fc9c18-73197cab9ac077f7cfbd.js Show response
tinhte.vn/_next/static/chunks/ 59 KB
19 KB 302ms
177ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/75fc9c18-73197cab9ac077f7cfbd.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: e2085f33d66560ce39d7031da60131bff40d1fbf1a841bdf4c5c2909c53d7738

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:27 GMT
content-encoding: gzip
etag: W/"eb7c-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK ea88be26-b0f0a5682d9e96ab7947.js Show response
tinhte.vn/_next/static/chunks/ 250 KB
63 KB 180ms
180ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/ea88be26-b0f0a5682d9e96ab7947.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: a7fe040c480d063fe0748cb10eebe8ff1042da8f1fefd2e77bc66fb5a50f7805

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:28 GMT
content-encoding: gzip
etag: W/"3e976-17f747bf4b8"
last-modified: Thu, 10 Mar 2022 15:39:15 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK d6e1aeb5-d682ed3291b135395f94.js Show response
tinhte.vn/_next/static/chunks/ 430 KB
114 KB 178ms
177ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/d6e1aeb5-d682ed3291b135395f94.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: a3a48adebcf2e9a4324902fa52d4b3c4ddb47f4a7d57af8736f659b568fc7d92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:28 GMT
content-encoding: gzip
etag: W/"6b626-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 8484-5bec3a046991ad835f83.js Show response
tinhte.vn/_next/static/chunks/ 89 KB
30 KB 190ms
189ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/8484-5bec3a046991ad835f83.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: eb0bcc749b956d8d503f0656ee073c30c950bebf54e9bfb438fff3592b6eaf05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:28 GMT
content-encoding: gzip
etag: W/"1626a-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 7397-47c915ae05a51f587c21.js Show response
tinhte.vn/_next/static/chunks/ 114 KB
39 KB 186ms
185ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/7397-47c915ae05a51f587c21.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: 890e64ed2dca8c993342aab183adbb518fcd8f6c9825efc63522587244ab0caf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:28 GMT
content-encoding: gzip
etag: W/"1c8fb-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 9138-27114732299228b83d33.js Show response
tinhte.vn/_next/static/chunks/ 6 KB
3 KB 177ms
177ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/9138-27114732299228b83d33.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: 8d07ecbee52d1424bf8f1fefb3fba71a976cbbd7f6a4513e7b72bc09f6193765

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:28 GMT
content-encoding: gzip
etag: W/"16cf-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 9989-9b8e01838d526af568f2.js Show response
tinhte.vn/_next/static/chunks/ 35 KB
14 KB 179ms
179ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/9989-9b8e01838d526af568f2.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: eb524fd329d62647b3a41babbcd6983328026ef05521558a23a4040a2f07f14b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:28 GMT
content-encoding: gzip
etag: W/"8b24-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 2692-74838f91dde419c0f1a6.js Show response
tinhte.vn/_next/static/chunks/ 21 KB
7 KB 187ms
187ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/2692-74838f91dde419c0f1a6.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: e83704c2259e615317b6505c1d82e582448d79b7975215fb823ca64920fc19e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:28 GMT
content-encoding: gzip
etag: W/"5482-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 3927-956ce2f556f7ea0ad96e.js Show response
tinhte.vn/_next/static/chunks/ 48 KB
18 KB 185ms
184ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/3927-956ce2f556f7ea0ad96e.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: 8cf7dda882e3ecbb1148f8f27e1ec7c8852579bc8479a0f086415f5ae8099b58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:28 GMT
content-encoding: gzip
etag: W/"c16f-17f747bf4b8"
last-modified: Thu, 10 Mar 2022 15:39:15 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 2405-3c8e6abce4486edcdd1f.js Show response
tinhte.vn/_next/static/chunks/ 28 KB
9 KB 184ms
184ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/2405-3c8e6abce4486edcdd1f.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: eb03d282c302450c7e92745a5a610243900e1912ed1e728746c0752940478202

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: gzip
etag: W/"709d-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 2146-81e270e00e5e9e582b06.js Show response
tinhte.vn/_next/static/chunks/ 9 KB
4 KB 178ms
177ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/2146-81e270e00e5e9e582b06.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: 0e91b8b28259773e31768c7432fc9aa55efa11b57900a7085a754e80329c82b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
content-encoding: gzip
etag: W/"2489-17f338612b8"
last-modified: Sat, 26 Feb 2022 00:54:59 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 939-9d11b7004c2db5aa2f83.js Show response
tinhte.vn/_next/static/chunks/ 5 KB
2 KB 180ms
180ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/939-9d11b7004c2db5aa2f83.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: f04b0e22c0498aecd4cbb86df9153c78f98b1735ee693423d19f4f02d0d429a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
content-encoding: gzip
etag: W/"120d-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 7870-b04458be0e59deaef599.js Show response
tinhte.vn/_next/static/chunks/ 32 KB
9 KB 187ms
187ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/7870-b04458be0e59deaef599.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: dc126e2a9c8a6711ae603203ba1e009a32614a0344b168273100e9458e5528fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
content-encoding: gzip
etag: W/"7e27-17f747bf4b8"
last-modified: Thu, 10 Mar 2022 15:39:15 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 202-7d62e296bf4ebe8d1b89.js Show response
tinhte.vn/_next/static/chunks/ 129 KB
42 KB 188ms
187ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/202-7d62e296bf4ebe8d1b89.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: 02627657cc895345b5af20ed513f8206431bd798c1897826c75d90eb42f132f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
content-encoding: gzip
etag: W/"203d2-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 562-4695722de689be0aa0d9.js Show response
tinhte.vn/_next/static/chunks/ 13 KB
5 KB 186ms
185ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/562-4695722de689be0aa0d9.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: cf974a517ca9443c28f017a0e6867943a14ccc4484329d9c296861981fbaf9ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
content-encoding: gzip
etag: W/"35b4-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 3822-2e80c66e6f0dbd169f84.js Show response
tinhte.vn/_next/static/chunks/ 83 KB
25 KB 185ms
184ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/3822-2e80c66e6f0dbd169f84.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: c5aea8ef6e1dc16c18f2bdca876f57e556a1585435a064f6aae08e1b8a0f6232

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: gzip
etag: W/"14b0a-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 3647-12ddf5ce3bf6fc757072.js Show response
tinhte.vn/_next/static/chunks/ 31 KB
13 KB 177ms
177ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/3647-12ddf5ce3bf6fc757072.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: e5ed580c45b5c17722c0333fc6efc7c76d8284c8b673c22ba2c45343afdf78a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
content-encoding: gzip
etag: W/"7d9d-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 9075-70cb5656efb188077f73.js Show response
tinhte.vn/_next/static/chunks/ 74 KB
21 KB 180ms
180ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/9075-70cb5656efb188077f73.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: e6dfd122ec776f1401518366b7a3aa996ee8dc5c4ceba7d1340ecec12d1e6114

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
content-encoding: gzip
etag: W/"129bd-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 7200-612318ffd57b97f916ad.js Show response
tinhte.vn/_next/static/chunks/ 13 KB
5 KB 187ms
187ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/7200-612318ffd57b97f916ad.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: 100e523c5485c1e215d34e9e25e20d0050c0f37ded3349491d5f7647f9b2f28d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
content-encoding: gzip
etag: W/"336d-17f338612b8"
last-modified: Sat, 26 Feb 2022 00:54:59 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 7410-6a95034069ac822efa02.js Show response
tinhte.vn/_next/static/chunks/ 19 KB
6 KB 187ms
186ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/7410-6a95034069ac822efa02.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: 3ec7197444dfb5b963a95a856694e736775b22725b5641a0f9d645e5e626cd44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
content-encoding: gzip
etag: W/"4cda-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 5310-49c453bc576b00412245.js Show response
tinhte.vn/_next/static/chunks/ 29 KB
8 KB 185ms
184ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/5310-49c453bc576b00412245.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: c55e5dc3172565d49900e73c04786827ba15c1826425cf6fc0db98ed1d8c0b77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: gzip
etag: W/"7355-17f747bf4b8"
last-modified: Thu, 10 Mar 2022 15:39:15 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: MISS
Transfer-Encoding: chunked

GET
H/1.1 200
OK 7091-ee3901d1aed98ecd1a26.js Show response
tinhte.vn/_next/static/chunks/ 14 KB
5 KB 185ms
185ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/7091-ee3901d1aed98ecd1a26.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: b8c623429c5e07dac6c0cd5edf40ff25496628f870384807d6bb31714cef8b2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: gzip
etag: W/"37e3-17f338612b8"
last-modified: Sat, 26 Feb 2022 00:54:59 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 4991-639800807630628f6998.js Show response
tinhte.vn/_next/static/chunks/ 66 KB
26 KB 178ms
178ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/4991-639800807630628f6998.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: 091ba54ab7ec0bd54d45635fc4d137c00d58d2ed91c55b104467a95d3a02955f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
content-encoding: gzip
etag: W/"107e8-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 7521-5aa626e1eb75dad2fa44.js Show response
tinhte.vn/_next/static/chunks/ 67 KB
17 KB 180ms
179ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/7521-5aa626e1eb75dad2fa44.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: 55858d6d28844c52ec228f8c960861e41ffea3f61e684eae908ca7a1cd946785

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
content-encoding: gzip
etag: W/"10d80-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 7912-62881e8bb2c4e38e4601.js Show response
tinhte.vn/_next/static/chunks/ 35 KB
9 KB 187ms
187ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/7912-62881e8bb2c4e38e4601.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: 64d1c0b5581fbf6cc7c78a79352903fcdf903b4ce5070d4106469b15c7ffd7d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
content-encoding: gzip
etag: W/"8b8f-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 2307-feae7dda82de23a1853f.js Show response
tinhte.vn/_next/static/chunks/ 36 KB
10 KB 188ms
187ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/2307-feae7dda82de23a1853f.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: 124a16c1b22547c7c9d773529921ec539780c9119da28e705502fd51b80b8696

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
content-encoding: gzip
etag: W/"8f0a-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK 9274-f78d2eca5532840c3e42.js Show response
tinhte.vn/_next/static/chunks/ 128 KB
28 KB 186ms
185ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/9274-f78d2eca5532840c3e42.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: 0be888ac8900465617f589d4248b98a9e0a16665813070a975bebc51a8990be2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
content-encoding: gzip
etag: W/"201d6-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK threadUIView-96204ec7afa3fa117fd8.js Show response
tinhte.vn/_next/static/chunks/pages/ 276 KB
98 KB 186ms
186ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/chunks/pages/threadUIView-96204ec7afa3fa117fd8.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: 8fa4007ae24286402a70ec7e1383c2346e6b9f49aa7307abfbf9d957d8253e63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
content-encoding: gzip
etag: W/"44fbf-17f66af0ed8"
last-modified: Mon, 07 Mar 2022 23:20:23 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK _buildManifest.js Show response
tinhte.vn/_next/static/XZihHnQHalvpvQVQUIudB/ 12 KB
5 KB 177ms
176ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/XZihHnQHalvpvQVQUIudB/_buildManifest.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: eed093ba9b853ddfd0595e19f46c18b3794ca75be2ed9be249d38e0b3695a832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
content-encoding: gzip
etag: W/"31bd-17f747bf4b8"
last-modified: Thu, 10 Mar 2022 15:39:15 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: MISS
Transfer-Encoding: chunked

GET
H/1.1 200
OK _ssgManifest.js Show response
tinhte.vn/_next/static/XZihHnQHalvpvQVQUIudB/ 77 B
458 B 180ms
180ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/_next/static/XZihHnQHalvpvQVQUIudB/_ssgManifest.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
etag: W/"4d-17f747bf4b8"
last-modified: Thu, 10 Mar 2022 15:39:15 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
x-app-cache: MISS
Accept-Ranges: bytes
Content-Length: 77

GET
H/1.1 200
OK 5903602_cover_microsoftads.jpg
photo2.tinhte.vn/data/attachment-files/2022/03/ 241 KB
241 KB 900ms
366ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/attachment-files/2022/03/5903602_cover_microsoftads.jpg
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: d2e14407f44af9dadb4b23e721a357fcfc4a861e6bd850f6bfdde44f5d91d017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:28 GMT
Last-Modified: Tue, 15 Mar 2022 11:08:22 GMT
Server: nginx
ETag: "623073a6-3c318"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 246552
Expires: Thu, 16 Mar 2023 06:47:28 GMT

GET
H/1.1 200
OK 5903595_013_Microsoft_ads.png
photo2.tinhte.vn/data/attachment-files/2022/03/ 38 KB
39 KB 898ms
357ms Image
image/png 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/attachment-files/2022/03/5903595_013_Microsoft_ads.png
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: 5595787a462d7a21960327c560310d687c149bd8e7722645d0395eb29eddb44c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:28 GMT
Last-Modified: Tue, 15 Mar 2022 11:02:28 GMT
Server: nginx
ETag: "62307244-9986"
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 39302
Expires: Thu, 16 Mar 2023 06:47:28 GMT

GET
H/1.1 200
OK 5903604_013_Microsoft_ads_1.jpg
photo2.tinhte.vn/data/attachment-files/2022/03/ 68 KB
69 KB 613ms
369ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/attachment-files/2022/03/5903604_013_Microsoft_ads_1.jpg
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: 535b7acb6e5a1569a76fa15f88a4c37d9e09d30593a13729a502d4038d391b88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:28 GMT
Last-Modified: Tue, 15 Mar 2022 11:09:55 GMT
Server: nginx
ETag: "62307403-1116f"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 69999
Expires: Thu, 16 Mar 2023 06:47:28 GMT

GET
H/1.1 200
OK love.png
tinhte.vn/styles/default/Tinhte/Reactions/ 11 KB
12 KB 401ms
187ms Image
image/png 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinhte.vn/styles/default/Tinhte/Reactions/love.png
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: d5d36ad03606818294e3d6c65000cda432697ea567bb86b72c98cd6928b3b7ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:27 GMT
Last-Modified: Wed, 09 Mar 2022 07:58:30 GMT
Server: nginx
ETag: "62285e26-2db7"
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 11703
Expires: Thu, 16 Mar 2023 06:47:27 GMT

GET
H/1.1 200
OK haha.png
tinhte.vn/styles/default/Tinhte/Reactions/ 18 KB
18 KB 735ms
179ms Image
image/png 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinhte.vn/styles/default/Tinhte/Reactions/haha.png
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: d533e01ec646c78eb6723ec5df7ac706d07d956321dc2b851c6294cb8a6afadd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:28 GMT
Last-Modified: Wed, 09 Mar 2022 07:56:48 GMT
Server: nginx
ETag: "62285dc0-47ad"
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 18349
Expires: Thu, 16 Mar 2023 06:47:28 GMT

GET
H/1.1 200
OK love.svg
tinhte.vn/styles/default/Tinhte/Reactions/ 1 KB
2 KB 772ms
185ms Image
image/svg+xml 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinhte.vn/styles/default/Tinhte/Reactions/love.svg
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 61ce3d5efe216b655b63229b3452871c342e210b8da04e02a32638518e4acbb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:28 GMT
Last-Modified: Wed, 09 Mar 2022 07:56:48 GMT
Server: nginx
ETag: "62285dc0-5c7"
Vary: Origin
Content-Type: image/svg+xml
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 1479
Expires: Thu, 16 Mar 2023 06:47:28 GMT

GET
H/1.1 200
OK kiss.svg
tinhte.vn/styles/default/Tinhte/Reactions/ 6 KB
6 KB 554ms
179ms Image
image/svg+xml 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinhte.vn/styles/default/Tinhte/Reactions/kiss.svg
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: d7c04fd7b81458f45e01ef6874ffe15fa95226d7ba3eb1bc6ed2b67596c17319

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:28 GMT
Last-Modified: Wed, 09 Mar 2022 07:56:48 GMT
Server: nginx
ETag: "62285dc0-1831"
Vary: Origin
Content-Type: image/svg+xml
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 6193
Expires: Thu, 16 Mar 2023 06:47:28 GMT

GET
H/1.1 200
OK haha.svg
tinhte.vn/styles/default/Tinhte/Reactions/ 6 KB
6 KB 777ms
188ms Image
image/svg+xml 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinhte.vn/styles/default/Tinhte/Reactions/haha.svg
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 802b5ce73592b47ab3a7450cbcd86407490be93eea2285e110def0083b82eadd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:28 GMT
Last-Modified: Wed, 09 Mar 2022 07:58:30 GMT
Server: nginx
ETag: "62285e26-177f"
Vary: Origin
Content-Type: image/svg+xml
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 6015
Expires: Thu, 16 Mar 2023 06:47:28 GMT

GET
H/1.1 200
OK wow.svg
tinhte.vn/styles/default/Tinhte/Reactions/ 6 KB
7 KB 403ms
184ms Image
image/svg+xml 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinhte.vn/styles/default/Tinhte/Reactions/wow.svg
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 2c8c4577d766f4752a68652eaead07ac404c2c1da1c97d446645e7a37bd6936c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:27 GMT
Last-Modified: Wed, 09 Mar 2022 07:56:48 GMT
Server: nginx
ETag: "62285dc0-190a"
Vary: Origin
Content-Type: image/svg+xml
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 6410
Expires: Thu, 16 Mar 2023 06:47:27 GMT

GET
H/1.1 200
OK cry.svg
tinhte.vn/styles/default/Tinhte/Reactions/ 10 KB
10 KB 588ms
187ms Image
image/svg+xml 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinhte.vn/styles/default/Tinhte/Reactions/cry.svg
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 2ea929e34bae3e6e23a4cb11f33f500d91426bce9e5877ca36932fea0ba3740f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:28 GMT
Last-Modified: Wed, 09 Mar 2022 07:56:48 GMT
Server: nginx
ETag: "62285dc0-27e1"
Vary: Origin
Content-Type: image/svg+xml
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 10209
Expires: Thu, 16 Mar 2023 06:47:28 GMT

GET
H/1.1 200
OK angry.svg
tinhte.vn/styles/default/Tinhte/Reactions/ 7 KB
7 KB 587ms
184ms Image
image/svg+xml 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinhte.vn/styles/default/Tinhte/Reactions/angry.svg
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: a906aaa77946be7250435250a64afb95ddb7e97e161b44e5772fa71c264b73a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:28 GMT
Last-Modified: Wed, 09 Mar 2022 07:58:30 GMT
Server: nginx
ETag: "62285e26-1c0a"
Vary: Origin
Content-Type: image/svg+xml
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 7178
Expires: Thu, 16 Mar 2023 06:47:28 GMT

GET
H2 200 rfp-infeed.js Show response
js.rfp.fout.jp/ 63 KB
16 KB 68ms
7ms Script
application/javascript 2a02:26f0:fb:5a3::7ca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js.rfp.fout.jp/rfp-infeed.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:fb:5a3::7ca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: c7b314bede193e724fbaddea45d80bdd780ce70251905b7c5fb3f745567c4d87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:27 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtnLdIZ5jBFogmqyuj3a4Hrlujs-JIGSJfGsRrozhN28T1jZdd3k2o68_rmYPCy1ngcEgSUsRBDMG7tvE-cmfE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 15604
last-modified: Mon, 14 Feb 2022 04:44:46 GMT
server: UploadServer
etag: "709c17ae39876f1e8e8e7dcffcee5eff"
vary: Accept-Encoding
x-goog-hash: crc32c=nywM2g==, md5=cJwXrjmHbx6Ojn3P/O5e/w==
x-goog-generation: 1644813886776747
cache-control: public, max-age=1800
x-goog-stored-content-length: 15604
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 16 Mar 2022 07:17:27 GMT

GET
H/1.1 200
OK avatar_male_m.png
tinhte.vn/styles/uiflex/xenforo/avatars/ 2 KB
2 KB 187ms
187ms Image
image/png 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinhte.vn/styles/uiflex/xenforo/avatars/avatar_male_m.png
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: f129a644d5e38e00d46dc1b23c5b05efee3a01bae02a491211b1c7e796f4ea96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
Last-Modified: Wed, 09 Mar 2022 07:56:49 GMT
Server: nginx
ETag: "62285dc1-6f2"
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 1778
Expires: Thu, 16 Mar 2023 06:47:29 GMT

GET
H/1.1 200
OK 5182627_Asset_12.png
photo2.tinhte.vn/data/attachment-files/2020/10/ 12 KB
12 KB 185ms
184ms Image
image/png 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/attachment-files/2020/10/5182627_Asset_12.png
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: 044d852b21bc3bc8fe606adc9abfedf0254e01b9e0b384c8c21c14ff13e94bfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:28 GMT
Last-Modified: Mon, 12 Oct 2020 12:39:03 GMT
Server: nginx
ETag: "5f844e67-2e33"
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 11827
Expires: Thu, 16 Mar 2023 06:47:28 GMT

GET
H/1.1 200
OK kiss.png
tinhte.vn/styles/default/Tinhte/Reactions/ 14 KB
15 KB 187ms
187ms Image
image/png 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinhte.vn/styles/default/Tinhte/Reactions/kiss.png
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 5167af471ae9d0e6397195522946e9fc14e3fc6c8ef349a8e497a079dba81632

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
Last-Modified: Wed, 09 Mar 2022 07:56:48 GMT
Server: nginx
ETag: "62285dc0-38f4"
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 14580
Expires: Thu, 16 Mar 2023 06:47:29 GMT

GET
H2 200 ban-key-win-11-gia-re.jpg
imgproxy.k7.tinhte.vn/hCn1xqQglaK4EFlImN8GD2XQUKHrRy9-AP9ckNNlXpY/rs:fill:480:300:0/plain/https://wingiare.com/wp-content/uploads/2021/09/ 18 KB
17 KB 688ms
220ms Image
image/jpeg 123.31.39.137
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgproxy.k7.tinhte.vn/hCn1xqQglaK4EFlImN8GD2XQUKHrRy9-AP9ckNNlXpY/rs:fill:480:300:0/plain/https://wingiare.com/wp-content/uploads/2021/09/ban-key-win-11-gia-re.jpg

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.31.39.137 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

Resource Hash

3a5326713f2400af387d59d61486e25730a0ea78d036cfa3a748ac263a422a7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:28 GMT
content-encoding: gzip
x-cache-status: HIT
vary: Accept-Encoding
x-cache-server: nginx-1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, public
content-disposition: inline; filename="ban-key-win-11-gia-re.jpg"
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 17505
expires: Fri, 03 Mar 2023 01:33:47 GMT

GET
H2 200 5903889_2910F6E8-9D4D-4F4F-9B1B-3A2CCBF71E3F.jpeg
imgproxy.k7.tinhte.vn/TtRU0HW8kGL5HiukjQcdIJK0NYGsFjEqCLUbi929gbs/h:400/plain/https://photo2.tinhte.vn/data/attachment-files/2022/03/ 11 KB
11 KB 1111ms
644ms Image
image/jpeg 123.31.39.137
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgproxy.k7.tinhte.vn/TtRU0HW8kGL5HiukjQcdIJK0NYGsFjEqCLUbi929gbs/h:400/plain/https://photo2.tinhte.vn/data/attachment-files/2022/03/5903889_2910F6E8-9D4D-4F4F-9B1B-3A2CCBF71E3F.jpeg

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.31.39.137 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

Resource Hash

ab5654bf1a5ee5c9f0f3922b96de788fe41cb2f87e0e1cf58569f39303e75edd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:28 GMT
content-encoding: gzip
x-cache-status: HIT
vary: Accept-Encoding
x-cache-server: nginx-3
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, public
content-disposition: inline; filename="5903889_2910F6E8-9D4D-4F4F-9B1B-3A2CCBF71E3F.jpg"
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 10734
expires: Wed, 15 Mar 2023 14:13:46 GMT

GET
H2 200 aHR0cHM6Ly9jZG4udm94LWNkbi5jb20vdGh1bWJvci84dXNpcDdVOFJqdi1NeC0yaklHOEZ5RkdIdjg9LzB4MjU6MTI4MHg2OTUvZml0LWluLzEyMDB4NjMwL2Nkbi52b3gtY2RuLmNvbS91cGxvYWRzL2Nob3J1c19hc3NldC9maWxlLzIyNjgxNzEwL3dpbmRvd...
imgproxy.k7.tinhte.vn/vPAg6TR3aEYQoMJFVcsHvWeI0uuzuwD4n3xH1pNjjE8/rs:fill:480:300:0/ 15 KB
14 KB 869ms
434ms Image
image/jpeg 123.31.39.137
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgproxy.k7.tinhte.vn/vPAg6TR3aEYQoMJFVcsHvWeI0uuzuwD4n3xH1pNjjE8/rs:fill:480:300:0/aHR0cHM6Ly9jZG4udm94LWNkbi5jb20vdGh1bWJvci84dXNpcDdVOFJqdi1NeC0yaklHOEZ5RkdIdjg9LzB4MjU6MTI4MHg2OTUvZml0LWluLzEyMDB4NjMwL2Nkbi52b3gtY2RuLmNvbS91cGxvYWRzL2Nob3J1c19hc3NldC9maWxlLzIyNjgxNzEwL3dpbmRvd3MxMWRhcmttb2RlLmpwZw

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.31.39.137 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

Resource Hash

62ae9e5ab6b145b3adba8507c88e2fdee9fbb3f44c945b5dcb5af4dd3f335f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:28 GMT
content-encoding: gzip
x-cache-status: HIT
vary: Accept-Encoding
x-cache-server: nginx-0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, public
content-disposition: inline; filename="windows11darkmode.jpg"
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 14276
expires: Thu, 16 Mar 2023 04:14:43 GMT

GET
H/1.1 200
OK 5184165_Asset_18.png
photo2.tinhte.vn/data/attachment-files/2020/10/ 16 KB
16 KB 184ms
184ms Image
image/png 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/attachment-files/2020/10/5184165_Asset_18.png
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: 8418d845d445279e24530524409e38642eb15acb4f46087fd46bb352486ebcaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
Last-Modified: Tue, 13 Oct 2020 14:19:23 GMT
Server: nginx
ETag: "5f85b76b-3f0d"
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 16141
Expires: Thu, 16 Mar 2023 06:47:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 126ms
38ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2561
date: Wed, 16 Mar 2022 06:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 16 Mar 2022 08:04:46 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: Sc3uR1rK8QWHBbDtWXE+F+0sk/dmDWiUUPlWbZ7rI88Zuueef1oeokpW5/f1lf4r1RZ3EI9cKPTukyR4O3Fiyg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 16 Mar 2022 06:47:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a588ad14a32de067c8e586e763d5fbff778824c62be5b4bfa8c94b36b149662

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: QThdrDgxvgnWe0dGoAc+aw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 16 Mar 2022 07:04:40 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: NSUr0qF+dzildDrYh1IYvZkeWI9L39uqjmYnBD+0C+QafwMvLcC38S6OY4isngtj5GyfeyeqAEygL1GB3kbb9A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 0bf1c1792d4aa0e9c9e1935857bb2598
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Mar 2022 06:47:27 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "eab6df6c89038e49847b7ef189a344c9"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 76 KB
30 KB 137ms
49ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?l=dataLayer

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.5.2/firebase-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

494fb40acd465b9972857bf45b1a26d60dc20e3b522f94432381b0773151c2e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30654
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 16 Mar 2022 06:47:27 GMT

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/tinhte-apps/ 578 B
641 B 311ms
310ms Fetch
application/json 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/tinhte-apps/installations

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.5.2/firebase-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2c03b5e11f66a2a03aa75b24b9028130bd14cd912df196468a9c0743fff5cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://tinhte.vn/
x-goog-api-key: AIzaSyDWAPFMaWXFbERvNRUpiMdEvvVEo4_4gtc
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json

Response headers

date: Wed, 16 Mar 2022 06:47:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://tinhte.vn
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 451
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/tinhte-apps/ Frame 0
0 138ms
46ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/tinhte-apps/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key
Origin: https://tinhte.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://tinhte.vn
vary: origin referer x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key
access-control-max-age: 3600
date: Wed, 16 Mar 2022 06:47:27 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 52034.jpg
photo2.tinhte.vn/data/avatars/m/52/ 4 KB
4 KB 423ms
179ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/52/52034.jpg?1542911383
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: 2f5017c2cad0e876dcb066b8ffd61f2e93ce20c5876f2057c075fb30fc9208c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:28 GMT
Last-Modified: Thu, 22 Nov 2018 18:29:44 GMT
Server: nginx
ETag: "5bf6f598-1015"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 4117
Expires: Thu, 16 Mar 2023 06:47:28 GMT

GET
H/1.1 200
OK 5903272_cover_microsoft_directstorage_api_windows_tinhte.jpg
photo2.tinhte.vn/data/attachment-files/2022/03/ 329 KB
329 KB 736ms
366ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/attachment-files/2022/03/5903272_cover_microsoft_directstorage_api_windows_tinhte.jpg
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: ea9e39ef7d6483f5a11431604a477f32c303d9b6c11248ac82122137db0c1ed0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:28 GMT
Last-Modified: Tue, 15 Mar 2022 07:21:38 GMT
Server: nginx
ETag: "62303e82-5246c"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 337004
Expires: Thu, 16 Mar 2023 06:47:28 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/DyZ0eMId-Us/ 23 KB
24 KB 130ms
46ms Image
image/jpeg 2a00:1450:4001:802::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/DyZ0eMId-Us/mqdefault.jpg

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c57c65c9713b2970f126912abfeed682d8fa9c7b081c9c0275b4548a12d21c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:27 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24036
x-xss-protection: 0
server: sffe
etag: "1647392545"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 16 Mar 2022 06:52:27 GMT

GET
H/1.1 200
OK 5895718_cover_microsoft_xbox_nhat_ban_tinhte.jpg
photo2.tinhte.vn/data/attachment-files/2022/03/ 809 KB
809 KB 705ms
351ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/attachment-files/2022/03/5895718_cover_microsoft_xbox_nhat_ban_tinhte.jpg
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: cf2648dede7a4e974bd3caa8dd38443450e7a1a29b764e1b9cefb0b6ad288bb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:28 GMT
Last-Modified: Wed, 09 Mar 2022 06:09:33 GMT
Server: nginx
ETag: "6228449d-ca248"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 827976
Expires: Thu, 16 Mar 2023 06:47:28 GMT

GET
H/1.1 200
OK 5893386_cover_android12l.jpg
photo2.tinhte.vn/data/attachment-files/2022/03/ 256 KB
256 KB 707ms
350ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/attachment-files/2022/03/5893386_cover_android12l.jpg
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: 62b31325228b88985eaa861118d77efac9de9216a1486cae9a22665d6e37ddd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:28 GMT
Last-Modified: Tue, 08 Mar 2022 03:21:34 GMT
Server: nginx
ETag: "6226cbbe-3fe55"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 261717
Expires: Thu, 16 Mar 2023 06:47:28 GMT

GET
H/1.1 200
OK Lato-Semibold.ttf
tinhte.vn/static/fonts/Lato/ 654 KB
333 KB 430ms
367ms Font
font/ttf 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/static/fonts/Lato/Lato-Semibold.ttf
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: 2dc5d31e2cf1e29f3430eb2dfa1ba9911e08ee401b61dd12f40e0acb047a17a3

Request headers

Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Origin: https://tinhte.vn
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:27 GMT
content-encoding: gzip
etag: W/"a362c-17f66a206e8"
last-modified: Mon, 07 Mar 2022 23:06:09 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: font/ttf
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK Lato-Bold.ttf
tinhte.vn/static/fonts/Lato/ 642 KB
328 KB 250ms
187ms Font
font/ttf 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/static/fonts/Lato/Lato-Bold.ttf
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: bf1b8130069b44b9148eeece35e5423bedac49777ba746615b826b8276574a7b

Request headers

Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Origin: https://tinhte.vn
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:30 GMT
content-encoding: gzip
etag: W/"a0724-17f66a206e8"
last-modified: Mon, 07 Mar 2022 23:06:09 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: font/ttf
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H/1.1 200
OK fa-solid-900.woff2
tinhte.vn/static/fonts/webfonts/ 49 KB
50 KB 247ms
184ms Font
font/woff2 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/static/fonts/webfonts/fa-solid-900.woff2
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/static/fonts/FontAwesome/all.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4

Request headers

Referer: https://tinhte.vn/static/fonts/FontAwesome/all.css
Origin: https://tinhte.vn
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:27 GMT
etag: W/"c4c4-17f66a206e8"
last-modified: Mon, 07 Mar 2022 23:06:09 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
Content-Type: font/woff2
x-app-cache: HIT
Accept-Ranges: bytes
Content-Length: 50372

GET
H/1.1 200
OK Lato-Regular.ttf
tinhte.vn/static/fonts/Lato/ 642 KB
329 KB 344ms
177ms Font
font/ttf 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/static/fonts/Lato/Lato-Regular.ttf
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: 6f6940be0835c3ddec9199e5fc42be4cbc61ebcfd58c623fdf719366253f1780

Request headers

Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Origin: https://tinhte.vn
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:27 GMT
content-encoding: gzip
etag: W/"a073c-17f66a206e8"
last-modified: Mon, 07 Mar 2022 23:06:09 GMT
Server: nginx
cache-control: max-age=31536000
x-app-server: nginx-static-854467797c-vbmdk
x-powered-by: Express
vary: Accept-Encoding
Content-Type: font/ttf
x-app-cache: HIT
Transfer-Encoding: chunked

GET
H2 200 cc_ssp_new.js Show response
cdn2.cache.vn/banners/sspAnetTest/ 34 KB
13 KB 2902ms
214ms Script
application/javascript 123.30.177.116
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.cache.vn/banners/sspAnetTest/cc_ssp_new.js
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 123.30.177.116 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: cloudflare /
Resource Hash: 3cc8de9565f70673f6ac39fafe569feb02a07ff8ae9125bd22d51ea1b6e59462

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:30 GMT
content-encoding: gzip
ef-cache-status: HIT
pragma: public
last-modified: Mon, 21 Sep 2020 07:12:05 GMT
server: cloudflare
ef-country-code: SE
etag: W/"5f685245-8946"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges,Content-Encoding,Content-Length,Content-Range
cache-control: max-age=25200
access-control-allow-headers: Range
expires: Wed, 16 Mar 2022 13:47:30 GMT

GET
H/1.1 200
OK 2908872.jpg
photo2.tinhte.vn/data/avatars/m/2908/ 3 KB
3 KB 185ms
183ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/2908/2908872.jpg?1647332766
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: 9913f4d49e82dbdc71fb83e0fb6d3bb9a9488ce7b8ccc0256806c5cc2dc7ddbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
Last-Modified: Tue, 15 Mar 2022 08:26:07 GMT
Server: nginx
ETag: "62304d9f-c34"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 3124
Expires: Thu, 16 Mar 2023 06:47:29 GMT

GET
H/1.1 200
OK 530405.jpg
photo2.tinhte.vn/data/avatars/m/530/ 12 KB
12 KB 180ms
178ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/530/530405.jpg?1525445347
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: 35ba2d60fc5980a5938abedd0b132d464e5d6858d0c09c17f6fde36502b25e51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
Last-Modified: Fri, 04 May 2018 14:49:08 GMT
Server: nginx
ETag: "5aec72e4-2fba"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 12218
Expires: Thu, 16 Mar 2023 06:47:29 GMT

GET
H/1.1 200
OK avatar_6.png
tinhte.vn/styles/default/TinhteMods/avatars/ 8 KB
8 KB 184ms
184ms Image
image/png 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinhte.vn/styles/default/TinhteMods/avatars/avatar_6.png
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 9ac869e1f9637979419b90a86f7ac246d9672f153b28be9b20d624bbcb6baa36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
Last-Modified: Wed, 09 Mar 2022 07:56:48 GMT
Server: nginx
ETag: "62285dc0-1f57"
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 8023
Expires: Thu, 16 Mar 2023 06:47:29 GMT

GET
H/1.1 200
OK 1415172.jpg
photo2.tinhte.vn/data/avatars/m/1415/ 4 KB
4 KB 183ms
183ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/1415/1415172.jpg?1394077624
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: 00e911afb03ae0b0fee67182394d6198c0650fd0de9824f1ead25d2fd9a4870e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
Last-Modified: Thu, 06 Mar 2014 02:21:02 GMT
Server: nginx
ETag: "5317db8e-1048"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 4168
Expires: Thu, 16 Mar 2023 06:47:29 GMT

GET
H/1.1 200
OK 654928.jpg
photo2.tinhte.vn/data/avatars/m/654/ 3 KB
3 KB 176ms
176ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/654/654928.jpg?1394077624
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: 83813d865845a4426195e707ca6776160285f5e380388bcced04e1fb1cb98a64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
Last-Modified: Thu, 06 Mar 2014 02:15:44 GMT
Server: nginx
ETag: "5317da50-bb4"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 2996
Expires: Thu, 16 Mar 2023 06:47:29 GMT

GET
H/1.1 200
OK 2268654.jpg
photo2.tinhte.vn/data/avatars/m/2268/ 2 KB
2 KB 187ms
186ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/2268/2268654.jpg?1643893199
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: 84c2ea0497b2eff8e1380858935d4bc1ce22d10310fd556ca2ffbcc2526f708d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
Last-Modified: Thu, 03 Feb 2022 12:59:59 GMT
Server: nginx
ETag: "61fbd1cf-721"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 1825
Expires: Thu, 16 Mar 2023 06:47:29 GMT

GET
H/1.1 200
OK 1402066.jpg
photo2.tinhte.vn/data/avatars/m/1402/ 1001 B
1 KB 208ms
207ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/1402/1402066.jpg?1630034640
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: c7501bf41030689919d7ccb678292715fcc08dd4c6e80fcdc63e4d686d787236

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
Last-Modified: Fri, 27 Aug 2021 03:24:00 GMT
Server: nginx
ETag: "61285ad0-3e9"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 1001
Expires: Thu, 16 Mar 2023 06:47:29 GMT

GET
H/1.1 200
OK avatar_5.png
tinhte.vn/styles/default/TinhteMods/avatars/ 9 KB
9 KB 184ms
184ms Image
image/png 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinhte.vn/styles/default/TinhteMods/avatars/avatar_5.png
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 27b239a420ae7fa374d0f9c8909df92e5244562241a00b5c3f2927dbe145f8d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
Last-Modified: Wed, 09 Mar 2022 07:56:48 GMT
Server: nginx
ETag: "62285dc0-23c3"
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 9155
Expires: Thu, 16 Mar 2023 06:47:29 GMT

GET
H/1.1 200
OK 1992973.jpg
photo2.tinhte.vn/data/avatars/m/1992/ 3 KB
3 KB 176ms
175ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/1992/1992973.jpg?1421016127
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: 046936109dc39d4f3bc4db8ef2a0346727ad405a30f6d78c807d46153ded680a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
Last-Modified: Fri, 22 Dec 2017 04:07:42 GMT
Server: nginx
ETag: "5a3c850e-bce"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 3022
Expires: Thu, 16 Mar 2023 06:47:29 GMT

GET
H/1.1 200
OK avatar_male_2.png
tinhte.vn/styles/default/TinhteMods/avatars/ 11 KB
11 KB 177ms
177ms Image
image/png 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinhte.vn/styles/default/TinhteMods/avatars/avatar_male_2.png
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 3f69f34394b8917eb6a6fb4e903d597a0248e06e11e01a760009df39c7fe8314

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:32 GMT
Last-Modified: Wed, 09 Mar 2022 07:58:30 GMT
Server: nginx
ETag: "62285e26-2aa3"
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 10915
Expires: Thu, 16 Mar 2023 06:47:32 GMT

GET
H/1.1 200
OK 2590594.jpg
photo2.tinhte.vn/data/avatars/m/2590/ 4 KB
4 KB 184ms
183ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/2590/2590594.jpg?1634435164
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: b46c40bce39aa9fad8d5b873877b321d723fec9a9b0e685d5bbc2e3320a5a5a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
Last-Modified: Sun, 17 Oct 2021 01:46:04 GMT
Server: nginx
ETag: "616b805c-e6b"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 3691
Expires: Thu, 16 Mar 2023 06:47:29 GMT

GET
H/1.1 200
OK 2221692.jpg
photo2.tinhte.vn/data/avatars/m/2221/ 3 KB
3 KB 176ms
176ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/2221/2221692.jpg?1534145356
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: 96708356f09dd15891b3b4564ae0b4d70a1439c66b46bc58c4f15c4b8f566dc6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
Last-Modified: Mon, 13 Aug 2018 07:29:16 GMT
Server: nginx
ETag: "5b71334c-a6d"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 2669
Expires: Thu, 16 Mar 2023 06:47:29 GMT

GET
H/1.1 200
OK 2133616.jpg
photo2.tinhte.vn/data/avatars/m/2133/ 3 KB
4 KB 184ms
183ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/2133/2133616.jpg?1451136173
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: 646cb84d81dfc94326d09484b9b4a57e822f2173117a1fcea2acbc6c2bde3287

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
Last-Modified: Sat, 26 Dec 2015 13:22:53 GMT
Server: nginx
ETag: "567e94ad-d6c"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 3436
Expires: Thu, 16 Mar 2023 06:47:29 GMT

GET
H/1.1 200
OK 2056933.jpg
photo2.tinhte.vn/data/avatars/m/2056/ 14 KB
15 KB 184ms
183ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/2056/2056933.jpg?1646999788
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: 8e07b3198d3b3023f005b24913cc6f02e820873b7e21e1d9520bf2f89e64b329

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
Last-Modified: Fri, 11 Mar 2022 11:56:28 GMT
Server: nginx
ETag: "622b38ec-39dc"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 14812
Expires: Thu, 16 Mar 2023 06:47:29 GMT

GET
H/1.1 200
OK 1272274.jpg
photo2.tinhte.vn/data/avatars/m/1272/ 3 KB
3 KB 176ms
176ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/1272/1272274.jpg?1439613214
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: 090aeb5e05376a08d11f636d5c602f1bb8cf61d7db2a2ecdbdb53eb02d646e36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
Last-Modified: Sat, 15 Aug 2015 04:32:56 GMT
Server: nginx
ETag: "55cec0f8-c29"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 3113
Expires: Thu, 16 Mar 2023 06:47:29 GMT

GET
H/1.1 200
OK avatar_8.png
tinhte.vn/styles/default/TinhteMods/avatars/ 9 KB
9 KB 187ms
187ms Image
image/png 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinhte.vn/styles/default/TinhteMods/avatars/avatar_8.png
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 32d093159756c9c2270cef89318f1e0f77e97ebd48e38156df4c28bbc2aa91e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:32 GMT
Last-Modified: Wed, 09 Mar 2022 07:58:30 GMT
Server: nginx
ETag: "62285e26-22e4"
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 8932
Expires: Thu, 16 Mar 2023 06:47:32 GMT

GET
H/1.1 200
OK 2460088.jpg
photo2.tinhte.vn/data/avatars/m/2460/ 4 KB
4 KB 184ms
184ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/2460/2460088.jpg?1533459654
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: b0cb89a45d4cf607296f2e44ece00e316d5ff0916072d513a06d83cdf7680dae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
Last-Modified: Sun, 05 Aug 2018 09:00:56 GMT
Server: nginx
ETag: "5b66bcc8-fd1"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 4049
Expires: Thu, 16 Mar 2023 06:47:29 GMT

GET
H/1.1 200
OK 500357.jpg
photo2.tinhte.vn/data/avatars/m/500/ 3 KB
3 KB 179ms
178ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/500/500357.jpg?1394077624
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: 7322666005dfdb2c9705a8520adc45caf228b202f70a8768d0841e522a8631fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
Last-Modified: Thu, 06 Mar 2014 02:15:04 GMT
Server: nginx
ETag: "5317da28-b16"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 2838
Expires: Thu, 16 Mar 2023 06:47:29 GMT

GET
H/1.1 200
OK 199393.jpg
photo2.tinhte.vn/data/avatars/m/199/ 4 KB
4 KB 177ms
176ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/199/199393.jpg?1394077624
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: e48227ab002b73c5b1a01b2e6fa51b614a3447736c1f06d19164af64dd8f7ee9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
Last-Modified: Thu, 06 Mar 2014 02:12:57 GMT
Server: nginx
ETag: "5317d9a9-f2c"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 3884
Expires: Thu, 16 Mar 2023 06:47:29 GMT

GET
H/1.1 200
OK avatar_male_6.png
tinhte.vn/styles/default/TinhteMods/avatars/ 12 KB
12 KB 185ms
185ms Image
image/png 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinhte.vn/styles/default/TinhteMods/avatars/avatar_male_6.png
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: e8370dd5cad832657dc3f7ca968e56a88aa3d3924c37be3a392fa5562b91d0ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:32 GMT
Last-Modified: Wed, 09 Mar 2022 07:58:30 GMT
Server: nginx
ETag: "62285e26-2ec4"
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 11972
Expires: Thu, 16 Mar 2023 06:47:32 GMT

GET
H/1.1 200
OK avatar_male_1.png
tinhte.vn/styles/default/TinhteMods/avatars/ 11 KB
11 KB 185ms
185ms Image
image/png 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinhte.vn/styles/default/TinhteMods/avatars/avatar_male_1.png
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 1a700bbc3eba7686b59511a6fba2ca86361f0147f540aa68372ac2519d460f6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:30 GMT
Last-Modified: Wed, 09 Mar 2022 07:56:48 GMT
Server: nginx
ETag: "62285dc0-2be3"
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 11235
Expires: Thu, 16 Mar 2023 06:47:30 GMT

GET
H/1.1 200
OK 2143500.jpg
photo2.tinhte.vn/data/avatars/m/2143/ 4 KB
5 KB 184ms
184ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/2143/2143500.jpg?1556669988
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: 6041a8e047c178797edf1799c9ee9bd31b8ed148c64d8ea306f22e523f85c5da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
Last-Modified: Wed, 01 May 2019 00:19:48 GMT
Server: nginx
ETag: "5cc8e624-115f"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 4447
Expires: Thu, 16 Mar 2023 06:47:29 GMT

GET
H/1.1 200
OK 737067.jpg
photo2.tinhte.vn/data/avatars/m/737/ 3 KB
4 KB 184ms
183ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/737/737067.jpg?1400244835
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: a9c34e41f55683584c7576b8de7b7f956ed726a8751d5f011e19812195d50cfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
Last-Modified: Fri, 16 May 2014 12:53:45 GMT
Server: nginx
ETag: "53760a59-de7"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 3559
Expires: Thu, 16 Mar 2023 06:47:29 GMT

GET
H/1.1 200
OK 210010.jpg
photo2.tinhte.vn/data/avatars/m/210/ 3 KB
4 KB 176ms
176ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/210/210010.jpg?1587797416
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: 14b126d34a8400aea952c0492d66f2c1b13b2a6bac3b38245bdbc0b437838254

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:29 GMT
Last-Modified: Sat, 25 Apr 2020 06:50:17 GMT
Server: nginx
ETag: "5ea3dda9-cf5"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 3317
Expires: Thu, 16 Mar 2023 06:47:29 GMT

GET
H/1.1 200
OK 891359.jpg
photo2.tinhte.vn/data/avatars/m/891/ 12 KB
13 KB 184ms
184ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/891/891359.jpg?1646801572
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: 527518673a83e9145dfcf4aeb954dd457d70ce41b89a54a2469edc2890f48a98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:30 GMT
Last-Modified: Wed, 09 Mar 2022 04:52:54 GMT
Server: nginx
ETag: "622832a6-31c3"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 12739
Expires: Thu, 16 Mar 2023 06:47:30 GMT

GET
H/1.1 200
OK 988964.jpg
photo2.tinhte.vn/data/avatars/m/988/ 10 KB
11 KB 179ms
179ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/988/988964.jpg?1582810024
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: e591cabb8b6ba2d08a80edfe4b94789d08165ed38a4717630600ab8e717d3038

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:30 GMT
Last-Modified: Thu, 27 Feb 2020 13:27:04 GMT
Server: nginx
ETag: "5e57c3a8-29c0"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 10688
Expires: Thu, 16 Mar 2023 06:47:30 GMT

GET
H/1.1 200
OK 493564.jpg
photo2.tinhte.vn/data/avatars/m/493/ 5 KB
5 KB 177ms
176ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/493/493564.jpg?1641146928
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: ecfa156e6137f15beab57ab65c3067ca8640d7b76cef07210618ac88d5274f1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:30 GMT
Last-Modified: Sun, 02 Jan 2022 18:08:48 GMT
Server: nginx
ETag: "61d1ea30-1227"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 4647
Expires: Thu, 16 Mar 2023 06:47:30 GMT

GET
H/1.1 200
OK 1363387.jpg
photo2.tinhte.vn/data/avatars/m/1363/ 14 KB
14 KB 186ms
186ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/1363/1363387.jpg?1586772827
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: 3ed1d10628f647897cd87e6711af68302c2039e157e8002d660d91119ad3d17a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:30 GMT
Last-Modified: Mon, 13 Apr 2020 10:13:48 GMT
Server: nginx
ETag: "5e943b5c-3784"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 14212
Expires: Thu, 16 Mar 2023 06:47:30 GMT

GET
H/1.1 200
OK 2886859.jpg
photo2.tinhte.vn/data/avatars/m/2886/ 3 KB
3 KB 184ms
184ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/2886/2886859.jpg?1641112909
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: a95ca1b12e9363f9ae590bb8a767cccd45174364b44833624691822ec63c55b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:30 GMT
Last-Modified: Sun, 02 Jan 2022 08:41:51 GMT
Server: nginx
ETag: "61d1654f-a80"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 2688
Expires: Thu, 16 Mar 2023 06:47:30 GMT

GET
H/1.1 200
OK avatar_2.png
tinhte.vn/styles/default/TinhteMods/avatars/ 9 KB
9 KB 185ms
185ms Image
image/png 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinhte.vn/styles/default/TinhteMods/avatars/avatar_2.png
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 8409ddadb3657d33491bbcbd222b83c6d2b7941bb956be9ba148ed4bc12172c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:30 GMT
Last-Modified: Wed, 09 Mar 2022 07:56:48 GMT
Server: nginx
ETag: "62285dc0-241d"
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 9245
Expires: Thu, 16 Mar 2023 06:47:30 GMT

GET
H/1.1 200
OK 2413663.jpg
photo2.tinhte.vn/data/avatars/m/2413/ 2 KB
3 KB 176ms
176ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/m/2413/2413663.jpg?1521535920
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: c29e1752bc9b3a7313894034f6c3a197e8fbe28a6f9fb5a858d25f655742b540

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:30 GMT
Last-Modified: Tue, 20 Mar 2018 08:52:01 GMT
Server: nginx
ETag: "5ab0cbb1-948"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 2376
Expires: Thu, 16 Mar 2023 06:47:30 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ 292 KB
105 KB 120ms
73ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4328742155432872&plah=tinhte.vn

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4990d3e0028e6fbbb2a40f6413bd248421fad4d0f9542e49ebaf9e6da2e5583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107539
x-xss-protection: 0
server: cafe
etag: 1435358337055914698
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 06:47:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220314/r20190131/ Frame 2704 10 KB
5 KB 127ms
39ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220314/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Wed, 16 Mar 2022 01:29:16 GMT
expires: Wed, 30 Mar 2022 01:29:16 GMT
cache-control: public, max-age=1209600
age: 19091
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 280 KB
80 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=1ef69c062147c37cc80d5cad6769bda4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

910f32e1d6020fe77642d6e814158eb5a7274a465c090126b4c9706eabc0f798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://tinhte.vn/
Origin: https://tinhte.vn
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Taz+G88utVYCM/5JcpwWwg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 16 Mar 2023 04:08:12 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 81453
x-fb-rlafr: 0
x-fb-debug: DCjGUNgleX/wypPFIC89icrtlbX+u/tRA9YexXY4VQY5DRj3iMnIhCJUwx5RAKg+nVVWk4DGmXfeXFn8K9/zZQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: fd2d3429780fea25fccc2fe63e50d6d3
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Mar 2022 06:47:27 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "ee69e13199d34c4baf5768287813900b"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 559511104461231 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/559511104461231?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fb0de6575a8aea2366c7b48c6ef3a336883873951bc9d0d7c449ced208d7265d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89260
x-xss-protection: 0
pragma: public
x-fb-debug: UradFOSHcCrNYJ9SM1ADWvaSrcPFUTusFi+dVq/+xCaBdtCQz7PAG+tHi2rV14138cW4dh37crUeNWBn+qA70w==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 16 Mar 2022 06:47:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 24ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=559511104461231&ev=PageView&dl=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&rl=&if=false&ts=1647413247864&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1647413247863.315350077&it=1647413247822&coo=false&exp=p0&rqm=GET

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 16 Mar 2022 06:47:27 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 20ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=559511104461231&ev=ViewContent&dl=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&rl=&if=false&ts=1647413247866&cd[value]=1&cd[currency]=VND&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1647413247863.315350077&it=1647413247822&coo=false&exp=p0&rqm=GET

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 16 Mar 2022 06:47:27 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=145923738846814&ev=fb_page_view&dl=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&rl=&if=false&ts=1647413247885&sw=1600&sh=1200&at=

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 16 Mar 2022 06:47:27 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 88ms
43ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=371717794&t=pageview&_s=1&dl=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&ul=en-us&de=UTF-8&dt=Microsoft%20l%E1%BA%A1i%20qu%E1%BA%A3ng%20c%C3%A1o%20trong%20File%20Explorer%2C%20anh%20em%20c%C3%B3%20kh%C3%B3%20ch%E1%BB%8Bu%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1867458544&gjid=160587490&cid=1323063238.1647413248&tid=UA-2120640-1&_gid=165681531.1647413248&_r=1&_slc=1&z=882033428

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tinhte.vn/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tinhte.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 149 KB
56 KB 104ms
57ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L2J9ZH0B0E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0c120214f1286dfb611184b8645e8e700e978f9d9d7b947cb39dff74871b898

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56831
x-xss-protection: 0
expires: Wed, 16 Mar 2022 06:47:28 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
438 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2120640-1&cid=1323063238.1647413248&jid=1867458544&gjid=160587490&_gid=165681531.1647413248&_u=IEBAAEAAAAAAAC~&z=501833462

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tinhte.vn/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 16 Mar 2022 06:47:28 GMT
content-type: text/plain
access-control-allow-origin: https://tinhte.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
643 B 131ms
47ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tinhte.vn&callback=_gfp_s_&client=ca-pub-4328742155432872

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4328742155432872&plah=tinhte.vn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ebca386a3da7b767a27b3510eeaa687a2cf9dbe288432f40246890f4bfa46437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 132ms
46ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tinhte.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 06:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 129ms
48ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tinhte.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 06:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&tn=BUTTON&id=jumpToTop&cls=jsx-3921306811%20button&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BB61 0
19 B 181ms
133ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4328742155432872&output=html&adk=1812271804&adf=3025194257&lmt=1647413248&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647413247804&bpp=2&bdt=877&idt=216&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7002574165498&frm=20&pv=2&ga_vid=1323063238.1647413248&ga_sid=1647413248&ga_hid=371717794&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065531&oid=2&pvsid=365009433287654&pem=129&tmod=1540678822&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=235

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 16 Mar 2022 06:47:28 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Mar 2022 06:47:28 GMT
cache-control: private

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 137ms
54ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2120640-1&cid=1323063238.1647413248&jid=1867458544&_u=IEBAAEAAAAAAAC~&z=175148348

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 134ms
50ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2120640-1&cid=1323063238.1647413248&jid=1867458544&_u=IEBAAEAAAAAAAC~&z=175148348

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 43ms
43ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-L2J9ZH0B0E&gtm=2oe3e0&_p=371717794&sr=1600x1200&ul=en-us&_fid=fL3LxZ6FeJz2i69EDGU3Ag&cid=1323063238.1647413248&_s=1&dl=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&dt=Microsoft%20l%E1%BA%A1i%20qu%E1%BA%A3ng%20c%C3%A1o%20trong%20File%20Explorer%2C%20anh%20em%20c%C3%B3%20kh%C3%B3%20ch%E1%BB%8Bu%3F&sid=1647413247&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.origin=firebase
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L2J9ZH0B0E&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tinhte.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads_code_1.ads Show response
media1.admicro.vn/ads_codes/ 0
236 B 731ms
731ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/ads_codes/ads_code_1.ads
Requested by: Host: static.amcdn.vn
URL: https://static.amcdn.vn/tka/cdn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:28 GMT
content-encoding: gzip
last-modified: Tue, 27 Apr 2021 04:47:24 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
content-length: 23
expires: Wed, 16 Mar 2022 06:57:28 GMT

GET
H2 200 lgnews.js Show response
media1.admicro.vn/core/ 14 KB
4 KB 727ms
727ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/core/lgnews.js
Requested by: Host: static.amcdn.vn
URL: https://static.amcdn.vn/tka/cdn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: 0ec09a1950b0dd4489389e16dba633b49a000322539cf61340e06b28f5462e27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:28 GMT
content-encoding: gzip
last-modified: Wed, 11 Sep 2019 08:17:54 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 16 Mar 2022 06:57:28 GMT

GET
H2 200 ftest
amcdn.vn/ 35 B
447 B 310ms
223ms Image
image/gif 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amcdn.vn/ftest?lsn=774e265a7903b2f677dad103aacd5a10&dg=774e265a7903b2f677dad103aacd5a10&ui=&url=http%3A%2F%2F1tinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&rd=0.7855694563013622
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: aws/v1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:28 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/v1
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ftest
lg1.logging.admicro.vn/ 35 B
608 B 764ms
217ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/ftest?lsn=774e265a7903b2f677dad103aacd5a10&dg=774e265a7903b2f677dad103aacd5a10&ui=&url=http%3A%2F%2F2tinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&rd=0.09925455338778422
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:29 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
content-length: 35
content-type: image/gif

GET
H2 200 _tracking1.gif
lg1.logging.admicro.vn/ 35 B
705 B 763ms
216ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg1.logging.admicro.vn/_tracking1.gif?dg=774e265a7903b2f677dad103aacd5a10&fl=-1.-1.&je=0&sr=1600x1200&sc=24&hn=tinhte.vn&p=%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&r=&cat=&g=0&i=v%3B1647413248338%3B0%3B0%3B1%3B0%3B0%3B1600x1200%3B0%3B0%3B774e265a7903b2f677dad103aacd5a10%3B774e265a7903b2f677dad103aacd5a10%3BGA1.1.1323063238.1647413248%3B-1647413246176%3B10%3B371%3B365%3B369%3B0%3B1617%3B-1647413246176&rdm=0.27476247305064216&ce=1&lc=&cr=&ui=

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Frame-Options	allowall

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:29 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
x-frame-options: allowall
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmd_track
amcdn.vn/ 35 B
236 B 309ms
223ms Image
image/gif 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amcdn.vn/cmd_track?lsn=774e265a7903b2f677dad103aacd5a10&dg=774e265a7903b2f677dad103aacd5a10&ui=&fl=-1.-1.&je=0&sr=1600x1200&sc=24&hn=tinhte.vn&p=%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&r=&cat=&vp=1600x1200
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: aws/v1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:28 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/v1
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 0128 0
17 B 17ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://tinhte.vn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/

Response headers

content-type: text/plain
access-control-allow-origin: https://tinhte.vn
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Wed, 16 Mar 2022 06:47:28 GMT

GET
H2 200 visen.js Show response
media1.admicro.vn/core/ 24 KB
6 KB 216ms
216ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/core/visen.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/lgnews.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: 192873853d478c9c58b6ea5154619e1a16398ba8d18e107cde2b214de16eb2a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:29 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 11:03:45 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 16 Mar 2022 06:57:29 GMT

GET
H/1.1 200
OK css.php
tinhte.vn/ 4 KB
5 KB 184ms
184ms Stylesheet
text/css 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/css.php?css=bdimage&style=85&dir=LTR&d=1646488561
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 17beb724d6442cefce729fbb45d21875f3394176eda9b0380edd1fc59c013879

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:32 GMT
Cache-Control: public
Last-Modified: Sat, 05 Mar 2022 13:56:01 GMT
Server: nginx
Content-Type: text/css; charset=utf-8
Content-Length: 4374
Expires: Wed, 01 Jan 2020 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 133ms
48ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/_next/static/chunks/2405-3c8e6abce4486edcdd1f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

641c466f4ae65627c9e6f0b74e49be0f8b49decc483f0e65a5e6c4093515c23b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27827
x-xss-protection: 0
server: sffe
etag: "1159 / 367 of 1000 / last-modified: 1647382627"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 16 Mar 2022 06:47:29 GMT

GET
H/1.1 200
OK css.php
tinhte.vn/ 4 KB
4 KB 187ms
186ms Stylesheet
text/css 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/css.php?css=bb_code&style=85&dir=LTR&d=1646488561
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: aa757229dd475b6eb8d464b1dde010ec23b4ff478da2124daabb10b80f5fcbc9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:32 GMT
Cache-Control: public
Last-Modified: Sat, 05 Mar 2022 13:56:01 GMT
Server: nginx
Content-Type: text/css; charset=utf-8
Content-Length: 4099
Expires: Wed, 01 Jan 2020 00:00:00 GMT

GET
H/1.1 200
OK xenforo.js Show response
tinhte.vn/js/xenforo/ 166 KB
53 KB 193ms
192ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/js/xenforo/xenforo.js?_v=db8e919a
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/_next/static/chunks/2307-feae7dda82de23a1853f.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: d4abe0ab3ebdcc83eccd33a616828aef540e3eb1392169c9cd97ea71ac6dff2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Mar 2022 07:56:48 GMT
Server: nginx
ETag: W/"62285dc0-29747"
Vary: Accept-Encoding, Origin
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Transfer-Encoding: chunked
Expires: Thu, 16 Mar 2023 06:47:30 GMT

GET
H/1.1 200
OK css.php
tinhte.vn/ 7 KB
7 KB 179ms
179ms Stylesheet
text/css 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/css.php?css=bb_code,bdlinkexpander&style=85&dir=LTR&d=1646488561
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 7eddb2259dd579a777d00e79511e7f265ddeddd3aadd2dd48a03bcec7498cf22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:32 GMT
Cache-Control: public
Last-Modified: Sat, 05 Mar 2022 13:56:01 GMT
Server: nginx
Content-Type: text/css; charset=utf-8
Content-Length: 6897
Expires: Wed, 01 Jan 2020 00:00:00 GMT

GET
H/1.1 200
OK css.php
tinhte.vn/ 3 KB
3 KB 218ms
177ms Stylesheet
text/css 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/css.php?css=bdlinkexpander&style=85&dir=LTR&d=1646488561
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 3ecad2f79ebd41ceb45a05928997f84f0aed2b584b6236b223238aac78ae6163

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:32 GMT
Cache-Control: public
Last-Modified: Sat, 05 Mar 2022 13:56:01 GMT
Server: nginx
Content-Type: text/css; charset=utf-8
Content-Length: 2846
Expires: Wed, 01 Jan 2020 00:00:00 GMT

GET
H/1.1 200
OK data.json Show response
tinhte.vn/v2/js/ 115 B
673 B 292ms
188ms Fetch
application/json 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/v2/js/data.json?service=Facebook&url=https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/_next/static/chunks/pages/threadUIView-96204ec7afa3fa117fd8.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: c7ea03a707f9fbfeb7260fc7306233d3b8dbb9fc9ac8603a54b8c89cea276a2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:32 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, Accept-Encoding, Origin
Content-Type: application/json
X-Cloud-Trace-Context: a8c8dc927ee942cf7e3c652b9715b607
Cache-Control: public; max-age=300
X-Appengine-Log-Flush-Count: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 127
Expires: Wed, 16 Mar 2022 06:49:42 UTC

GET
H2 200 arf-kmd75j6t.min.js Show response
media1.admicro.vn/cms/ 8 KB
3 KB 222ms
222ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/cms/arf-kmd75j6t.min.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/cms/Arf.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: b83eee3486cfac26c290d0d41ce54ddb872725faefcaa238583d66d74dbb16b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:30 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 06:33:03 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 16 Mar 2022 06:57:30 GMT

GET
H2 200 arf-kmd69fot.min.js Show response
media1.admicro.vn/cms/ 5 KB
2 KB 221ms
221ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/cms/arf-kmd69fot.min.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/cms/Arf.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: eba13edec073c7020325e996918b34cc9beeba1641fefdd88a1f00262baa2dfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:30 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 06:02:47 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 16 Mar 2022 06:57:30 GMT

GET
H2 404 arf-NTU3OjE1NjE1.min.js
media1.admicro.vn/cms/ 0
0 221ms
221ms Script
text/plain 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/cms/arf-NTU3OjE1NjE1.min.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/cms/Arf.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 arf-kmd65c33.min.js Show response
media1.admicro.vn/cms/ 5 KB
2 KB 221ms
221ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/cms/arf-kmd65c33.min.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/cms/Arf.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: be3f9a55ec645fd5a42c8dbda5a5b3c3b43d4a0e2983f6329b1014ada876bdbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:30 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 06:33:03 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 16 Mar 2022 06:57:30 GMT

GET
H2 200 arf-kmd6509n.min.js Show response
media1.admicro.vn/cms/ 5 KB
2 KB 222ms
221ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/cms/arf-kmd6509n.min.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/cms/Arf.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: a904dca64adbcb280ebf7e9aedff71569538ddcdd2966fc5c887ac49d845a7f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:30 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 06:33:03 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 16 Mar 2022 06:57:30 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 91ms
46ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tinhte.vn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 06:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 97ms
50ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tinhte.vn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 06:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D7B0 77 KB
25 KB 310ms
310ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4328742155432872&output=html&h=1066&slotname=9899595386&adk=3462276760&adf=283292611&pi=t.ma~as.9899595386&w=310&cr_col=1&cr_row=13&fwrn=4&lmt=1647413250&rafmt=9&psa=0&format=310x1066&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&flash=0&crui=image_sidebyside&fwr=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647413249813&bpp=3&bdt=2886&idt=3&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D505bfcd1677e4221-2289cd105ccd0088%3AT%3D1647413248%3ART%3D1647413248%3AS%3DALNI_MaP3lcfHCdFZqSC4jU3_C8wvcbCuQ&prev_fmts=0x0&nras=1&correlator=7002574165498&frm=20&pv=1&ga_vid=1323063238.1647413248&ga_sid=1647413248&ga_hid=371717794&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1042&ady=1260&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065531&oid=2&pvsid=365009433287654&pem=129&tmod=1540678822&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=2GZNamYcJX&p=https%3A//tinhte.vn&dtd=589

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3f9e8f83d73bd3da9cd0e98d1d3be4ec421fc8573c95bd277854a4d4eea9ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 16 Mar 2022 06:47:30 GMT
server: cafe
content-length: 25967
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Mar 2022 06:47:30 GMT
cache-control: private

POST
H/1.1 200
OK index.php Show response
tinhte.vn/appforo/ 2 KB
2 KB 543ms
242ms Fetch
application/json 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL

https://tinhte.vn/appforo/index.php?batch&oauth_token=0%2C1647416807%2C119615d82e7046fda782eb466adb3634%2Clxi7g2zolu

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/_next/static/chunks/8484-5bec3a046991ad835f83.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),

Reverse DNS

Software

nginx /

Resource Hash

4a9311ed0f0c4ed97f84a4d4dea6b7009148d78cbe5c7f693be362f5c7b080e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 16 Mar 2022 06:47:30 GMT
Last-Modified: Wed, 16 Mar 2022 06:47:30 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://tinhte.vn
Cache-control: private, max-age=0
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=15768000
Content-Length: 1883
X-Xss-Protection: 1
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
BLOB 200
OK c50b300e-7ae5-4e87-9976-2804f8fa8c97
https://tinhte.vn/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tinhte.vn/c50b300e-7ae5-4e87-9976-2804f8fa8c97
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 _tracking1.gif Show response
lg1.logging.admicro.vn/ Frame B20C 720 B
1 KB 232ms
231ms Document
text/html 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://lg1.logging.admicro.vn/_tracking1.gif?dg=774e265a7903b2f677dad103aacd5a10&fl=-1.-1.&je=0&sr=1600x1200&sc=24&hn=tinhte.vn&p=%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&r=&cat=&g=0&i=s%3B1647413248338%3B0%3B0%3B1%3B0%3B0%3B1600x1200%3B0%3B0%3B774e265a7903b2f677dad103aacd5a10%3B774e265a7903b2f677dad103aacd5a10%3BGA1.1.1323063238.1647413248%3B-1647413246176%3B10%3B371%3B365%3B369%3B0%3B1617%3B-1647413246176&rdm=0.9484220904851746&ce=1&lc=&cr=&ui=

Requested by

Host: static.amcdn.vn
URL: https://static.amcdn.vn/tka/cdn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

Resource Hash

a170573fbe5efc3f98ee6cc7a10e68540fc6829ab8d9f5df424b1c86dbe6d2ae

Security Headers

Name	Value
X-Frame-Options	allowall

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=utf-8
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
pragma: no-cache
x-frame-options: allowall
date: Wed, 16 Mar 2022 06:47:30 GMT
content-length: 720

POST
H/1.1 200
OK index.php
tinhte.vn/appforo/ 77 B
519 B 533ms
229ms Ping
application/json 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL

https://tinhte.vn/appforo/index.php?tinhte-analytics/log&data=%7B%22id%22%3A%220972ab9b-622c-4b3c-953e-179e13e06998%22%2C%22event_name%22%3A%22page_view%22%2C%22event_timestamp%22%3A1647413250408%2C%22platform%22%3A%22web%22%2C%22web_info%22%3A%7B%22browser_height%22%3A1600%2C%22browser_width%22%3A1600%2C%22screen_height%22%3A1200%2C%22screen_width%22%3A1600%2C%22referrer%22%3A%22%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22url%22%3A%22https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F%22%7D%2C%22traffic_source%22%3A%7B%22source%22%3Anull%2C%22medium%22%3Anull%2C%22name%22%3Anull%7D%2C%22attributes%22%3A%5B%7B%22key%22%3A%22page_name%22%2C%22value%22%3A%22threadview_detail%22%7D%2C%7B%22key%22%3A%22thread_id%22%2C%22value%22%3A3489180%7D%2C%7B%22key%22%3A%22page_number%22%2C%22value%22%3A1%7D%5D%2C%22user_pseudo_id%22%3A%227c991fcd6212b6a3e750e089d5a522aa%22%7D&signature=5c0982a4bd7196a8ba6e57f5877db89e.1647413250802&oauth_token=0,1647416807,119615d82e7046fda782eb466adb3634,lxi7g2zolu

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/_next/static/chunks/2307-feae7dda82de23a1853f.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),

Reverse DNS

Software

nginx /

Resource Hash

d0ec2f94d09bce29d4c929862866e00386eea7a06b8f7467520310ea98d6b95c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:31 GMT
Last-Modified: Wed, 16 Mar 2022 06:47:31 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://tinhte.vn
Cache-control: private, max-age=0
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=15768000
Content-Length: 77
X-Xss-Protection: 1
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 pubads_impl_2022031001.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
123 KB 129ms
44ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065650

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

50ef77c247263fdc6e0308a69334a3064176a1f4803e90eb0b45370231044fb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 17:25:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125087
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 09:34:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Mar 2023 17:25:44 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 82 B
715 B 132ms
51ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=tinhte.vn

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

b6cd300e5defab2ac91d8d4fe7569db7a241b64f1d410c6d24dbf2b3d4438d04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 06:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79
x-xss-protection: 0
expires: Wed, 16 Mar 2022 06:47:30 GMT

GET
H3 200 eb03ae4a64bc28140afe8fd5a16bbea0.js Show response
www.gstatic.com/mysidia/ Frame D7B0 9 KB
4 KB 87ms
39ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eb03ae4a64bc28140afe8fd5a16bbea0.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4328742155432872&output=html&h=1066&slotname=9899595386&adk=3462276760&adf=283292611&pi=t.ma~as.9899595386&w=310&cr_col=1&cr_row=13&fwrn=4&lmt=1647413250&rafmt=9&psa=0&format=310x1066&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&flash=0&crui=image_sidebyside&fwr=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647413249813&bpp=3&bdt=2886&idt=3&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D505bfcd1677e4221-2289cd105ccd0088%3AT%3D1647413248%3ART%3D1647413248%3AS%3DALNI_MaP3lcfHCdFZqSC4jU3_C8wvcbCuQ&prev_fmts=0x0&nras=1&correlator=7002574165498&frm=20&pv=1&ga_vid=1323063238.1647413248&ga_sid=1647413248&ga_hid=371717794&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1042&ady=1260&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065531&oid=2&pvsid=365009433287654&pem=129&tmod=1540678822&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=2GZNamYcJX&p=https%3A//tinhte.vn&dtd=589

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceb6019241751dffe336346c5c4540634a286aa657911b6766b77e6ee4da3620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 03:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3743
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 07:09:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 03:16:11 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D7B0 8 KB
1 KB 147ms
63ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 06:42:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Mar 2022 06:47:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Mar 2022 06:47:30 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame D7B0 2 KB
904 B 69ms
33ms Script
text/javascript 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 06:46:36 GMT

GET
H3 200 eaf55644c6b46241403ab0e6c36a8cbf.js Show response
www.gstatic.com/mysidia/ Frame D7B0 19 KB
8 KB 88ms
40ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eaf55644c6b46241403ab0e6c36a8cbf.js?tag=exit_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e77a090527ac97d11f27313c82684fa09009c201f10fb45705c3016f6477e1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 02:50:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8199
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 07:09:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 02:50:33 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/ Frame D7B0 19 KB
8 KB 45ms
14ms Script
text/javascript 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2390
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 06:07:40 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame D7B0 2 KB
1 KB 69ms
33ms Script
text/javascript 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 05:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2985
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 05:57:45 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame D7B0 15 KB
6 KB 47ms
16ms Script
text/javascript 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:41:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 06:41:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D7B0 0
0 117ms
53ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSC1keJdz1iNbvvk1izOuYpNyopefGYBip7e8NjT31MtPfU9s0_O1yK66kB5mQqRbctj00QETUnjtMtQJkhqXqjGLeg4A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4328742155432872&output=html&h=1066&slotname=9899595386&adk=3462276760&adf=283292611&pi=t.ma~as.9899595386&w=310&cr_col=1&cr_row=13&fwrn=4&lmt=1647413250&rafmt=9&psa=0&format=310x1066&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&flash=0&crui=image_sidebyside&fwr=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647413249813&bpp=3&bdt=2886&idt=3&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D505bfcd1677e4221-2289cd105ccd0088%3AT%3D1647413248%3ART%3D1647413248%3AS%3DALNI_MaP3lcfHCdFZqSC4jU3_C8wvcbCuQ&prev_fmts=0x0&nras=1&correlator=7002574165498&frm=20&pv=1&ga_vid=1323063238.1647413248&ga_sid=1647413248&ga_hid=371717794&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1042&ady=1260&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065531&oid=2&pvsid=365009433287654&pem=129&tmod=1540678822&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=2GZNamYcJX&p=https%3A//tinhte.vn&dtd=589
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D7B0 117 KB
36 KB 134ms
71ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 06:47:31 GMT

GET
H/1.1 200
OK script.min.js Show response
tinhte.vn/js/bdPostTree/ 10 KB
10 KB 509ms
208ms Script
application/javascript 125.212.247.8
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhte.vn/js/bdPostTree/script.min.js?_v=db8e919a
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/_next/static/chunks/2307-feae7dda82de23a1853f.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 5804a4893b9e900006e1efd5a0c070eb82ce27a023aec65f78b44767a9efb256

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:33 GMT
Last-Modified: Wed, 09 Mar 2022 07:58:29 GMT
Server: nginx
ETag: "62285e25-27ab"
Vary: Origin
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 10155
Expires: Thu, 16 Mar 2023 06:47:33 GMT

GET
H2 200 external_ad Show response
ssp.qc.coccoc.com/ 311 B
681 B 1029ms
436ms Fetch
text/plain 123.30.175.112
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.qc.coccoc.com/external_ad?ssp_name=24h&location=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&placement=ccadnet_67_132
Requested by: Host: cdn2.cache.vn
URL: https://cdn2.cache.vn/banners/sspAnetTest/cc_ssp_new.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.175.112 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: coccoc.com
Software: nginx /
Resource Hash: 745f43e1ad703e1a3284fca5f58914fb1c635ba746b8e2714dc042c08298f719

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Wed, 16 Mar 2022 06:47:31 GMT
server: nginx
access-control-allow-methods: GET,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://tinhte.vn
access-control-expose-headers: Accept-Ranges,Content-Encoding,Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: Range
content-length: 311

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D7B0 3 KB
3 KB 82ms
18ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoFFG_Fahrzeug%25C2%25ADwerkst%25C3%25A4tten_Falkenried_GmbH__70690DE.gif%3Feb%3D1&ups=1&v=3&w=800&s=_N2eekSjEreiyCUUOLJBfpbc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

01b8f0af105e0ada2d3c18d779e290524ca4a325d20c5039236528ada5e80ea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:30 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1850083
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2848
expires: Wed, 06 Apr 2022 16:42:14 GMT

GET
H2 200 lgn.php Show response
cat.fr.eu.criteo.com/m/delivery/ Frame D7B0 43 B
347 B 78ms
25ms Fetch
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lgn.php?cppv=3&cpp=G6ladS5f9Tv4It1Vt-rVQBMGTVIQtbNmDUHAqhJZoNa-eo8mFj1LrH44NHeDQmw_MB7ci90iG5smAnz0mXc64rXVmqeNHxaEPSfgoKWDa3W9vcQlMIAtM7p_nI3Qqx9y4GhVsUanG8DrjVKA4SRXmYJY-41LGtWq4_ZtsnhLLXZ6VCtGMObG5mSGjRNPedhNRz3uV25Zv3SK7q4W5XYAGMOFTcyOhxkeWxQy-F88_QbmljKU-7bk6StN0pul08DI7oC5ONxoJCVQjI5nDNW4HhpIQvVOFrd2wEeTZt63IYutWl1P20swcWXAUZtbf5ap23eZ6vsFCnW544ql97X4y83ivWZNSFmzWYv4ANwiPdra2L20MWSnIMbWCyvG9qr4Z6gwAY8JSLIj4SE_QnZTAUm98qakSDk5QvlfwzP5Jgd4PbOVkqJspFFKkI05__lvAvxrn_ZwA2O2Ew9ujMwQ9e8sWU3v8KRCpMSju3Z_M7esz234K0l3m0DbcwHatDP76Y-i-JNTPCoco3DwCJMwkgzbsDs&z=YjGIAgAGs_QK7caGAAJyDq2REYgUMb7AJF5h3w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:30 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2832511
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame D7B0 0
0 99ms
17ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=V-b8EIrGMAAAnYNiAgIAAADr-H-gTCZ23z7uGrvejV2LAMhy-BACiDFids4Ou8ZddJN26M4AEg&wp=YjGIAgAGs_QK7caGAAJyDq2REYgUMb7AJF5h3w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:30 GMT
server: Kestrel
server-processing-duration-in-ticks: 220716
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 m
secure-gg.imrworldwide.com/cgi-bin/ Frame D7B0 0
0 175ms
30ms Fetch 34.246.197.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-gg.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1647413250&c9=devid,&c13=asid,
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4328742155432872&output=html&h=1066&slotname=9899595386&adk=3462276760&adf=283292611&pi=t.ma~as.9899595386&w=310&cr_col=1&cr_row=13&fwrn=4&lmt=1647413250&rafmt=9&psa=0&format=310x1066&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&flash=0&crui=image_sidebyside&fwr=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647413249813&bpp=3&bdt=2886&idt=3&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D505bfcd1677e4221-2289cd105ccd0088%3AT%3D1647413248%3ART%3D1647413248%3AS%3DALNI_MaP3lcfHCdFZqSC4jU3_C8wvcbCuQ&prev_fmts=0x0&nras=1&correlator=7002574165498&frm=20&pv=1&ga_vid=1323063238.1647413248&ga_sid=1647413248&ga_hid=371717794&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1042&ady=1260&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065531&oid=2&pvsid=365009433287654&pem=129&tmod=1540678822&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=2GZNamYcJX&p=https%3A//tinhte.vn&dtd=589
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.197.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-197-130.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gg.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D7B0 0
0 88ms
83ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUS1-AogxYvTnGoaNtweO5Im4CMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDMyODc0MjE1NTQzMjg3MqAB1bbS6gPIAQmpAs-oIhDpZbI-qAMBqgSJAk_QVfzqnORtD_XVFwXHQIvqOteRiubh4dX0YTpqUNFPNdxUrgQmQU3M0BoFE5NXiIChUL61KMCyWu1LqACqJNwsPU_y8bkx9yGY65XzQz44-foa-ISeauQqqtXmFG-H4Hpq5uLb0aAuUDwyjtY6sqhDg0oCea2RopXHIQw7a8CYxxmmfTsM6qLM8qv-vpwzl9k53u4fGs5w9-ozxikmsxnUStmAwJrAQpVE83H5h3TJQO8XPzumCLlf5g5D6jDTGXgJraaw66svEm40tg6o5Ph3AK7v9BoCWxA6KWYZz317mP_truo4pNjtvIHS7ayWpfyxme-9NKkzYdqXzv1NsXM-gntqniSBjt2ABvCDsYeu4-TdIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQzMjg3NDIxNTU0MzI4NzIYAA&sigh=sWyTvkPVqYs&uach_m=[UACH]&cid=CAQSOwCNIrLMhTC_T7WV_XVftE1trnTfz74U_xFpGahrjrJj43uUhp2sobycG2B8H_mknGecqTuDGlHmJIJpGAE&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4328742155432872&output=html&h=1066&slotname=9899595386&adk=3462276760&adf=283292611&pi=t.ma~as.9899595386&w=310&cr_col=1&cr_row=13&fwrn=4&lmt=1647413250&rafmt=9&psa=0&format=310x1066&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&flash=0&crui=image_sidebyside&fwr=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647413249813&bpp=3&bdt=2886&idt=3&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D505bfcd1677e4221-2289cd105ccd0088%3AT%3D1647413248%3ART%3D1647413248%3AS%3DALNI_MaP3lcfHCdFZqSC4jU3_C8wvcbCuQ&prev_fmts=0x0&nras=1&correlator=7002574165498&frm=20&pv=1&ga_vid=1323063238.1647413248&ga_sid=1647413248&ga_hid=371717794&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1042&ady=1260&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065531&oid=2&pvsid=365009433287654&pem=129&tmod=1540678822&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=2GZNamYcJX&p=https%3A//tinhte.vn&dtd=589
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 16 Mar 2022 06:47:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D7B0 0
0 91ms
87ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQgj-AogxYvTnGoaNtweO5Im4CMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDMyODc0MjE1NTQzMjg3MqAB1bbS6gPIAQmpAs-oIhDpZbI-qAMByAMCqgSJAk_QVfzqnORtD_XVFwXHQIvqOteRiubh4dX0YTpqUNFPNdxUrgQmQU3M0BoFE5NXiIChUL61KMCyWu1LqACqJNwsPU_y8bkx9yGY65XzQz44-foa-ISeauQqqtXmFG-H4Hpq5uLb0aAuUDwyjtY6sqhDg0oCea2RopXHIQw7a8CYxxmmfTsM6qLM8qv-vpwzl9k53u4fGs5w9-ozxikmsxnUStmAwJrAQpVE83H5h3TJQO8XPzumCLlf5g5D6jDTGXgJraaw66svEm40tg6o5Ph3AK7v9BoCWxA6KWYZz317mP_truo4pNjtvIHS7ayWpfyxme-9NKkzYdqXzv1NsXM-gntqniSBjt2ABvCDsYeu4-TdIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQzMjg3NDIxNTU0MzI4NzIYAA&sigh=rH6qaR4qIh0&uach_m=[UACH]&cid=CAQSOwCNIrLMhTC_T7WV_XVftE1trnTfz74U_xFpGahrjrJj43uUhp2sobycG2B8H_mknGecqTuDGlHmJIJpGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4328742155432872&output=html&h=1066&slotname=9899595386&adk=3462276760&adf=283292611&pi=t.ma~as.9899595386&w=310&cr_col=1&cr_row=13&fwrn=4&lmt=1647413250&rafmt=9&psa=0&format=310x1066&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&flash=0&crui=image_sidebyside&fwr=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647413249813&bpp=3&bdt=2886&idt=3&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D505bfcd1677e4221-2289cd105ccd0088%3AT%3D1647413248%3ART%3D1647413248%3AS%3DALNI_MaP3lcfHCdFZqSC4jU3_C8wvcbCuQ&prev_fmts=0x0&nras=1&correlator=7002574165498&frm=20&pv=1&ga_vid=1323063238.1647413248&ga_sid=1647413248&ga_hid=371717794&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1042&ady=1260&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065531&oid=2&pvsid=365009433287654&pem=129&tmod=1540678822&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=2GZNamYcJX&p=https%3A//tinhte.vn&dtd=589
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 16 Mar 2022 06:47:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4828 1 KB
749 B 57ms
55ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Tue, 15 Mar 2022 13:26:12 GMT
expires: Wed, 16 Mar 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 62478
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D7B0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c94d7f479e66a2ae853b8b05f186f1cd35e2c77868dc5627eee04d01f985725

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 admcorearf.js Show response
media1.admicro.vn/core/ 230 KB
63 KB 219ms
217ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/core/admcorearf.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/cms/Arf.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: a5e43c5d015131fec23100c79c1a133aa97ffb208681400ea395dbbcf0452e13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: gzip
last-modified: Sat, 12 Mar 2022 16:34:12 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 16 Mar 2022 06:57:31 GMT

GET
H2 200 advbcms
lg1.logging.admicro.vn/ 35 B
526 B 217ms
216ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/advbcms?dmn=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&zid=kmd69fot&pgid=1647413250505357236&uid=1647413249084434761
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 mb_core.js Show response
media1.admicro.vn/core/ 284 KB
61 KB 648ms
641ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/core/mb_core.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/cms/Arf.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: 086ecb10f2969462c0a9f99291cc51a2b8eee42dbfadaed98dbfefadd94a59ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 02:28:57 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 16 Mar 2022 06:57:31 GMT

GET
H2 200 advbcms
lg1.logging.admicro.vn/ 35 B
526 B 222ms
214ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/advbcms?dmn=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&zid=kmd75j6t&pgid=1647413250505357236&uid=1647413249084434761
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 advbcms
lg1.logging.admicro.vn/ 35 B
526 B 222ms
219ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/advbcms?dmn=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&zid=kmd65c33&pgid=1647413250505357236&uid=1647413249084434761
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 advbcms
lg1.logging.admicro.vn/ 35 B
526 B 222ms
219ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/advbcms?dmn=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&zid=kmd6509n&pgid=1647413250505357236&uid=1647413249084434761
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 persist.js Show response
static.amcdn.vn/core/ Frame B20C 26 KB
8 KB 226ms
222ms Script
application/x-javascript 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.amcdn.vn/core/persist.js
Requested by: Host: lg1.logging.admicro.vn
URL: https://lg1.logging.admicro.vn/_tracking1.gif?dg=774e265a7903b2f677dad103aacd5a10&fl=-1.-1.&je=0&sr=1600x1200&sc=24&hn=tinhte.vn&p=%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&r=&cat=&g=0&i=s%3B1647413248338%3B0%3B0%3B1%3B0%3B0%3B1600x1200%3B0%3B0%3B774e265a7903b2f677dad103aacd5a10%3B774e265a7903b2f677dad103aacd5a10%3BGA1.1.1323063238.1647413248%3B-1647413246176%3B10%3B371%3B365%3B369%3B0%3B1617%3B-1647413246176&rdm=0.9484220904851746&ce=1&lc=&cr=&ui=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: 9e9efcb83c65b19c1e5beda26cfd017576e8ed57bd67876ca87f7634ffc8bf8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lg1.logging.admicro.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: gzip
last-modified: Tue, 04 Jan 2022 06:49:30 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 16 Mar 2022 06:57:31 GMT

GET
H/1.1 200
OK 52034.jpg
photo2.tinhte.vn/data/avatars/l/52/ 17 KB
18 KB 182ms
182ms Image
image/jpeg 125.212.247.214
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo2.tinhte.vn/data/avatars/l/52/52034.jpg?1542911383
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.214 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: viettel4.vimobi.com
Software: nginx /
Resource Hash: 4b543a57d544d01c76879e1d9051f388ec08b01a85312119c3f92a4037f3d9e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:31 GMT
Last-Modified: Thu, 22 Nov 2018 18:29:32 GMT
Server: nginx
ETag: "5bf6f58c-4500"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 17664
Expires: Thu, 16 Mar 2023 06:47:31 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4828 35 B
464 B 32ms
9ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKnxvEJ8FtDiM-VA1mW13Gg&google_cver=1&google_push=AYg5qPLyUFh2QfKoKHeknitsXpMv81a0dsa6eLhZMMr75veX-gjEEsfWy8ynS4vPuHiBGE6T32WRATAXZZhWZSls2X_GQ8ROkpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4828
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIJDGJZDtKsP-fG-SJpdXgHLx1QP-Py5Nb0nr6...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWpHSUF3QUFBSldqS1R4Qg&google_push=AYg5qPIJDGJZDtKsP-fG-SJpdXgHLx1QP-Py5Nb0nr6khhwAiptrmyQzVijhLu7sqDsLAn14bLsr2SFhXKmCw53maJ-4kA12iYc

170 B
232 B

50ms
50ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWpHSUF3QUFBSldqS1R4Qg&google_push=AYg5qPIJDGJZDtKsP-fG-SJpdXgHLx1QP-Py5Nb0nr6khhwAiptrmyQzVijhLu7sqDsLAn14bLsr2SFhXKmCw53maJ-4kA12iYc

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWpHSUF3QUFBSldqS1R4Qg&google_push=AYg5qPIJDGJZDtKsP-fG-SJpdXgHLx1QP-Py5Nb0nr6khhwAiptrmyQzVijhLu7sqDsLAn14bLsr2SFhXKmCw53maJ-4kA12iYc
Date: Wed, 16 Mar 2022 06:47:31 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4828
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEEWSzjKyyxjnOApe6CZYuVk&google_cver=1&google_push=AYg5qPIYEuWVEGMrY7ATynOTivVN4nxITiagggLQg8RHgAnQIzwBiT1BjQcuscj_B5zPM1AwcrCnbG60bN96axeKxjL9Bma3U-XG
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIYEuWVEGMrY7ATynOTivVN4nxITiagggLQg8RHgAnQIzwBiT1BjQcuscj_B5zPM1AwcrCnbG60bN96axeKxjL9Bma3U-XG&google_hm=Q0FFU0VFV1N6akt5eXhqb...

170 B
329 B

50ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIYEuWVEGMrY7ATynOTivVN4nxITiagggLQg8RHgAnQIzwBiT1BjQcuscj_B5zPM1AwcrCnbG60bN96axeKxjL9Bma3U-XG&google_hm=Q0FFU0VFV1N6akt5eXhqbk9BcGU2Q1pZdVZr

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 06:47:30 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIYEuWVEGMrY7ATynOTivVN4nxITiagggLQg8RHgAnQIzwBiT1BjQcuscj_B5zPM1AwcrCnbG60bN96axeKxjL9Bma3U-XG&google_hm=Q0FFU0VFV1N6akt5eXhqbk9BcGU2Q1pZdVZr
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4828
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPL_9qpku42tk_9omZ2I1jXyfgdx232L5Yhm4TXz0JB70svSSxt4E-cHHplAh9mBg5PAkdrpKtw1wQRm9DeBmC91t-y8TCt_&google_gid=CAESEOP-Mfm8mFbX6dJNXhfGgrQ&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCIOQxpEGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBMXzlxcGt1NDJ0a185b21aMkkxalh5ZmdkeDIzMkw1WWhtNFRYejBKQjcwc3ZTU3h0NEUtY0hIcGxBaDltQmc1UEFrZHJwS3R3MXdRUm05RG...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwT08wWkZOSl95YjVLQWs2SHl1M1d4YkFkb3Bnb1lwZzJldWc3WmJyeEhPbw==&google_push

170 B
188 B

97ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwT08wWkZOSl95YjVLQWs2SHl1M1d4YkFkb3Bnb1lwZzJldWc3WmJyeEhPbw==&google_push

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 16 Mar 2022 06:47:31 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwT08wWkZOSl95YjVLQWs2SHl1M1d4YkFkb3Bnb1lwZzJldWc3WmJyeEhPbw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4828
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLzr_-i...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLzr_-i...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMTYwNjQ3MzEwMDAxMzMyNzY2MjY2Mw%3D%3D&google_push=AYg5qPLzr_-i-OGuxoUe4xW6K5k1mKZp5JLQk3YPJoJZhMp_H44XoN-nps-UzTQQ-hlQog...

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMTYwNjQ3MzEwMDAxMzMyNzY2MjY2Mw%3D%3D&google_push=AYg5qPLzr_-i-OGuxoUe4xW6K5k1mKZp5JLQk3YPJoJZhMp_H44XoN-nps-UzTQQ-hlQogSk0xheapvqB8zNZvj_cVdrOH18uost

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMTYwNjQ3MzEwMDAxMzMyNzY2MjY2Mw%3D%3D&google_push=AYg5qPLzr_-i-OGuxoUe4xW6K5k1mKZp5JLQk3YPJoJZhMp_H44XoN-nps-UzTQQ-hlQogSk0xheapvqB8zNZvj_cVdrOH18uost
pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Wed, 16 Mar 2022 06:47:31 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4828
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ1zNLPlnVBQFq6RdVkhlu3dnLU2GJtpA2gALpMPxTXFWlFnk84aE1h-aCo4AVfOIV57aFg4YZSA4t_mina1VE6eOI9HLY

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ1zNLPlnVBQFq6RdVkhlu3dnLU2GJtpA2gALpMPxTXFWlFnk84aE1h-aCo4AVfOIV57aFg4YZSA4t_mina1VE6eOI9HLY
date: Wed, 16 Mar 2022 06:47:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 trk
ag.innovid.com/ Frame 4828 43 B
297 B 225ms
19ms Image
image/gif 2a05:d01c:1d8:8101:6a54:37cb:fd61:b021
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMa2SJ9Puev5L0dsrxNy5EU&google_cver=1&google_push=AYg5qPJWe0yZ3FHvV64MCiQ1XM1xw4bp9N5eWmKG1gb2zsYFclEYOVyZl5aYoowXxDJg0dHd9oNandTzCD5ADrr6mKY3jYAqcA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4328742155432872&output=html&h=1066&slotname=9899595386&adk=3462276760&adf=283292611&pi=t.ma~as.9899595386&w=310&cr_col=1&cr_row=13&fwrn=4&lmt=1647413250&rafmt=9&psa=0&format=310x1066&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&flash=0&crui=image_sidebyside&fwr=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647413249813&bpp=3&bdt=2886&idt=3&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D505bfcd1677e4221-2289cd105ccd0088%3AT%3D1647413248%3ART%3D1647413248%3AS%3DALNI_MaP3lcfHCdFZqSC4jU3_C8wvcbCuQ&prev_fmts=0x0&nras=1&correlator=7002574165498&frm=20&pv=1&ga_vid=1323063238.1647413248&ga_sid=1647413248&ga_hid=371717794&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1042&ady=1260&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065531&oid=2&pvsid=365009433287654&pem=129&tmod=1540678822&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=2GZNamYcJX&p=https%3A//tinhte.vn&dtd=589
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:6a54:37cb:fd61:b021 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4828 0
232 B 139ms
47ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IprmrI3CiGOPmHqmrXKcPJ_-pDry5od24ohQhZQdJ8fEGT9dpeNrOQM-gdBgHqRvZwe9tQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 46ms
45ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tinhte.vn

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065650

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 48ms
47ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tinhte.vn

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065650

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
11 KB 583ms
534ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=365009433287654&correlator=1766554167436957&eid=31065294%2C31065650%2C31065643&output=ldjh&gdfp_req=1&vrg=2022031001&ptt=17&impl=fif&sc=1&iu_parts=3823916%2CTinhte_Below_Firstpost_Threadview&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&adks=2663528008&sfv=1-0-38&ecs=20220316&fsapi=false&cookie=ID%3D505bfcd1677e4221-2289cd105ccd0088%3AT%3D1647413248%3ART%3D1647413248%3AS%3DALNI_MaP3lcfHCdFZqSC4jU3_C8wvcbCuQ&abxe=1&dt=1647413251122&lmt=1647413251&dlt=1647413246927&idt=4135&biw=1600&bih=1200&adxs=261&adys=2879&oid=2&ucis=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x66&msz=728x0&fws=0&ohw=0&ga_vid=1323063238.1647413248&ga_sid=1647413248&ga_hid=371717794&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065650

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ba155ce79a760d3b2c9b07e1df693506e249854895efd9c0b0eb34bd02c7c82a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10931
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tinhte.vn
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
11 KB 558ms
510ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=365009433287654&correlator=411144075262401&eid=31065294%2C31065650%2C31065643&output=ldjh&gdfp_req=1&vrg=2022031001&ptt=17&impl=fif&sc=1&iu_parts=3823916%2CTinhte_Desktop_Forum_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&adks=2033351738&sfv=1-0-38&ecs=20220316&fsapi=false&cookie=ID%3D505bfcd1677e4221-2289cd105ccd0088%3AT%3D1647413248%3ART%3D1647413248%3AS%3DALNI_MaP3lcfHCdFZqSC4jU3_C8wvcbCuQ&abxe=1&dt=1647413251133&lmt=1647413251&dlt=1647413246927&idt=4135&biw=1600&bih=1200&adxs=261&adys=6729&oid=2&ucis=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x66&msz=728x0&fws=0&ohw=0&ga_vid=1323063238.1647413248&ga_sid=1647413248&ga_hid=371717794&ga_fc=true&btvi=2&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065650

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

7020b1a5e5545b28092a6791ffe0b05544aedf190211e14b2c2db5c92298140f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10809
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tinhte.vn
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 783ms
735ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=365009433287654&correlator=2636589639229576&eid=31065294%2C31065650%2C31065643&output=ldjh&gdfp_req=1&vrg=2022031001&ptt=17&impl=fif&sc=1&iu_parts=3823916%2CTinhte_Bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=5&adks=2358240273&sfv=1-0-38&ecs=20220316&fsapi=false&cookie=ID%3D505bfcd1677e4221-2289cd105ccd0088%3AT%3D1647413248%3ART%3D1647413248%3AS%3DALNI_MaP3lcfHCdFZqSC4jU3_C8wvcbCuQ&abxe=1&dt=1647413251138&lmt=1647413251&dlt=1647413246927&idt=4135&biw=1600&bih=1200&adxs=261&adys=9866&oid=2&ucis=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x66&msz=728x0&fws=0&ohw=0&ga_vid=1323063238.1647413248&ga_sid=1647413248&ga_hid=371717794&ga_fc=true&btvi=3&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065650

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

5591b3daad6af265de20f4a9ad57a5e672d367fad48d4e8e659bc2b5fe6a13b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11792
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tinhte.vn
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
33 KB 494ms
446ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=365009433287654&correlator=3343171531639291&eid=31065294%2C31065650%2C31065643&output=ldjh&gdfp_req=1&vrg=2022031001&ptt=17&impl=fif&sc=1&iu_parts=3823916%2CTinhte_Desktop_Forum_Right_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&adks=2492448454&sfv=1-0-38&ecs=20220316&fsapi=false&cookie=ID%3D505bfcd1677e4221-2289cd105ccd0088%3AT%3D1647413248%3ART%3D1647413248%3AS%3DALNI_MaP3lcfHCdFZqSC4jU3_C8wvcbCuQ&abxe=1&dt=1647413251143&lmt=1647413251&dlt=1647413246927&idt=4135&biw=1600&bih=1200&adxs=1046&adys=254&oid=2&ucis=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=292x-1&msz=292x-1&fws=0&ohw=0&ga_vid=1323063238.1647413248&ga_sid=1647413248&ga_hid=371717794&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065650

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ac28e1764efb4889fb49cc6a23fe7ec2f0ae38159c77fbbc09464f3733feb6cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34177
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tinhte.vn
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 634ms
587ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=365009433287654&correlator=548712784643267&eid=31065294%2C31065650%2C31065643&output=ldjh&gdfp_req=1&vrg=2022031001&ptt=17&impl=fif&sc=1&iu_parts=3823916%2CTinhte_Right_Banner_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=7&adks=2661219764&sfv=1-0-38&ecs=20220316&fsapi=false&cookie=ID%3D505bfcd1677e4221-2289cd105ccd0088%3AT%3D1647413248%3ART%3D1647413248%3AS%3DALNI_MaP3lcfHCdFZqSC4jU3_C8wvcbCuQ&abxe=1&dt=1647413251148&lmt=1647413251&dlt=1647413246927&idt=4135&biw=1600&bih=1200&adxs=1046&adys=600&oid=2&ucis=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=292x-1&msz=292x-1&fws=0&ohw=0&ga_vid=1323063238.1647413248&ga_sid=1647413248&ga_hid=371717794&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065650

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c51fd477f6b38663ed383a9ffd479cd5a900c7f678fd9b44c551bf88e9d73bc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9436
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tinhte.vn
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 076D 6 KB
4 KB 175ms
48ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065650

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 16 Mar 2022 06:47:31 GMT
expires: Thu, 16 Mar 2023 06:47:31 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D7B0 15 KB
16 KB 124ms
39ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 38376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Mar 2023 20:07:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D7B0 16 KB
16 KB 132ms
50ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 05:33:18 GMT
x-content-type-options: nosniff
age: 4453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 05:33:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D7B0 15 KB
15 KB 167ms
90ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 11:22:37 GMT
x-content-type-options: nosniff
age: 588294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 11:22:37 GMT

GET
H2 200 cpx_cms
lg1.logging.admicro.vn/ 35 B
467 B 234ms
234ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/cpx_cms?dmn=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&zid=kmd65c33&pli=kmd9vwii&cmpg=kmd650bd&items=kmd9vwit&cat=null&cov=0&pgid=1647413250505357236&uid=1647413249084434761
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
content-length: 35
content-type: image/gif

GET
H2 200 cpx_cms
lg1.logging.admicro.vn/ 35 B
467 B 217ms
216ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/cpx_cms?dmn=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&zid=kmd6509n&pli=kmd9w8fz&cmpg=kmd650bd&items=kmd9w8ga&cat=null&cov=0&pgid=1647413250505357236&uid=1647413249084434761
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
content-length: 35
content-type: image/gif

GET
H2 200 admcoreext.js Show response
media1.admicro.vn/core/ 14 KB
5 KB 216ms
216ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/core/admcoreext.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcorearf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: 3153c27085802eefb01b348d02b285449539b7b2217dfe15bc38713cc143b166

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 04:18:48 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 16 Mar 2022 06:57:31 GMT

GET
H2 200 genjs_ht26032019.js Show response
adi.admicro.vn/adt/cpc/tvcads/tracking/ 2 KB
1018 B 931ms
221ms Script
application/javascript 123.30.242.13
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://adi.admicro.vn/adt/cpc/tvcads/tracking/genjs_ht26032019.js?v=0.5023190855365642

Requested by

Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcorearf.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.13 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 249.404c725413b4d48c3deaf03e06bef518 /

Resource Hash

4c1d5cf816a4f12151b15e1ae423892aa7dcdb76272cf7a2dcc1c3bb507ab8f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Mar 2022 06:34:11 GMT
server: VCCloud CDN / 249.404c725413b4d48c3deaf03e06bef518
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 playerInitScript.js Show response
adminplayer.sohatv.vn/resource/init-script/ 25 KB
10 KB 688ms
227ms Script
application/javascript 123.30.151.76
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://adminplayer.sohatv.vn/resource/init-script/playerInitScript.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcorearf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.151.76 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: / X3-PLAYER
Resource Hash: 2cffcfaacd57b1261f9528bf5cf177907f5dbfc64d5f39796a8bb329e8d1a430

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 2.247ms
date: Wed, 16 Mar 2022 06:47:40 GMT
content-encoding: gzip
etag: W/"64e6-AlsgVvW/MvfywaUw1cv7LgBWh9A"
x-powered-by: X3-PLAYER
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public, max-age=120
x-content-length: 25830
x-host-name: SVR576R-NPS-16-40-56

GET
H2 200 ssppage.js Show response
media1.admicro.vn/core/ 25 KB
7 KB 217ms
217ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/core/ssppage.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcorearf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: 095ed2990bb56460546996a4d6cb7f1ac78a77a4aa838580d1b5f4a4f8b10d6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 09:50:34 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 16 Mar 2022 06:57:31 GMT

GET
H2 200 cpx_cms
lg1.logging.admicro.vn/ 35 B
467 B 216ms
216ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/cpx_cms?dmn=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&zid=kmd69fot&pli=kmd9wo8l&cmpg=kmd650bd&items=kmd9wo8w&cat=null&cov=0&pgid=1647413250505357236&uid=1647413249084434761
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
content-length: 35
content-type: image/gif

GET
H3 200 container.html Show response
6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4F41 6 KB
3 KB 87ms
40ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065650

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 06:47:31 GMT
expires: Thu, 16 Mar 2023 06:47:31 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 89DB 6 KB
3 KB 53ms
44ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065650

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 06:47:31 GMT
expires: Thu, 16 Mar 2023 06:47:31 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 051C 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065650

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 06:47:31 GMT
expires: Thu, 16 Mar 2023 06:47:31 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adm_tracking.js Show response
media1.admicro.vn/core/ 26 KB
8 KB 217ms
216ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/core/adm_tracking.js?id=1
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcorearf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: 73efd8e57c3426b6fea6d17363a4d3a6c38bf063b747b009b54e34b2db79689c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 04:57:53 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 16 Mar 2022 06:57:31 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0035 624 B
297 B 52ms
51ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhjjs9vEATAB&v=APEucNXiFr2dTwI4iiT-eCjaMm69o2MaBSSvvjMl8S781vrcXIcmDOTwnZAgj7zGwvhbVje354d53rUQmLPuSLO3O71SHYwwg0Mxa7GMm__1MW4rAXH35QgrKSQeEoHSQCAjRIYtJ5sDNxdUUMI8sRETTXbGoyNiQFyYXrsMsO_TGOGao_Yw3Js

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 16 Mar 2022 06:47:31 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220314/r20110914/ Frame 4F41 19 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220314/r20110914/abg_lite_fy2019.js

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:46:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 06:46:52 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220314/r20110914/elements/html/ Frame 4F41 6 KB
3 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220314/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 04:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 04:56:23 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4F41 0
571 B 82ms
31ms Ping
image/gif 142.250.179.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvWh_T8M_Xg6ihf_qVB6Sk0DGrjV4C5QngIo7KGXGe9N9bVbK1oWiraDQTGqFc4pUyU3Bdl0NGmd2GWoZEahx4aXn5I0Q8ycQno2BiKVBHMtz7piR1riHs_4eDzaMHAbfiGUK8GKSv92mpkAJq_5pDZEw7wWKLeCBeU_Y5ucrlPS4NI0QXA2c2EBADWuoXWJv4MOXgu01cGRFW8JX5rQ-hUsD0Aw9nEKJk69oS4DALNqmlRODvCoK7Aj-h9RgRdWL22qlO7ly4t2QqMUpsXgdCGlM0X0Z55s3Vt5gIXhO_dNJW32Z8rX4vuo68y97NVAnNdLSW4AYOW67tB1Wy0K0HPZP1-S9LWC6TxDAHX9XpYfappSUNgikZpaNxsCl1SPeAmdQIcEFvp_u3uRxz3R9NlRlqWeZxWXUmTRIGIfdYluP0h_dhrR0PlssntmPDPa5tOMnVzZC5u7PM3jiCtBrqGL4vxS76tU6D3rP1PG-4_QX3qU9vKIsiZ7uZbQHm_AM0Ct6oRfyf8RZ5AU6OlZERcj9i2MM8lHHMrzfpDFTodfO54QyM0XhuyTLfaKrI8K5OXQYDI6NBs7Z0d_9RAld-NYkfVKCRT7fxPv3CTNgwKh81x324Yh7k_unSOJ0A8Q8oWKS2OgEqaB2XbcXHiGJJdE-vY3IzwSQBjTnBqNN1R9QP2ozgR71e7sAXkFa0skyNharTqPJdUxPoLGjD44Vwl-0fnFeVjTFLYVqEnpVyAjAEZ0cEfUbrq7OD2-MNSHLGl7W9QmLaLxacyrLZvD1pRUSJlXD51WyP2VffYCg0FOZ-uKHwCAU3snRhWaLYajVBf5NF9vc-X7QOGa_sjbtZPyr3-5RhRkqy_E05Q5r7xB7JZVUxnWsTWHzAc5ntvlllHS4VLKJNuP0UhJpU5kFH9efTCqoNB92vyYYZcDKgfLeH4Y7nHUoQ7ddBCLgORr2o_vDo7uxENdcvb6LTFLoBhR8RBemUnZKeJD7KFgsMcfdfmJ06qOl1mf43tPiECaVRgrkuviBuhJXswp7F3NCsX_iMy9uUZ7ZUhVxWYqTkS1uiwMvs9gErYLetXHlB28S6M8rKJm9aeFE9-RGEiDEoiKoz6XhwJR159SlRatnCjUUAYQnX3M3zdynqeYVRsv4UqOGpQ&sai=AMfl-YQx5HwdbbghPhou5b9V60kWJXw98VdbtIdgtgDFiLyZ7cHydl3TXRyNVr31YOuQ5H1pqpAIMW5p0XdbWXjhxpBWvsoNnHlVw-Q0jWRUFg3GEwyE7dLJyJvWUnv_RfXDKgOEQ9XOdJCIDcHtClqO8WJJ0BSv1rytT2S_a9d2pWRWjW54cHfRLQH4XVi76A1IVwpz-44fZwzmBdRrzI1n0quyCX-Xo-5F1t8S4AEMp_EyThvthdVR65Ddn_RTC23QzIYD1FmV5-_Dp6VHIhj3-mLE5IdRyrUvCFJAq7c&sig=Cg0ArKJSzEg4cJQOc15AEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220314.08995&adurl=

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams17s10-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 16 Mar 2022 06:47:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4F41 41 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 10:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Mar 2023 10:21:01 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F41 42 B
63 B 60ms
59ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CgGxnwxAF_mpiWjPDxA85zDJ4VJT8XkvuZ8XNZtmkVs1YpbhfNdWIDVK_ijJ0XnRQaKRklTngAuSVyzmgQ691s_YHcLmcgMQuLLZslrLFaa7OX0_s

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 4F41 2 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 05:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 05:57:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 4F41 15 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 06:31:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4F41 0
0 47ms
46ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQrJBV-y1JZb9Ntpp2gfvWGYU5sySp3S3sPgiw9EdX9EuNaRcYsTFGt0R0nHP9NR6DpHGEHhRYr9z69TZceUW-SR_p29g
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F41 117 KB
36 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 06:47:31 GMT

GET
H2 200 7698746391311927577
s0.2mdn.net/simgad/ Frame 4F41 68 KB
69 KB 141ms
40ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7698746391311927577

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98952174f97731cf91afb6093fea664a2ce5939797f192d1ae4ee003bd21988f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 15:34:30 GMT
x-content-type-options: nosniff
age: 141181
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70065
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 14:34:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 14 Mar 2023 15:34:30 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B079 640 B
316 B 52ms
52ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNUc4Sa1s4W2WxtLvolh6xtWsI6eXxy7_Wykh-EVJN1rggCn8oha2d1LseYtebQ1Nn3aBJd153fWpvTz9I0ML1qF_thMXZ8cm5UoJ03ek0HqnaxArXleQyvsMsyLuS_glUh6iebwNM4sED9MDIjWmGQb1qbemfnmamhfwuUtP78-OjlS0Rs

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 16 Mar 2022 06:47:31 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 89DB 27 KB
16 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AB8stYrq6Z-H1-OAdPc3g1VZKmqPfAe3N4TIQ9d0zP6TcbUGryxl48TZGA8kUYXquOC6LJYfsn7QjLcw1Y8c_r0e0eF_3O1-IA8TM9l5cjf6r1hC2oFAkEaSVKQ2EmOFBg_vBViwUBrIUpCS1rMsASvr5MNQ&cry=1&dbm_d=AKAmf-BmBRca6ZLnSA9Du1rz5WShdZJqakRzvZvGgVFlFAR7h4C3r1bb32a4nzhFRM1owkBOj_2grBDUAyHQF7EHFEPe8-cMypjyfPQYD9SaMFJbHCJAmtLvREwcWFLmBiAtwFDEhS9OpOrLvIrEdo49kSkJC6Imjk8NNW4SFkffJu0l4Ge49wNRD12bXImBdVvPFv9GXsCAZE3BDeK7STLGgJvaJIhw74ajr3uo5mJAL-qLPfn0_L9qfUJ2LgQVsJ-caW2xHfubrkuO13YshmRVlPEh0J1kSiic5vsqkxE29O1kLICt67ESiEGZsI2Uuf9xpL0VE2tiCB9FTS5UUk56aLtQj8gkvUHYqSyzRAIvKHuXY-ruQWHVh9cFmiy729dLxIarKeiH9bSQJ02zoedUofhnrhXosXy7tT5qaKdu0PV5Fsu3AM8ZjZspqUk4wjIf2ACDfXAgOutM9hWSUoRo6N0ShCJ4ggv9r_R6twLVLtQ4iQf-0J51__hNGgxKEGgg49bCu9Zh1yrj7z5KkALTbarN7K6IEp4Q10OjMjZ1SoQ78vqrkQ10JBZ9YCKmnhJBKyweSOB2FkbsnrE5UBYk9uy5OetcYoESr5IVTl98b0jIAT_VpxWHEck_tWnc2hhWmckcjwJ4_dcJjMWZ5UOaO-ib9CtD7LekC70P1OrsRsErX2Tjx0cY3iuclNCrVgkYV2o85eBu6x-xlgxgWhfRLvSrL3tCapcCBzW38b8p9Fxd9h3IfIOIzIQ23XSiN0AYK1HUSGZm1prE4VyKmHRRlOwG46Ff2Tpf4yxlADmhSytLS9UNaq5w_7zN27zRY8uP5ljK5gnZbqtXK5gEV8R3ds-SmG2l_QZMHczXTob6rVVJw_Gnj1eWsFaGC1xLNSiETYb1nehlzYUIR0OBPx6bSZx6iE7vSKkT_XQf2_M5yNPIp7RMGroN3xT1YZRYJHS8e-LGp2Hod1-UHalAY1oe7hUG5ZduHzFhIgEQCUB8yiP-lxQYXzkYCfC8M-Y4rK-pc30rTRQWD3ZBGHuzAADnLD74xPjUcg8xJzjxhb8oblMN_00x4d8sTj6XEYYS2KhrnSuMlWiHzZ6uUqLdG2Gr32bt_0jbkRe7Ps4Lh8WyT_UkXW48ZcTJxWDPLPFoafEnKoa7cuEGjkhvwojwYnnEWj8HK0LYeXWS9miO4svFSYEriMg7W9fZaJpxTQzyxOwhBS4EgdLng4qPV6zUP43FIw3cb8iJhQq-T7CqUgtkwJupUHbjwHxoxp3fgrO65fVLVzeqlPBBbSirfVkn46sgqbJyP7CPmoUJt1X5WFNo73Y5kGqwEUjUkpLWWnLNIUh_dcTOoGtI2mecphmgtI1QF-V_AZvgUlhynkUNePk-Ft88A3keasB7YClO11kcKyf1RNUoDQ_UO7iRo9RHWayDlvSqpkrFgaSnyU_8VKESPIv7CrJN9P6HLMg59dq7sxZg5MGNHeWk8zSkieMUEdTbrH4RyT_qTH3B_AlsVUfnYMKQXJfl7IytxZB6icp9VbD7VozJ_8KeQejsGS0mheYKCQVIE-K-xcGvxmGgjjPZ90tS3c1R1U8vEBIpzKymNBtH8XgtQfBOy3UiyGQ-0gHR_YzDMa2oB9p6rTGtf4bTrJfYQmZlFIz4YrWK7pNOoFbkZu0nSo7dQHe8p55N-fNpzK5X3fkW2SG4YWLU6onMFlbT0MD0iUJHU97DIUxXJe0ucVXsA779rZnefdIWajk1py6HOfusO4KYNOd5_94KcOtyQ1rceIhwmp54hue9eKpdyjV-H6lbsruoL3jnTdbo9PE_Z9mD3OujzQZjNg6kA0YI3tBTP0Ufwqq5755vZ1INcC-WukLKVejuIc9FEObdcRHrb8JSfbKEZKDRb9rzEkI-hsR-0KHvvsBvoFKJQkCvVcnqb2Lns6nwZz_f5cyEP8OWe76r_9TXwq2kX_gGvQrs3hfEd9NTFaSTrZfTJvyDqX1GpTGNdSKrdL53_hTUB7yQwRTxt8AtVH2vBde7PmbS8pAvKAbM9AmtyPnQIYRTAJfk_xi_9FcGjyfjkmU_bI1NKXvDl9Uae3mEZXzczoBOuIB8rWUp6tabfP9bvvY2wessqn1L4rLPTfflBpn-D3YUoBg51_KjHjtl28jxB8lYsw_vsnLnjfAtkKcd7Tx2eeLi6NbaQRmuPZyT2lhmz3_qLPlVXHXF3piomDo2T93FjmcgDOkUuvQ5Ywz_6Cxq5txH_xL6wfQSVfrONEc5imZsgTdT-O3Y29H4dj2Y8NMTneBmwWCCS6H-nAtSFAb4oTmjJAtHaIUBIgzvrY9MlyEcnq5lFYo5eUsF27RZCiZgZ9qUWuUerOa78YTh8j03cff0sZ0O9j2LQdMXIDKLQQTutZQ7zC0MgkVmBTdxffHwMkz5SfyALP-iimDS4bGHAmpzVSbx9dIGYZ25fk5mGIu8Zd5j9Rn7S6cq0LV2jJREPfarE3JuF2FyDfyZEZDpO7mcjkEmBwetYdgl2qU-_8o4QMP53R6MNq5zRQX5g3Dohyns2D6GgoULK2oB8RLiKaTLaQSbWbpda-crEyel2ugRCy1zIrcUv7C8z1XJo3s0KO6qjThQ2eRgG3K7lUL2-oXsCeoQI6RBoBmwtqal6Sx3FUsEttkJ7rmBPAMlMZWeOvgeP-RJbIROdjIv7nFhgHrPS4vPuRML8bwwoQKEAX3L2xr_umnJfaolzkvM1Lx1OErf6S_hyDGP1zxEuxr-f7AifBxbT0bz3IBsSvOh2_ix8e0m-Gv5t4G0slUAO7948brFSr8JAxNG_B2NwRTFjHBthslMZYe0niJh3iv__K4mYecD80MryX1dNYFDmteJc0jsOLN5SCH1ffrF4TUu_h2fqUthMkOsfaaLnBfEWY-EvrvRydinvjXNaPD6sFlC8P86t8t_ufMB7i6kjjfrYfa1469I_e24ti4oViF34LoTCdvckz351dBGPni6VFTERZd59gXwLJQ90g_ggP4RdmFOUq3lZTfeSc1jUUGP-Oz4DA9je2Uvv0gQq2jwdGap3ODyPDh4TjYQ33ibgHYuXOeVvlkgkONd-hXU53JX6vFYs8-e5qev8znc52XLgVNIkZ3iFxsbzmf8nNSVsfLDaKFLR4HLCiJoooGI5U5nbgYmm82AqNT_-cwb9YK1yLTSAUY_lBqXfXnFCmMyWnRsBo76vewXAPg-oCiY822SgGhslnfB6fZc0ek5nPN3M2BVT3a21LUvC5TlcnUXQIzUZTxEcsyicNcrc2nNYDTjQX1ug9sylNYFcUDIPY8un1PtjnkWkoEWtY2kfR_2R6IZAevHKPI9OBAqK-mTxXGcig296tFenSNowSAVoBRtwqDNRvpY6g450ICA7GgEZWZudzfZR3HR&cid=CAASJORowg6tnwFTXgZh8Fanq1VmJmKQhxLgBANSIwyGja36e-Qg0Q&rfl=1%2Chttps%253A%252F%252Ftinhte.vn%252F%240

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eef12d2d2f180da68329cbe901d36b2bd6b349b015c373b1f972b47f8daa2410

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 89DB 42 B
63 B 60ms
60ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C4RAIsx_uAoYDwpp3AA4ZSqg4UES11VHF2PHVEz8TAjuDjQnmNXhuG7NlzYvOQWtGHAlSsTShznx35Qan8atWSO6ZcuAsC_aMo7JRSKSmrt9AupkE

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 89DB 2 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 05:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 05:57:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 89DB 15 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 06:31:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 89DB 117 KB
36 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 06:47:31 GMT

GET
H3 200 container.html Show response
6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 05DE 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065650

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 06:47:31 GMT
expires: Thu, 16 Mar 2023 06:47:31 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EB3C 499 B
334 B 55ms
54ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVJQVSiZEudgwARTOR-2wBtHnNpZp_SpAgeCIWVQnlKkelIaBD5XuYC9WzisraUmntByhlNqcoKfXozdPpVecE52wNnUCpVHVwq1-xxZs9S8mkQ5F7MJEBbepjMG5XFoNQo6fosDSS6mwstEVrs_Xr91xfptX5cpso9VxMkzoSKZnXiVqI

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 16 Mar 2022 06:47:31 GMT
server: cafe
cache-control: private
content-length: 313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 051C 27 KB
16 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aetq0gBYYBpQMsic_nvz1TfFUNdyn1S7FYj1uWxHPJyQjh-L-O7boT2yAFcASMJCatWzg_2h1Gbm2UTotwv2zoPulVd6nJbNZ6Sc8LDnwBhDX8940zAKbiGo8mg3nAvzf-hSpc7mffd0feiUQckdoo8XD9bA&cry=1&dbm_d=AKAmf-Ch7nAfWdX4seLtyo9JqOOTcpn0KKz2xqdRcuGJgwLXWwTcoCPyOljQDgl0W-Kdrfr1o83Z0XeFgddDxkrxIxj71XJlHrqtHiXzg4Thc4PzVjenvtEesvkFARPMVyDXs2jDzg7eQCIs-6RSTPzODJsSbxuHEclEZkRrIEoTBRXMIyj3Iz7iUv2fwCzrOSeRP6tspsZ9IuE-RP3a247UqpcYKxX2jiGNJ2CfTVvHWylUdXgLhwEGGEjWUyYEQm0434yvz62vV4oG38M_DDyIbLhY4bVVCH3MrN7GoGhTUP-0qLe2ewNb38QXs47OCzas22vTB7Z1o2p6fnCcDYPYmk22UwtsJ7WdgXwiOOhb0Aps3Q04dZ0fSUmeUXx1Ktf1z-BO88V0czhOSyuw37EJa7pA1jtprzC0fWvirBC2-ktSVvkNrteCXfdyTTrfd9UuSptn2xkhVFdEcqctyyoOX4GOn5WNEpNqHayA7vtzbxr-JD2KUFREgvSir8KG2lXibI291cY5F0dGU-p-hWAEsaG18UwAB407jEtTewPw5Upq5CSWmFGDkWVuXU8xWhgYjaML8qBMzSxTxNXwgBsQ84cNW6zxHRkdwAAaIxwE1MtOp6MXQ-ZY0zXOgxCK4qWf06luenChc9Qd9u1rkRWUp0NyJEOVcUQx0xJMJA3REGD7kBtRWwivFgwxyP6glqJm9woZIBvC1j212p7lVQ2O3N7XEAigIssWHBjzxSedknc50SA0QMh4FmTnGY9Kf438ZVzqMg3nb01u7fr7tWBL-rWHFwLikVZ6jSNyqig39yxXKpkn9P_HOjQwpJyoHH7p35627y6Qclz3c53L-J3AdbkATfkfAXUMb9Cvt7XMJ5nscdnfOXdXt0cT6-_NnVkJYyFu2zCPI_Tjs2cXeC7QTjpTc4pgZ57IkqFYANc44rsry371bZHQRxCDdcWy1Bas0LLuNIocX_a_ZwzKWaSuPytZsGvM3UGvCjIQZu4g5OLr_G4rPPSl0iFoHkF44j0K5V722txx_i2svtN9NFn8IE3uQDo3o2LuMSY3Gh19X8rHRoL2NZSFopC8qTBaTrgMPQzvB8Kiw4MZycmWZWIgesVDloSztMi3lGa8KY5NZ89yFoI2pia3gndSG3boAwsIEGSFnoybnRj8M8ezfLp3W0okTG4-TJ9IivNeUirQHo-cRhv6XnIWQVPGVO78lscYI18pz08tzbVdPeZed8aTbnGE-495Js92umG3cqjtHY6m3L5Xv2Nt-SqyQa9XEuImQRSOr8MLBUUh5uogxgxelOEiXoYHwo_pESuSPHD6X-vBF_pexeBlpV3dT28BwVE6CaO_YQWpT6OZyvrYl2W_AN1OU5PRdGEpaMPTde6PI2q5dggXOardsKzzgqXzg_n6pzF0d85M7UuFGgKgMWLHLkh6SF8Lk0HOEsqfW4ruYRBwPk5RkEkX4KuqLEPPV_iVwvg8wP5i_0YMD053Mzm_hk6z-xHreGSXIqM4RJi9P3Yghr2CPleP5Bxe0p36aewGl6OaaFB71XvZsPP045c0DJNxo_Adxyia5V7cdlLvWtcoCy3QGkUrasTFt_62Izdo3XwBaphK_P2J2QEf_1BAxnIMWusxyBFRuv-lqkPXPvUCwCzhImKfNJMc0rWikzMTqv8wMkH_kV0FRj53E2wlW8anx4QSpTkazLNbAVX39dNUUKS9r7wtrq-FNCqZyJSoltiXj-dBneBtI5dtM1mkXQTXBkldBEtrum-3RRQNglllj8ZJexxyjg3c-F6LJR7H3HfJvC4Zop7kVMPLeAgWW074nWx2etHAAm0PxgOnrKpBsEVzXxAW-8Tvhuk4MEHjOBS0ykklgLJtL7nBtrYMsOxJ4kgXsxdfgpf3O5-oj0a49PdorZ6pRVV2KFEFWoBCLa2Cu8pcP9tT2nF9QfQYagmpWUxfridlSt6NRrDYyZ0NnyAhYiOFCbZjLyPm4cCYJIQwzz1pYS59pzXJwBEN8jQ0GuUfy9aj12gNhma5-SmwIoHB8CsUWSh-w7SDfd3qHXH3_ujfddfs8GpK3w64qkUQ27T9pAfX_w_u1n9M8bZSPFpBAqmnVHcIuS8Qt7hfbv3CfBwLO35T0vruwE2gmXH34mW_oJ9IohYFz6SiOOwmBhUUlc1jbfCc_QgXRX_LwsVs8b8ssDT2IuHhtIwXlghr6L6OACEqB7mEQiAQoQXf9Wt_Q9oj9o0fI_85ncfzAA_FQN9SlSbOTi-QHGQOX0Ol7sEztGeLwRUwCQD4eCKISKQsRl-4NaSbTPVQ7s9p2X07gewwNMomJdFN8dY-CcWGqS-0KOKa9SyvdgqFjqekifepCvGkhrgZYfwZcqdcAPlouG2GDaZ_FV7lsQeGnx9M-vPGd9qWrRPd1wnejchKzXCuZr6r1fvE-cpzXFMtO94mZHTxYdlnad86VOWHeKZ1OiFwJjrmVt4_4euEa291Ej1RfVbqVj2dVnqYyRXoCK180320wPJi6tLTdEzul5OtZS8-KSHZtx2sDtCV95JVXWIILJBJB2EoRPREgChnF3ieedTnm8WS8FqAcFuJB1A5s5hiQvrcBtNkZIDah5mDusRJzqmLWWv9BiVQxzf9tIsJRi8R0raJgEkhsDmk8JdWNvUq2uf6OlnuyjWI8bcykUtk-78QwIRyyrmKAXSs-pGNE_0LaOMDVdGkIrzQlngmMqRo3mu4zYNw2B9NAEUAHGDLObcaugvg9Iy67ylSNRtvJEPy7uXO8U9xHEMpP5fr46-JPIZC9p5PL1W0nwTwkDIgi-zm2Ln2NJQPm_ZGKFgSyNfA4c_A3_hGKMSwIQHg-vOo_eaOHbzlz-HOvpgNa5xjIMaa9RbB0hgpH--TQfbhFqcNaBep2mWRI5qNHdwD_cUp8fJqpYlHll6Ryq2xvDBrZehMCj6A8PpXibKofP-lSrC6TBf-mmhntn6wJrNTw4mwHcQs3ULcYCeRAleiUAamT8PNd-vVrtUfr-LJBi7TWJsh9fUFrG846tsKfDuVcrQ-6at1rof32Qiq9uI1urTS1s9b3kzAdQOKvkgQwe0gAHspCm3MQllCKjp5_KkuP33Jn8CYuXGSeBKCdsav9hOcMWjwb42DWV93tqk-ByiEQhkO-DwcXNA5jb-zlhIVsD2NyBYlgTlNtL1AC9QHJwzXrIuEPjEZbspiev3pTnGou94B85qme3zn7qTRaDfDE9uo4ZsfweBRweGDO-8TsxgISTl7akBb-vjHkrTHosu-LFl1mC9303KxuObqu4bYAym26DcD9lX7icEqL5Um6VUT-4LGz1IfVa-Ap39HqOpoHoQPvSkoyhu9MkW_kvVOSxJBzr0KgPwhDkLSLipZrlWgdffKpG18mXs643aflZGN3Ngh&cid=CAASJORoiBZ6_T6_J17-vGwoSBNn1QAdJCFpjCSykN2Hexuk48Utgg&rfl=1%2Chttps%253A%252F%252Ftinhte.vn%252F%240

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb37fbe4c60f6077fc93505ad01b0c59ee1f0aa258555d83248197c6f15efa1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16292
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 051C 42 B
63 B 62ms
60ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BD2wMuEMbEzHHKBXdYVA8revhYbAfWpRbuOBvhGlIv_x_pi_JxveA4YCIM5UT3UJCiMzHaamRkFqptAjHb1s1mZ950mru12Xh7nqrg4MOiMTFXjEI

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 051C 2 KB
1 KB 16ms
14ms Script
text/javascript 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 05:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 05:57:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 051C 15 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 06:31:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 051C 0
0 51ms
49ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQRZS22lCssZLfdwn548Y0KRrGrPhwZixg3itquqTSul0tCmKqzrGWyMxf0zzxFsXZxiRIqDZJMYIwlanat2pc8_PBlnA
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 051C 117 KB
36 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 06:47:31 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2090 22 KB
8 KB 15ms
15ms Document
text/html 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Mar 2022 10:21:01 GMT
expires: Tue, 14 Mar 2023 10:21:01 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 159990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4B24 1 KB
749 B 40ms
39ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Tue, 15 Mar 2022 13:26:12 GMT
expires: Wed, 16 Mar 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 62479
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4F41 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abe98267d83b989d8b48884bcb29c2d58538eb70de942e5ffad5a6971d19a433

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0035
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFuVeeZBC-8aXGcsRE8J-Dg&google_cver=1

43 B
1014 B

61ms
49ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFuVeeZBC-8aXGcsRE8J-Dg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhjjs9vEATAB&v=APEucNXiFr2dTwI4iiT-eCjaMm69o2MaBSSvvjMl8S781vrcXIcmDOTwnZAgj7zGwvhbVje354d53rUQmLPuSLO3O71SHYwwg0Mxa7GMm__1MW4rAXH35QgrKSQeEoHSQCAjRIYtJ5sDNxdUUMI8sRETTXbGoyNiQFyYXrsMsO_TGOGao_Yw3Js
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 06:47:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 16 Mar 2022 06:47:31 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFuVeeZBC-8aXGcsRE8J-Dg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0035
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjGIAwatHlVODEZs3tnuaQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFuVeeZBC-8aXGcsRE8J-Dg&google_cver=1

43 B
1014 B

32ms
30ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFuVeeZBC-8aXGcsRE8J-Dg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhjjs9vEATAB&v=APEucNXiFr2dTwI4iiT-eCjaMm69o2MaBSSvvjMl8S781vrcXIcmDOTwnZAgj7zGwvhbVje354d53rUQmLPuSLO3O71SHYwwg0Mxa7GMm__1MW4rAXH35QgrKSQeEoHSQCAjRIYtJ5sDNxdUUMI8sRETTXbGoyNiQFyYXrsMsO_TGOGao_Yw3Js
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 06:47:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 16 Mar 2022 06:47:32 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFuVeeZBC-8aXGcsRE8J-Dg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0035
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOjtuT5HACF2t4v8wHfNUAk&google_cver=1

43 B
1020 B

22ms
9ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOjtuT5HACF2t4v8wHfNUAk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhjjs9vEATAB&v=APEucNXiFr2dTwI4iiT-eCjaMm69o2MaBSSvvjMl8S781vrcXIcmDOTwnZAgj7zGwvhbVje354d53rUQmLPuSLO3O71SHYwwg0Mxa7GMm__1MW4rAXH35QgrKSQeEoHSQCAjRIYtJ5sDNxdUUMI8sRETTXbGoyNiQFyYXrsMsO_TGOGao_Yw3Js

Protocol

HTTP/1.1

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 06:47:31 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ac3d3ee5-b3f8-4d90-90a4-83d188b686a3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOjtuT5HACF2t4v8wHfNUAk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0035
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIwOTEyNTY1NjMxNDY3OTk0Ng%3D%3D

170 B
188 B

50ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIwOTEyNTY1NjMxNDY3OTk0Ng%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 06:47:31 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 677c5c70-4f5e-446c-b2fe-0b1cc10e8985
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIwOTEyNTY1NjMxNDY3OTk0Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 tkm Show response
lg1.logging.admicro.vn/ 447 B
933 B 220ms
220ms Script
application/javascript 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://lg1.logging.admicro.vn/tkm?ui=&ce=1&cr=1647413251
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/mb_core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: f3378fe46260af6db69f15ecf07deddc08fdae31ba4b56a33be3bf395448d016

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
cache-control: max-age=300, must-revalidate
expires: 0
content-length: 447
content-type: application/javascript

GET
H2 200 bundle.js Show response
media1.admicro.vn/ngvmfg/static/js/ 45 KB
14 KB 216ms
216ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/ngvmfg/static/js/bundle.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/mb_core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1 /
Resource Hash: e61fd45407ec94fcaf4f11a2a4cb98fc514a45a56d73be14ed0cbe8d896a4f4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 08:39:52 GMT
server: ss1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 16 Mar 2022 06:57:31 GMT

GET
H2 200 genjs_ht26032019.js Show response
adi.admicro.vn/adt/cpc/tvcads/tracking/ 2 KB
636 B 709ms
222ms Script
application/javascript 123.30.242.13
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://adi.admicro.vn/adt/cpc/tvcads/tracking/genjs_ht26032019.js?v=0.2738622624099609

Requested by

Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/mb_core.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.13 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 249.8534acf9682d1337e1a8e5ad65d5957c /

Resource Hash

4c1d5cf816a4f12151b15e1ae423892aa7dcdb76272cf7a2dcc1c3bb507ab8f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Mar 2022 06:34:11 GMT
server: VCCloud CDN / 249.8534acf9682d1337e1a8e5ad65d5957c
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 ptkm
lg1.logging.admicro.vn/ 35 B
467 B 219ms
217ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/ptkm?mdl=undefined&dg=167fb43a198e7820074acf8acdfbd6be&fl=0.0.0&je=0&sr=1600x1200&sc=24&hn=tinhte.vn&p=%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&r=&g=0&ui=&ce=1&cr=1647413251&i=s%3B1647413251858%3B0%3B0%3B1%3B0%3B0%3BGA1.1.1323063238.1647413248%3B-1647413246176%3B10%3B371%3B365%3B369%3B0%3B1617%3B4556
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
content-length: 35
content-type: image/gif

GET
H2 200 page Show response
sspapi.admicro.vn/ssp_request/mobile/ 224 B
496 B 745ms
252ms XHR
text/plain 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://sspapi.admicro.vn/ssp_request/mobile/page?adslots=10171&isNoBrand=false&i=&l=115&n=&u=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&ur=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&isdetail=1&refer=&bannerlimit=5&os=&brandsafe=&lsn=1647413251858&dg=167fb43a198e7820074acf8acdfbd6be&lc=115&uuid=&lan=
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/mb_core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: /
Resource Hash: aa2b7ad8235fa3238c0dffed231a804d1a32914c57c23711b4488f92a9514846

Request headers

Referer: https://tinhte.vn/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 16 Mar 2022 06:47:32 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, X-Requested-With
content-length: 224

GET
H2 200 cpx_cms
lg1.logging.admicro.vn/ 35 B
467 B 218ms
217ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/cpx_cms?dmn=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&zid=kmd75j6t&pli=kmd9xnif&cmpg=kmd650bd&items=kmd9xnio&cat=null&cov=0&pgid=1647413250505357236&uid=1647413249084434761
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
content-length: 35
content-type: image/gif

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame B079
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIaBWx6xiIcrvXIILh1qru8&google_cver=1

43 B
61 B

41ms
22ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIaBWx6xiIcrvXIILh1qru8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNUc4Sa1s4W2WxtLvolh6xtWsI6eXxy7_Wykh-EVJN1rggCn8oha2d1LseYtebQ1Nn3aBJd153fWpvTz9I0ML1qF_thMXZ8cm5UoJ03ek0HqnaxArXleQyvsMsyLuS_glUh6iebwNM4sED9MDIjWmGQb1qbemfnmamhfwuUtP78-OjlS0Rs
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
via: 1.1 google
server: OXGW/17.2.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIaBWx6xiIcrvXIILh1qru8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame B079 43 B
305 B 60ms
23ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNUc4Sa1s4W2WxtLvolh6xtWsI6eXxy7_Wykh-EVJN1rggCn8oha2d1LseYtebQ1Nn3aBJd153fWpvTz9I0ML1qF_thMXZ8cm5UoJ03ek0HqnaxArXleQyvsMsyLuS_glUh6iebwNM4sED9MDIjWmGQb1qbemfnmamhfwuUtP78-OjlS0Rs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: gzip
server: OXGW/17.2.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame B079
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEOLVCF8-YJrNGnjuzbRLnHo&google_cver=1

23 B
172 B

35ms
33ms

Image
image/gif

104.90.104.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEOLVCF8-YJrNGnjuzbRLnHo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNUc4Sa1s4W2WxtLvolh6xtWsI6eXxy7_Wykh-EVJN1rggCn8oha2d1LseYtebQ1Nn3aBJd153fWpvTz9I0ML1qF_thMXZ8cm5UoJ03ek0HqnaxArXleQyvsMsyLuS_glUh6iebwNM4sED9MDIjWmGQb1qbemfnmamhfwuUtP78-OjlS0Rs
Protocol: H2
Server: 104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-104-248.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 16 Mar 2022 06:47:32 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEOLVCF8-YJrNGnjuzbRLnHo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame B079 23 B
172 B 90ms
31ms Image
image/gif 104.90.104.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNUc4Sa1s4W2WxtLvolh6xtWsI6eXxy7_Wykh-EVJN1rggCn8oha2d1LseYtebQ1Nn3aBJd153fWpvTz9I0ML1qF_thMXZ8cm5UoJ03ek0HqnaxArXleQyvsMsyLuS_glUh6iebwNM4sED9MDIjWmGQb1qbemfnmamhfwuUtP78-OjlS0Rs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-104-248.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 16 Mar 2022 06:47:32 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 49E0 363 B
227 B 51ms
51ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIYtqjQwQEwAQ&v=APEucNXX_bgei_n23eAr7733oJX7cNTl4HbQBE78sUqE3B0o6IM8OURtLYYX-D-YTSnFx_XeQV00LdEOAj-Umw48BFE5ljKfHczZtvCmT6eTaGn-hZYbdBpF1nSbbEDQgO1f72J8f4vdv7jhvEk9zfqm2IaqAs-GpuBF9U6C6EBc_iEaHA6uMsc

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 16 Mar 2022 06:47:31 GMT
server: cafe
cache-control: private
content-length: 206
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 05DE 87 KB
34 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9KWhTB_e_Yj4FzjBiWAZIKC14YO60jbOiJaBaWQOJsRnVH1P57Vu6CxiotwCpA9dDJXWahUroXVm8OE3R6dfvWy9foyaIKPdbcaBgzh754wlRZ8OOGV5b1Z9_f89wXc2aaprC5HmoCChk--teSABJ84d0lw&dbm_d=AKAmf-AlmbTTQmx195U3yVrFDEeHBCTnf2lskeWF55Wa68Z3HjlpVvFwyEF3SgGtirrpUq7SbZsknFCAQq5ySd42mlmL68qP5KS9ogvRwvIzP6qaffa685DmrygSvEsqAsudfmZh71mqkeSkfDKQaZdKbmUoKupRvCwGUpHQNiXEfrLqO6gxm9Y6rIt0QfDclV9c4Zcu_1j_ZkE_-o_3fWGRtyTsARCMXz4wcxtBTQtrKzxd_1o1fIyC4iyGcGk8WW7K41-WVgemiTN_o-Yx68GQfHWShuszuRrBdpX2rxv5WJMooOxg7GRW20IM5SAs8Zd-hw7tewaOvm_pQ_mE0lDetddm-LGrYIZ2YwlL8ssWKpiREmQNbkSlktfbvQ103nnbdlPAsvzSTF6JJwGqy81b6jUEPTEQ931PWwPOUeruZ17lzojhYTAjmtDAVuRZBHJWvghBtEDjSYCK5vcqX4RXqXA8CFbOvAhbIO31NSG0RxrHgFBUwffrgXQI5j7sCm4wiy2RgdJbA5uhE2dqC1Lr6Hz6jAl4RHibXU7a4Sxs_5d3n0n84pW_Jyqb1cFUSHhZwaw5dSC3TRbMk2HxOK_EIEfPwRc4dt85eRBtlgiCbrEmohcISkhzSQhfHzL9wkAgyHSufQNK1JIebD1GsK37vZeBtVurGNg27xGbF3iBhMVm8upSgwMHYPsRkk3iwl6QT588fyvLdhJR3XuFOyTRWx1oC7ysw3GT9wcnEiGTKey5ftUrs_hvsSj6wCIQ7vlOUDSTTeJidRP5uKmQINhbmrgws0OI_VQ3oawCMly_rCvRC0_vs9L_tZzThOw2MjYsiJzhVtIUGJeBu4FhWbJQf_A_cHuhyttw7P0dNoHwzAGhWOAQQXoae3QKfnGOVsrTZww1kblKer2qUv6Vg6BGxsyJgksb63d4yiNCeF_9aKxvkbnuEx3GxDAHqZCQD-L3teGCl30aDt0PBF_N305bftwKgvluFthZTI191w9Gw3ggbz26QQymVy4DfWu74zTzu-FS-QvJ0ZiwutfiIkhdbofnAgNKo1FHG7DnuhdoEc36wp0cueC1iWuWpRb8WzyuGAwz-I5cIGCrZBh-Q3Tsyh2mljFxiQxLeA3X9Wd28wGLhhqybWe-y72OA82EoXElqI0Cxn1oIE66LeqzTHOzRi_0ZCX-rtbOdKfN5f3QkIsL_zMzije_dzKeLS48Kh5-k_FOKdcsglQIQZrN4Iml7BlXf-dziu_9jMqlGBVIaNzEBzprdIBLN_YG1bf_8SUsohpsFWQghhwhEe5KMFzL25V9fwRjVEkmZTqqAGqePXexPrd098lhVDgPbKoaoW-Gmie4Z8PSHdAOihiR7wAF3PfrUbO7Vw8NB24GSygptVcA1tZ3QpYmHu88D5WDOtfej2TFeso9rR_RdvjaQco-P5GAn3xVBSA8Stf5i1BYYZjyrD2iK7KaWF-Bf3dhyeJTtweEuwjuXWVaYBNYTcGkr6kssfi9yTTxx32rvjzeciYE_uTAX7n90Z_hqpiwa15GE9t-YE8aa6P3Qt68JIOgHoV6juYL0mHsDdmTTl3RKBN1nUYxaDiIy-V-7qtFgDL1hRPsvL5tHd82_p041OTv1Ig_ay8i-SBJQpQUcoKc99rUvL5ez2IahQZ6RjhCP-JckejCOuxixoVbgFphGQlYksELoNsz1DRWdQOX02WIV488pveDTeP-qOe7tl8LrWC7ZmTU5TFANrl95MLzQzKIW7JxAQqBW2f_H6tAuLH2xYJXA245hBPwThWutV_TRnjql8p2MolwMurLyjAWSVadS6Kytfxy9Gp-bwa9JvHm5MQcx5e0ifYJjE4T2CypZdoGsW7TSxyKXPnqN__5NLrnaRwmW1QYR5C6a32yMAi0vGOPivHN6UB1S_E7cMeWrMUTEUEruuMJDax-gPG0Gdh5PqD9FxlMOEOksM19q0aQZaY8_fCFRP0qetYwk2hF-93puxqQe_Y64k3mRyJxIfMWsbNApqLJpXHssnHEU4ch9XVGxM7lg575F6ggx_x3CGZfWy7AeJfjF6ZkaH-8hcDWy54TBH9TdhOoWmbC1uNSDS1jFP-Vv5GsPMCGq0HvFFC9oCMsMBqSIrwYaZJMYw2lZjxCGtAajfjhKwgAK_3ug8KQ1lz4PSV_2wB63toKc7-jnW9BMZecX5webk-nPuxZ_B5EC1iYYQexz4c_a4RUwLC6lCu7C5_nEbXFsRLljbN_0BVgJtIsDiHGdfbjKk1qs06UqMhWtzMy3GpseypBPTI-jhxSMf5znKsV4cZNw30P6ijvd_lLDn_gTf3xojkkpwEMAFTK2ltxxRZxV45F6rwG51KjoTGJJ9zJN4DSGRo8sG_v6HEiLRLJEJuMwmiqOH7m1quwwlDNGGbB1EaWesnPJ_xiy4_tgQbc_f8g9KpIQBx_N-AKlMKI2DEoylMfH4dqaPoBcgxR1zTZT7TA55d4SVBqxc-f7nGuk7ZLITdSgqS51vjnJXIOUtsxJtXWXs5KcKANIVaxl3ihvywfg06wDpGYIclt02xz2UZehJPRuFuCD-GpBx3RyWgn8qJMLK9zNFKNU5i8C-0MkTQnrUW3z0_imCKHEzWFAxB05DvhUwVsShh9cVLCI4899t-DHmUpEC8gF257DMbHKl1icTcF0-R8GgTOKjoiY4Rnty6IOUGwq9gVgiPiNglW9KqM3M2d1ym3wZ34VKqu0LsvKzMBa4Sb49Zmmcdh_aXCcy0KJVm3epDQIfdczn5pdPZDazjP44BeeSzHLDd_1K3Kx5T_3BWWIlB6PkfHkairrLObPkUstPnLOG3gq1yttcatc6mVZM-WHAA6eS7D--r6foyTblw42y0Z6BwkIaAkGIV_nMic9uM1pK5dXU_VfdxbpVn5J1SI92LKcpxY7I43keW1AU1FRcwX3c0-KDcmN9SHbIFhPI8am-qEnzusj84RlYtP0OkvFAcZrn3LQBS6ekB5AR_4JXm1dPWAdhIPVHaijBYZE35KEuSCTbqPZmDJv-FLMq6DwKWz-CoDwNE0CgrusXySURD5KZviFsl2TZbZxLn5ztnjgaaLpcsQNocSzLgdzw7GZv8oymSwkUWba16r8qEX27LmjnUESU9nSRD23ZFnjVFf&cid=CAASJORotL_EHzQYBP6l8bKN7Zcrn-QOiOBKzaZsahSIksGyFprZBw&rfl=1%2Chttps%253A%252F%252Ftinhte.vn%252F%240

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ae24aa1cddde31430e323dcd8376e202aa0e1b3090345656ae63a488565a40d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35192
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 05DE 42 B
63 B 60ms
60ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BLxqbZnXj1Wb7aP5f5uhAGOVCMU_tTBaVES4WIwMTz4gKoqzsTILDM6UvhjHGYTQCHB4pmfxpvo0F7acrAY03Os981lmlk8fvBB2bZiOa7b_bvap8

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 05DE 2 KB
1 KB 17ms
15ms Script
text/javascript 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 05:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 05:57:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 05DE 15 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 06:31:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 05DE 117 KB
36 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 06:47:31 GMT

GET
H2 200 v2 Show response
sspapi.admicro.vn/ssp_page_request/pc/ 1 KB
1 KB 671ms
226ms XHR
application/json 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://sspapi.admicro.vn/ssp_page_request/pc/v2?refer=&dg=774e265a7903b2f677dad103aacd5a10&cw=1000&sw=1600&sh=1200&w=980&h=250&i=2574132493117783970&u=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&l=101&ads=10168&isdetail=1&lsn=1647413248338&ce=1&lc=115&cr=1647413249&ui=2574132493117783970&uuid=
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/ssppage.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: /
Resource Hash: f79a04353155744d66c819b48177c519ad891e7c11c1be87b6db41c70389b0c2

Request headers

Referer: https://tinhte.vn/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 16 Mar 2022 06:47:32 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, X-Requested-With
content-length: 1182

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame EB3C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEIo5pqTF6qFABZT8nK8xNKo&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEIo5pqTF6qFABZT8nK8xNKo&google_cver=1&__user_check__=1&sync_id=f45f66bd-a4f4-11ec-8161-10ffbde80306

43 B
548 B

18ms
17ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEIo5pqTF6qFABZT8nK8xNKo&google_cver=1&__user_check__=1&sync_id=f45f66bd-a4f4-11ec-8161-10ffbde80306
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVJQVSiZEudgwARTOR-2wBtHnNpZp_SpAgeCIWVQnlKkelIaBD5XuYC9WzisraUmntByhlNqcoKfXozdPpVecE52wNnUCpVHVwq1-xxZs9S8mkQ5F7MJEBbepjMG5XFoNQo6fosDSS6mwstEVrs_Xr91xfptX5cpso9VxMkzoSKZnXiVqI
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:32 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 25
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 16 Mar 2022 06:47:32 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESEIo5pqTF6qFABZT8nK8xNKo&google_cver=1&__user_check__=1&sync_id=f45f66bd-a4f4-11ec-8161-10ffbde80306
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 12
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB3C
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZjQ1ZjY2N2MtYTRmNC0xMWVjLTgxNjEtMTBmZmJkZTgwMzA2

170 B
188 B

52ms
51ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZjQ1ZjY2N2MtYTRmNC0xMWVjLTgxNjEtMTBmZmJkZTgwMzA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVJQVSiZEudgwARTOR-2wBtHnNpZp_SpAgeCIWVQnlKkelIaBD5XuYC9WzisraUmntByhlNqcoKfXozdPpVecE52wNnUCpVHVwq1-xxZs9S8mkQ5F7MJEBbepjMG5XFoNQo6fosDSS6mwstEVrs_Xr91xfptX5cpso9VxMkzoSKZnXiVqI

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 16 Mar 2022 06:47:32 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZjQ1ZjY2N2MtYTRmNC0xMWVjLTgxNjEtMTBmZmJkZTgwMzA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 19
Connection: keep-alive
Content-Length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame EB3C 0
194 B 88ms
20ms Image
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:32 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220314/r20110914/ Frame 89DB 25 KB
9 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220314/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AB8stYrq6Z-H1-OAdPc3g1VZKmqPfAe3N4TIQ9d0zP6TcbUGryxl48TZGA8kUYXquOC6LJYfsn7QjLcw1Y8c_r0e0eF_3O1-IA8TM9l5cjf6r1hC2oFAkEaSVKQ2EmOFBg_vBViwUBrIUpCS1rMsASvr5MNQ&cry=1&dbm_d=AKAmf-BmBRca6ZLnSA9Du1rz5WShdZJqakRzvZvGgVFlFAR7h4C3r1bb32a4nzhFRM1owkBOj_2grBDUAyHQF7EHFEPe8-cMypjyfPQYD9SaMFJbHCJAmtLvREwcWFLmBiAtwFDEhS9OpOrLvIrEdo49kSkJC6Imjk8NNW4SFkffJu0l4Ge49wNRD12bXImBdVvPFv9GXsCAZE3BDeK7STLGgJvaJIhw74ajr3uo5mJAL-qLPfn0_L9qfUJ2LgQVsJ-caW2xHfubrkuO13YshmRVlPEh0J1kSiic5vsqkxE29O1kLICt67ESiEGZsI2Uuf9xpL0VE2tiCB9FTS5UUk56aLtQj8gkvUHYqSyzRAIvKHuXY-ruQWHVh9cFmiy729dLxIarKeiH9bSQJ02zoedUofhnrhXosXy7tT5qaKdu0PV5Fsu3AM8ZjZspqUk4wjIf2ACDfXAgOutM9hWSUoRo6N0ShCJ4ggv9r_R6twLVLtQ4iQf-0J51__hNGgxKEGgg49bCu9Zh1yrj7z5KkALTbarN7K6IEp4Q10OjMjZ1SoQ78vqrkQ10JBZ9YCKmnhJBKyweSOB2FkbsnrE5UBYk9uy5OetcYoESr5IVTl98b0jIAT_VpxWHEck_tWnc2hhWmckcjwJ4_dcJjMWZ5UOaO-ib9CtD7LekC70P1OrsRsErX2Tjx0cY3iuclNCrVgkYV2o85eBu6x-xlgxgWhfRLvSrL3tCapcCBzW38b8p9Fxd9h3IfIOIzIQ23XSiN0AYK1HUSGZm1prE4VyKmHRRlOwG46Ff2Tpf4yxlADmhSytLS9UNaq5w_7zN27zRY8uP5ljK5gnZbqtXK5gEV8R3ds-SmG2l_QZMHczXTob6rVVJw_Gnj1eWsFaGC1xLNSiETYb1nehlzYUIR0OBPx6bSZx6iE7vSKkT_XQf2_M5yNPIp7RMGroN3xT1YZRYJHS8e-LGp2Hod1-UHalAY1oe7hUG5ZduHzFhIgEQCUB8yiP-lxQYXzkYCfC8M-Y4rK-pc30rTRQWD3ZBGHuzAADnLD74xPjUcg8xJzjxhb8oblMN_00x4d8sTj6XEYYS2KhrnSuMlWiHzZ6uUqLdG2Gr32bt_0jbkRe7Ps4Lh8WyT_UkXW48ZcTJxWDPLPFoafEnKoa7cuEGjkhvwojwYnnEWj8HK0LYeXWS9miO4svFSYEriMg7W9fZaJpxTQzyxOwhBS4EgdLng4qPV6zUP43FIw3cb8iJhQq-T7CqUgtkwJupUHbjwHxoxp3fgrO65fVLVzeqlPBBbSirfVkn46sgqbJyP7CPmoUJt1X5WFNo73Y5kGqwEUjUkpLWWnLNIUh_dcTOoGtI2mecphmgtI1QF-V_AZvgUlhynkUNePk-Ft88A3keasB7YClO11kcKyf1RNUoDQ_UO7iRo9RHWayDlvSqpkrFgaSnyU_8VKESPIv7CrJN9P6HLMg59dq7sxZg5MGNHeWk8zSkieMUEdTbrH4RyT_qTH3B_AlsVUfnYMKQXJfl7IytxZB6icp9VbD7VozJ_8KeQejsGS0mheYKCQVIE-K-xcGvxmGgjjPZ90tS3c1R1U8vEBIpzKymNBtH8XgtQfBOy3UiyGQ-0gHR_YzDMa2oB9p6rTGtf4bTrJfYQmZlFIz4YrWK7pNOoFbkZu0nSo7dQHe8p55N-fNpzK5X3fkW2SG4YWLU6onMFlbT0MD0iUJHU97DIUxXJe0ucVXsA779rZnefdIWajk1py6HOfusO4KYNOd5_94KcOtyQ1rceIhwmp54hue9eKpdyjV-H6lbsruoL3jnTdbo9PE_Z9mD3OujzQZjNg6kA0YI3tBTP0Ufwqq5755vZ1INcC-WukLKVejuIc9FEObdcRHrb8JSfbKEZKDRb9rzEkI-hsR-0KHvvsBvoFKJQkCvVcnqb2Lns6nwZz_f5cyEP8OWe76r_9TXwq2kX_gGvQrs3hfEd9NTFaSTrZfTJvyDqX1GpTGNdSKrdL53_hTUB7yQwRTxt8AtVH2vBde7PmbS8pAvKAbM9AmtyPnQIYRTAJfk_xi_9FcGjyfjkmU_bI1NKXvDl9Uae3mEZXzczoBOuIB8rWUp6tabfP9bvvY2wessqn1L4rLPTfflBpn-D3YUoBg51_KjHjtl28jxB8lYsw_vsnLnjfAtkKcd7Tx2eeLi6NbaQRmuPZyT2lhmz3_qLPlVXHXF3piomDo2T93FjmcgDOkUuvQ5Ywz_6Cxq5txH_xL6wfQSVfrONEc5imZsgTdT-O3Y29H4dj2Y8NMTneBmwWCCS6H-nAtSFAb4oTmjJAtHaIUBIgzvrY9MlyEcnq5lFYo5eUsF27RZCiZgZ9qUWuUerOa78YTh8j03cff0sZ0O9j2LQdMXIDKLQQTutZQ7zC0MgkVmBTdxffHwMkz5SfyALP-iimDS4bGHAmpzVSbx9dIGYZ25fk5mGIu8Zd5j9Rn7S6cq0LV2jJREPfarE3JuF2FyDfyZEZDpO7mcjkEmBwetYdgl2qU-_8o4QMP53R6MNq5zRQX5g3Dohyns2D6GgoULK2oB8RLiKaTLaQSbWbpda-crEyel2ugRCy1zIrcUv7C8z1XJo3s0KO6qjThQ2eRgG3K7lUL2-oXsCeoQI6RBoBmwtqal6Sx3FUsEttkJ7rmBPAMlMZWeOvgeP-RJbIROdjIv7nFhgHrPS4vPuRML8bwwoQKEAX3L2xr_umnJfaolzkvM1Lx1OErf6S_hyDGP1zxEuxr-f7AifBxbT0bz3IBsSvOh2_ix8e0m-Gv5t4G0slUAO7948brFSr8JAxNG_B2NwRTFjHBthslMZYe0niJh3iv__K4mYecD80MryX1dNYFDmteJc0jsOLN5SCH1ffrF4TUu_h2fqUthMkOsfaaLnBfEWY-EvrvRydinvjXNaPD6sFlC8P86t8t_ufMB7i6kjjfrYfa1469I_e24ti4oViF34LoTCdvckz351dBGPni6VFTERZd59gXwLJQ90g_ggP4RdmFOUq3lZTfeSc1jUUGP-Oz4DA9je2Uvv0gQq2jwdGap3ODyPDh4TjYQ33ibgHYuXOeVvlkgkONd-hXU53JX6vFYs8-e5qev8znc52XLgVNIkZ3iFxsbzmf8nNSVsfLDaKFLR4HLCiJoooGI5U5nbgYmm82AqNT_-cwb9YK1yLTSAUY_lBqXfXnFCmMyWnRsBo76vewXAPg-oCiY822SgGhslnfB6fZc0ek5nPN3M2BVT3a21LUvC5TlcnUXQIzUZTxEcsyicNcrc2nNYDTjQX1ug9sylNYFcUDIPY8un1PtjnkWkoEWtY2kfR_2R6IZAevHKPI9OBAqK-mTxXGcig296tFenSNowSAVoBRtwqDNRvpY6g450ICA7GgEZWZudzfZR3HR&cid=CAASJORowg6tnwFTXgZh8Fanq1VmJmKQhxLgBANSIwyGja36e-Qg0Q&rfl=1%2Chttps%253A%252F%252Ftinhte.vn%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 16576748017229546422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 06:43:12 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 89DB 41 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 10:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Mar 2023 10:21:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220314/r20110914/ Frame 051C 25 KB
9 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220314/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aetq0gBYYBpQMsic_nvz1TfFUNdyn1S7FYj1uWxHPJyQjh-L-O7boT2yAFcASMJCatWzg_2h1Gbm2UTotwv2zoPulVd6nJbNZ6Sc8LDnwBhDX8940zAKbiGo8mg3nAvzf-hSpc7mffd0feiUQckdoo8XD9bA&cry=1&dbm_d=AKAmf-Ch7nAfWdX4seLtyo9JqOOTcpn0KKz2xqdRcuGJgwLXWwTcoCPyOljQDgl0W-Kdrfr1o83Z0XeFgddDxkrxIxj71XJlHrqtHiXzg4Thc4PzVjenvtEesvkFARPMVyDXs2jDzg7eQCIs-6RSTPzODJsSbxuHEclEZkRrIEoTBRXMIyj3Iz7iUv2fwCzrOSeRP6tspsZ9IuE-RP3a247UqpcYKxX2jiGNJ2CfTVvHWylUdXgLhwEGGEjWUyYEQm0434yvz62vV4oG38M_DDyIbLhY4bVVCH3MrN7GoGhTUP-0qLe2ewNb38QXs47OCzas22vTB7Z1o2p6fnCcDYPYmk22UwtsJ7WdgXwiOOhb0Aps3Q04dZ0fSUmeUXx1Ktf1z-BO88V0czhOSyuw37EJa7pA1jtprzC0fWvirBC2-ktSVvkNrteCXfdyTTrfd9UuSptn2xkhVFdEcqctyyoOX4GOn5WNEpNqHayA7vtzbxr-JD2KUFREgvSir8KG2lXibI291cY5F0dGU-p-hWAEsaG18UwAB407jEtTewPw5Upq5CSWmFGDkWVuXU8xWhgYjaML8qBMzSxTxNXwgBsQ84cNW6zxHRkdwAAaIxwE1MtOp6MXQ-ZY0zXOgxCK4qWf06luenChc9Qd9u1rkRWUp0NyJEOVcUQx0xJMJA3REGD7kBtRWwivFgwxyP6glqJm9woZIBvC1j212p7lVQ2O3N7XEAigIssWHBjzxSedknc50SA0QMh4FmTnGY9Kf438ZVzqMg3nb01u7fr7tWBL-rWHFwLikVZ6jSNyqig39yxXKpkn9P_HOjQwpJyoHH7p35627y6Qclz3c53L-J3AdbkATfkfAXUMb9Cvt7XMJ5nscdnfOXdXt0cT6-_NnVkJYyFu2zCPI_Tjs2cXeC7QTjpTc4pgZ57IkqFYANc44rsry371bZHQRxCDdcWy1Bas0LLuNIocX_a_ZwzKWaSuPytZsGvM3UGvCjIQZu4g5OLr_G4rPPSl0iFoHkF44j0K5V722txx_i2svtN9NFn8IE3uQDo3o2LuMSY3Gh19X8rHRoL2NZSFopC8qTBaTrgMPQzvB8Kiw4MZycmWZWIgesVDloSztMi3lGa8KY5NZ89yFoI2pia3gndSG3boAwsIEGSFnoybnRj8M8ezfLp3W0okTG4-TJ9IivNeUirQHo-cRhv6XnIWQVPGVO78lscYI18pz08tzbVdPeZed8aTbnGE-495Js92umG3cqjtHY6m3L5Xv2Nt-SqyQa9XEuImQRSOr8MLBUUh5uogxgxelOEiXoYHwo_pESuSPHD6X-vBF_pexeBlpV3dT28BwVE6CaO_YQWpT6OZyvrYl2W_AN1OU5PRdGEpaMPTde6PI2q5dggXOardsKzzgqXzg_n6pzF0d85M7UuFGgKgMWLHLkh6SF8Lk0HOEsqfW4ruYRBwPk5RkEkX4KuqLEPPV_iVwvg8wP5i_0YMD053Mzm_hk6z-xHreGSXIqM4RJi9P3Yghr2CPleP5Bxe0p36aewGl6OaaFB71XvZsPP045c0DJNxo_Adxyia5V7cdlLvWtcoCy3QGkUrasTFt_62Izdo3XwBaphK_P2J2QEf_1BAxnIMWusxyBFRuv-lqkPXPvUCwCzhImKfNJMc0rWikzMTqv8wMkH_kV0FRj53E2wlW8anx4QSpTkazLNbAVX39dNUUKS9r7wtrq-FNCqZyJSoltiXj-dBneBtI5dtM1mkXQTXBkldBEtrum-3RRQNglllj8ZJexxyjg3c-F6LJR7H3HfJvC4Zop7kVMPLeAgWW074nWx2etHAAm0PxgOnrKpBsEVzXxAW-8Tvhuk4MEHjOBS0ykklgLJtL7nBtrYMsOxJ4kgXsxdfgpf3O5-oj0a49PdorZ6pRVV2KFEFWoBCLa2Cu8pcP9tT2nF9QfQYagmpWUxfridlSt6NRrDYyZ0NnyAhYiOFCbZjLyPm4cCYJIQwzz1pYS59pzXJwBEN8jQ0GuUfy9aj12gNhma5-SmwIoHB8CsUWSh-w7SDfd3qHXH3_ujfddfs8GpK3w64qkUQ27T9pAfX_w_u1n9M8bZSPFpBAqmnVHcIuS8Qt7hfbv3CfBwLO35T0vruwE2gmXH34mW_oJ9IohYFz6SiOOwmBhUUlc1jbfCc_QgXRX_LwsVs8b8ssDT2IuHhtIwXlghr6L6OACEqB7mEQiAQoQXf9Wt_Q9oj9o0fI_85ncfzAA_FQN9SlSbOTi-QHGQOX0Ol7sEztGeLwRUwCQD4eCKISKQsRl-4NaSbTPVQ7s9p2X07gewwNMomJdFN8dY-CcWGqS-0KOKa9SyvdgqFjqekifepCvGkhrgZYfwZcqdcAPlouG2GDaZ_FV7lsQeGnx9M-vPGd9qWrRPd1wnejchKzXCuZr6r1fvE-cpzXFMtO94mZHTxYdlnad86VOWHeKZ1OiFwJjrmVt4_4euEa291Ej1RfVbqVj2dVnqYyRXoCK180320wPJi6tLTdEzul5OtZS8-KSHZtx2sDtCV95JVXWIILJBJB2EoRPREgChnF3ieedTnm8WS8FqAcFuJB1A5s5hiQvrcBtNkZIDah5mDusRJzqmLWWv9BiVQxzf9tIsJRi8R0raJgEkhsDmk8JdWNvUq2uf6OlnuyjWI8bcykUtk-78QwIRyyrmKAXSs-pGNE_0LaOMDVdGkIrzQlngmMqRo3mu4zYNw2B9NAEUAHGDLObcaugvg9Iy67ylSNRtvJEPy7uXO8U9xHEMpP5fr46-JPIZC9p5PL1W0nwTwkDIgi-zm2Ln2NJQPm_ZGKFgSyNfA4c_A3_hGKMSwIQHg-vOo_eaOHbzlz-HOvpgNa5xjIMaa9RbB0hgpH--TQfbhFqcNaBep2mWRI5qNHdwD_cUp8fJqpYlHll6Ryq2xvDBrZehMCj6A8PpXibKofP-lSrC6TBf-mmhntn6wJrNTw4mwHcQs3ULcYCeRAleiUAamT8PNd-vVrtUfr-LJBi7TWJsh9fUFrG846tsKfDuVcrQ-6at1rof32Qiq9uI1urTS1s9b3kzAdQOKvkgQwe0gAHspCm3MQllCKjp5_KkuP33Jn8CYuXGSeBKCdsav9hOcMWjwb42DWV93tqk-ByiEQhkO-DwcXNA5jb-zlhIVsD2NyBYlgTlNtL1AC9QHJwzXrIuEPjEZbspiev3pTnGou94B85qme3zn7qTRaDfDE9uo4ZsfweBRweGDO-8TsxgISTl7akBb-vjHkrTHosu-LFl1mC9303KxuObqu4bYAym26DcD9lX7icEqL5Um6VUT-4LGz1IfVa-Ap39HqOpoHoQPvSkoyhu9MkW_kvVOSxJBzr0KgPwhDkLSLipZrlWgdffKpG18mXs643aflZGN3Ngh&cid=CAASJORoiBZ6_T6_J17-vGwoSBNn1QAdJCFpjCSykN2Hexuk48Utgg&rfl=1%2Chttps%253A%252F%252Ftinhte.vn%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 16576748017229546422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 06:43:12 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 051C 41 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 10:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Mar 2023 10:21:01 GMT

GET
H3 200 container.html Show response
6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 98C6 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065650

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 06:47:31 GMT
expires: Thu, 16 Mar 2023 06:47:31 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 tracking_info.gif Show response
lg1.logging.admicro.vn/ 238 B
855 B 217ms
216ms Script
application/javascript 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://lg1.logging.admicro.vn/tracking_info.gif?&ce=1&lc=115&cr=1647413249&ui=2574132493117783970
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/mb_core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: 30aa3e8a9ce94fdf91bcda4d86c5787ea51e19745e6ccd92d579376714746a06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
content-length: 238
content-type: application/javascript

GET
H3 200 Xhw_M0l6ptRjT5fviZdmut9BPjYAyU223Oe_EyJMDPw.js Show response
pagead2.googlesyndication.com/bg/ Frame 2090 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Xhw_M0l6ptRjT5fviZdmut9BPjYAyU223Oe_EyJMDPw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e1c3f33497aa6d4634f97ef899766badf413e3600c94db6dce7bf13224c0cfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:10:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 538612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Mar 2023 01:10:39 GMT

GET
H2 200 get_adm Show response
qccoccocmedia.vn/ Frame CA7E 15 KB
7 KB 884ms
434ms Document
text/html 123.30.175.51
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://qccoccocmedia.vn/get_adm?id=1cf562a1-1da8-49f7-af15-3c25938ba3d7&reqid=7196d993-a10b-4e77-b386-ceb5971b5180
Requested by: Host: cdn2.cache.vn
URL: https://cdn2.cache.vn/banners/sspAnetTest/cc_ssp_new.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.175.51 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: coccoc.com
Software: nginx /
Resource Hash: 6599d17a2ad8811cbc94f22260f064283c021199ac4169087f32d17d16902585

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/

Response headers

server: nginx
date: Wed, 16 Mar 2022 06:47:32 GMT
content-type: text/html; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET,OPTIONS
access-control-allow-headers: Range
access-control-expose-headers: Accept-Ranges,Content-Encoding,Content-Length,Content-Range
pragma: public
content-encoding: gzip

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B24
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKnxvEJ8FtDiM-VA1mW13Gg&google_cver=1&google_push=AYg5qPK8QCSPTXhsi8gaB6gRaoJIH-GuAbZCiaXcSa7Awy6HWT45lWlL-W...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPK8QCSPTXhsi8gaB6gRaoJIH-GuAbZCiaXcSa7Awy6HWT45lWlL-WbFc8fOJlVrhn_JQ2mPqawxhXLcqm730lC1DsUSPgSU&google_hm=sPSXW8dUTcOf...

170 B
188 B

49ms
48ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPK8QCSPTXhsi8gaB6gRaoJIH-GuAbZCiaXcSa7Awy6HWT45lWlL-WbFc8fOJlVrhn_JQ2mPqawxhXLcqm730lC1DsUSPgSU&google_hm=sPSXW8dUTcOfp6QejnxeRw

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPK8QCSPTXhsi8gaB6gRaoJIH-GuAbZCiaXcSa7Awy6HWT45lWlL-WbFc8fOJlVrhn_JQ2mPqawxhXLcqm730lC1DsUSPgSU&google_hm=sPSXW8dUTcOfp6QejnxeRw
pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B24
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIsxqsD46H2H5ds_LzpxzFBXPhyVaXqDyWAQN2...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWpHSUJBQUFBUkF1TjFTMQ&google_push=AYg5qPIsxqsD46H2H5ds_LzpxzFBXPhyVaXqDyWAQN2Q186Ttn948uQ9lKKYl03QpwLS_qoerPSlZrh5Rr9CBPQ0vx1jjez5DgaY

170 B
188 B

54ms
52ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWpHSUJBQUFBUkF1TjFTMQ&google_push=AYg5qPIsxqsD46H2H5ds_LzpxzFBXPhyVaXqDyWAQN2Q186Ttn948uQ9lKKYl03QpwLS_qoerPSlZrh5Rr9CBPQ0vx1jjez5DgaY

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWpHSUJBQUFBUkF1TjFTMQ&google_push=AYg5qPIsxqsD46H2H5ds_LzpxzFBXPhyVaXqDyWAQN2Q186Ttn948uQ9lKKYl03QpwLS_qoerPSlZrh5Rr9CBPQ0vx1jjez5DgaY
Date: Wed, 16 Mar 2022 06:47:32 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 4B24 43 B
351 B 56ms
21ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEF14d40uxADgBJTWbbOPBSs&google_cver=1&google_push=AYg5qPJ8GULW2q93zruFNduTgQJS6ZpBsXEu8ny-Q6FJpZ7AIAZuOpFuBp6ZjprdOdqrevyTcNmqoSQH_6BLY3oGlMxV2DzHZVjHGQ
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ck3p6l08qkb7962v5sbm66m1fljcautq

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B24
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJeDWnqrq7RPa0z95q7f0jBV8rirpe3ePjSxl2sQ_cEJcGiR9ucf9JjmDw9itUrCzd8nFlnWsIMkXm91wuuxGHq61B1mDb_

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJeDWnqrq7RPa0z95q7f0jBV8rirpe3ePjSxl2sQ_cEJcGiR9ucf9JjmDw9itUrCzd8nFlnWsIMkXm91wuuxGHq61B1mDb_
date: Wed, 16 Mar 2022 06:47:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B24
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA5WN69DkXgkope8Ki-glkI&google_cver=1&google_push=AYg5qPJc59zXzJGyGXq0Erz8vDTM41qDPf5sguR1EYcTSPgSXo6YJKwLnpM1kjcubkvkuvg0sXd...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBUN0JDTVctMU4tOFk5VA==&google_push=AYg5qPJc59zXzJGyGXq0Erz8vDTM41qDPf5sguR1EYcTSPgSXo6YJKwLnpM1kjcubkvkuvg0sXdPTwYFjjjZYLacPEkHo4BMlQd2oA

170 B
188 B

53ms
52ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBUN0JDTVctMU4tOFk5VA==&google_push=AYg5qPJc59zXzJGyGXq0Erz8vDTM41qDPf5sguR1EYcTSPgSXo6YJKwLnpM1kjcubkvkuvg0sXdPTwYFjjjZYLacPEkHo4BMlQd2oA

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBUN0JDTVctMU4tOFk5VA==&google_push=AYg5qPJc59zXzJGyGXq0Erz8vDTM41qDPf5sguR1EYcTSPgSXo6YJKwLnpM1kjcubkvkuvg0sXdPTwYFjjjZYLacPEkHo4BMlQd2oA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B24
Redirect Chain

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMa2SJ9Puev5L0dsrxNy5EU&google_cver=1&google_push=AYg5qPJmfOa2nQWkFCKBiM7levVblT9SFglL52Oab0nLdhPtoLNS5dbbTSNZt0LbstaI00cb4-c_UYH1h9J2zkUGbrQT_Xk...
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPJmfOa2nQWkFCKBiM7levVblT9SFglL52Oab0nLdhPtoLNS5dbbTSNZt0LbstaI00cb4-c_UYH1h9J2zkUGbrQT_Xkccm3TEw&google_hm=XSh_YfA4RGmvPv...

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPJmfOa2nQWkFCKBiM7levVblT9SFglL52Oab0nLdhPtoLNS5dbbTSNZt0LbstaI00cb4-c_UYH1h9J2zkUGbrQT_Xkccm3TEw&google_hm=XSh_YfA4RGmvPveLSidiLw

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPJmfOa2nQWkFCKBiM7levVblT9SFglL52Oab0nLdhPtoLNS5dbbTSNZt0LbstaI00cb4-c_UYH1h9J2zkUGbrQT_Xkccm3TEw&google_hm=XSh_YfA4RGmvPveLSidiLw
pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
cache-control: no-cache
content-length: 0
request-time: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B24
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFUNaRYKxQVS-MzB3uOqMJY&google_cver=1&google_push=AYg5qPL1W6AQ_zA5cmdNWLoh...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPL1W6AQ_zA5cmdNWLohg-ggLIZ8p01q6mHUqtQhJVZWVP2NIsumgVco8_apWVadgYJVsIa-i7YVWQCX7qOY3nOsYYjihoCAwWc&google_hm=

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPL1W6AQ_zA5cmdNWLohg-ggLIZ8p01q6mHUqtQhJVZWVP2NIsumgVco8_apWVadgYJVsIa-i7YVWQCX7qOY3nOsYYjihoCAwWc&google_hm=

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPL1W6AQ_zA5cmdNWLohg-ggLIZ8p01q6mHUqtQhJVZWVP2NIsumgVco8_apWVadgYJVsIa-i7YVWQCX7qOY3nOsYYjihoCAwWc&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Tue, 15 Mar 2022 06:47:32 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4B24 0
12 B 52ms
47ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JOX-UnoajLOctzy87CPT7msn9rmzaqWrMPhN4mp0JC4K3Z5TPo7Pq41Ww3Y4Qytz70dOCxqA

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55946/ Frame 49E0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
https://pixel.advertising.com/ups/55946/sync?uid=CAESEG4r2uFnzmwh01c03zD7ntA&_origin=1&google_cver=1
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEG4r2uFnzmwh01c03zD7ntA&_origin=1&google_cver=1&apid=UPf45d8e56-a4f4-11ec-93af-021f01e9bc5a
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEG4r2uFnzmwh01c03zD7ntA&_origin=1&google_cver=1&apid=UPf45d8e56-a4f4-11ec-93af-021f01e9bc5a&verify=true

0
133 B

10ms
9ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEG4r2uFnzmwh01c03zD7ntA&_origin=1&google_cver=1&apid=UPf45d8e56-a4f4-11ec-93af-021f01e9bc5a&verify=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIYtqjQwQEwAQ&v=APEucNXX_bgei_n23eAr7733oJX7cNTl4HbQBE78sUqE3B0o6IM8OURtLYYX-D-YTSnFx_XeQV00LdEOAj-Umw48BFE5ljKfHczZtvCmT6eTaGn-hZYbdBpF1nSbbEDQgO1f72J8f4vdv7jhvEk9zfqm2IaqAs-GpuBF9U6C6EBc_iEaHA6uMsc

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:32 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEG4r2uFnzmwh01c03zD7ntA&_origin=1&google_cver=1&apid=UPf45d8e56-a4f4-11ec-93af-021f01e9bc5a&verify=true
date: Wed, 16 Mar 2022 06:47:32 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 49E0
Redirect Chain

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UPf45d8e56-a4f4-11ec-93af-021f01e9bc5a
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UPf45d8e56-a4f4-11ec-93af-021f01e9bc5a&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBmNDVkOGU1Ni1hNGY0LTExZWMtOTNhZi0wMjFmMDFlOWJjNWE%3D

170 B
188 B

63ms
63ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBmNDVkOGU1Ni1hNGY0LTExZWMtOTNhZi0wMjFmMDFlOWJjNWE%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBmNDVkOGU1Ni1hNGY0LTExZWMtOTNhZi0wMjFmMDFlOWJjNWE%3D
date: Wed, 16 Mar 2022 06:47:32 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 49E0
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1saEwxWW14RTJ1RmJDUzFqaVdESmp2aEk1UnoxMEIyeH5B

170 B
188 B

60ms
59ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1saEwxWW14RTJ1RmJDUzFqaVdESmp2aEk1UnoxMEIyeH5B

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1saEwxWW14RTJ1RmJDUzFqaVdESmp2aEk1UnoxMEIyeH5B
date: Wed, 16 Mar 2022 06:47:32 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 mapid
lg.nanda.vn/ 35 B
461 B 680ms
229ms Image
image/gif 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg.nanda.vn/mapid?src=admicro&dguid=774e265a7903b2f677dad103aacd5a10&3guid=2574132493117783970
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: aws/v1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/v1
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 47A3 22 KB
8 KB 14ms
14ms Document
text/html 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Mar 2022 10:21:01 GMT
expires: Tue, 14 Mar 2023 10:21:01 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 159991
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 79CF 22 KB
8 KB 14ms
14ms Document
text/html 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Mar 2022 10:21:01 GMT
expires: Tue, 14 Mar 2023 10:21:01 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 159991
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 4727t6qteyti Show response
hal9000.redintelligence.net/zone/ Frame 89DB 11 KB
4 KB 52ms
18ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi8uKA4gxYsfmDoeJgQeV-Z6gD7XN-YNX_Ni5q-UM8C4QASCM-YEaYJXikIKgB8gBCakCz6giEOllsj6oAwGqBNwBT9C40gs9bGSIX-i1zWle1f4X_DhkST_tQUJnkQCRWVtIAdNLz6pQpyos6soTZ2Nryiq4qEahNyPjA-JTFU4EA3-RwOhLxo5loF6y-m4YcsSC-2OaVwDHGYT2Uyrnyiflt1EhEdHNOz7bEBdn0eSGM0dbO06JbUgkXfnxgb3KRE96QmZsy_HNKOFSIrZWkuOnZt4owQ1qksG0fN7f9Ne6CsO3O0vA30R7LXzI-OYCR6DzQ9OHK_654om-fFUvuvBw-8Kwd3uERqJBXx0QKgClXqKw-_SAljmjdnbt88AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJORowg6tnwFTXgZh8Fanq1VmJmKQhxLgBANSIwyGja36e-Qg0Q%26sig%3DAOD64_1j8IbNHURmDv_EuJ4Apb_Ur-oerg%26client%3Dca-pub-4328742155432872%26dbm_c%3DAKAmf-DfZez0W5vkNbdyhgB0AkXsyw7dHB_kiK1zmHqhJx3H3k4zvXgvHEDtXHZ_kzKuQ2aifp7EGZGuxYs7S5DSNDJ4CJRsrwSCBshMxNYGuz1HjIXTWnnK-Kk9yIN_HWLvw-sxgIhxBUZBmn65rIBwKApyDZgoZA%26cry%3D1%26dbm_d%3DAKAmf-CupFV6ottWqmt6iKHWANnNc-1ZiVf0nXBbEDVimTN1JW6srQaIhB6XMXOczRoQKOWGeIq9zCTofC4e42AtDchY8REvc_7lmsGow6If_ngqOSzZd-g-UrbAB4BMIxGbCBrA1dfNJ2hXvpAt9JNIKdKKIqJOQPrsA0yAbBTXNQY6K2nAX41_GchGoea7R3wNFqhVmfeiIjtry5bEl0IRLTfeTfuCVdKrAgNdUS627OurzCXO3th9fU-XhoPNKiblRF8LqtdPCj4Rmr2hFePDWTwD7e8C-FS99VxkI4c3gvLqI9Ky1LlWyxvdnsbD8tLMNSR--FkUDF7wYvdWelaEu9b-Y1cgeCZ5WAJnT5K4MnzG0EdJIIg1Zbdb6AOtZse8gmXTwf-L30xi4QgxpLKLwcCKeTmrhlIBA7wyiY1OEO7EnlRVreyTdgnIlyf1_AHkT2hfq4Vn973LwBYFylhcVjzMMFl6xyW9vXrqVmLnBYzeca3R3qB-sLvPSUuUGlqENjZxWIpeyGuW8Ay6aghytfl-TRSbpvbb2sC7obGDj75psFaQ2as%26adurl%3D
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: adcbeefdde784372fa40e998783b84fd277678130f8495dc76613696ed1d87b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:32 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3988
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK 4727t6qteyti Show response
hal9000.redintelligence.net/zone/ Frame 051C 11 KB
4 KB 51ms
19ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRgNKA4gxYpb1DofH7gOvwJGYDLXN-YNX_Ni5q-UM8C4QASCM-YEaYJXikIKgB8gBCakCz6giEOllsj6oAwGqBNwBT9BJY2dkN88ao2r1S0P-gQYYIrwq9pMJAR63AcqmdNdLk4LtwiNAQLqFX9PyAkWLZyjM0nIJqAo5DtmhPKkxnEQZvDXn-s0NRH7rsDzPG30O2faadn82NyXR0M_qJe9iPcj9nq0VPmLQ-cKFoLLIW_P44hvFKqW6r0xkyvg_u7DrOC11KfLF3FAjuWZhubyBAhI2Fsc6PmKXmx4VIeopvwShzKzpgiPiFUano6_5isVSNCmBDq_CB-58-oJny8M2keQCh7tkwHbO_nFUaYoRwqp3TRclRFYpDCV_cMAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJORoiBZ6_T6_J17-vGwoSBNn1QAdJCFpjCSykN2Hexuk48Utgg%26sig%3DAOD64_1tz8ZrIUnhS1MQUVEFj9INp8_bbQ%26client%3Dca-pub-4328742155432872%26dbm_c%3DAKAmf-B3iWYwmj1XwwQkJOvIWd9Oj6bBUI1jf7wmulBVoPCR8UlNau9N7v_l511o1X-PATC0wSGw2f7v8JgFu5bIopNjGmM3ZAGZa46QuKB5BQ3fd_JkUQcuVA7LdZrBFWTPidYv_7pWRStym3Mx-8dkbwIfP24kkA%26cry%3D1%26dbm_d%3DAKAmf-CEo-Moi2eEmDRq3tlebZTanzi4b0LnXcPMrboFCJrg6NmxauYm609l-9bCjnemPLeatKoXzzeIrF8Aef4YdhL2UM5Zwm7T99_sC2zqPcL7dnn_h5ZUdtlpeA78cQgTeL-2pAX5M1oSY_-13iWnRP1fhicxFXQTrHfjXy974LyA3zEgVcdgGcbhq-R_VKzj_HEOqYSdAmTFOwyBIPZOdq05LCy1ZhamsxSILmRhVFBiM2uJ6MiSnMOWpaIVBxFK7TbOgL3bMy4G0DnZ07Hv0Av6KkzTIq-CmiT8dXmffZ9yv431by7Q5oLendn89s1bgMSgthb2sdWIrydBbA9IPj2I6v1rrDgEs6nKjaPtlwNs1xZxk1kxjeE0b_5G94Gc5AhxXwGvsrSKMEUPtinAAR5PftrOT3J9ZIifG_4lycAN5OmNt2YEXLJQkel3n31CfIoYaL657pasRdZylHkLfBGS2OcVy1FEAYcpD5DKfVIcdFCkHe9BKxJy-GyVleS61VHsaN4tcpb9efreJBKvDOr9OMLBwxMFRb3V8YOndiGVgIKLhqQ%26adurl%3D
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 843f199c8fc26348619c1030edc1af8961b24fd229e40b5750422d8ece730a66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:32 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3987
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/949432/60827839/ Frame 05DE 47 KB
13 KB 130ms
30ms Script
application/javascript 52.213.111.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/949432/60827839/skeleton.js?ias_dspID=3&ias_campId=26650973&ias_pubId=pub-4328742155432872&ias_chanId=1&ias_placementId=16184950690&bidurl=https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ing9p_oOXvAwlgOsYenjsA
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.111.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-111-123.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d1aeafadb84a84267f0b84a32f67b5016956413958f008a034d25e9e62f55a40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 05DE 106 KB
37 KB 87ms
39ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
Origin: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 12:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Mar 2022 12:47:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220314/r20110914/elements/html/ Frame 05DE 8 KB
3 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220314/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9KWhTB_e_Yj4FzjBiWAZIKC14YO60jbOiJaBaWQOJsRnVH1P57Vu6CxiotwCpA9dDJXWahUroXVm8OE3R6dfvWy9foyaIKPdbcaBgzh754wlRZ8OOGV5b1Z9_f89wXc2aaprC5HmoCChk--teSABJ84d0lw&dbm_d=AKAmf-AlmbTTQmx195U3yVrFDEeHBCTnf2lskeWF55Wa68Z3HjlpVvFwyEF3SgGtirrpUq7SbZsknFCAQq5ySd42mlmL68qP5KS9ogvRwvIzP6qaffa685DmrygSvEsqAsudfmZh71mqkeSkfDKQaZdKbmUoKupRvCwGUpHQNiXEfrLqO6gxm9Y6rIt0QfDclV9c4Zcu_1j_ZkE_-o_3fWGRtyTsARCMXz4wcxtBTQtrKzxd_1o1fIyC4iyGcGk8WW7K41-WVgemiTN_o-Yx68GQfHWShuszuRrBdpX2rxv5WJMooOxg7GRW20IM5SAs8Zd-hw7tewaOvm_pQ_mE0lDetddm-LGrYIZ2YwlL8ssWKpiREmQNbkSlktfbvQ103nnbdlPAsvzSTF6JJwGqy81b6jUEPTEQ931PWwPOUeruZ17lzojhYTAjmtDAVuRZBHJWvghBtEDjSYCK5vcqX4RXqXA8CFbOvAhbIO31NSG0RxrHgFBUwffrgXQI5j7sCm4wiy2RgdJbA5uhE2dqC1Lr6Hz6jAl4RHibXU7a4Sxs_5d3n0n84pW_Jyqb1cFUSHhZwaw5dSC3TRbMk2HxOK_EIEfPwRc4dt85eRBtlgiCbrEmohcISkhzSQhfHzL9wkAgyHSufQNK1JIebD1GsK37vZeBtVurGNg27xGbF3iBhMVm8upSgwMHYPsRkk3iwl6QT588fyvLdhJR3XuFOyTRWx1oC7ysw3GT9wcnEiGTKey5ftUrs_hvsSj6wCIQ7vlOUDSTTeJidRP5uKmQINhbmrgws0OI_VQ3oawCMly_rCvRC0_vs9L_tZzThOw2MjYsiJzhVtIUGJeBu4FhWbJQf_A_cHuhyttw7P0dNoHwzAGhWOAQQXoae3QKfnGOVsrTZww1kblKer2qUv6Vg6BGxsyJgksb63d4yiNCeF_9aKxvkbnuEx3GxDAHqZCQD-L3teGCl30aDt0PBF_N305bftwKgvluFthZTI191w9Gw3ggbz26QQymVy4DfWu74zTzu-FS-QvJ0ZiwutfiIkhdbofnAgNKo1FHG7DnuhdoEc36wp0cueC1iWuWpRb8WzyuGAwz-I5cIGCrZBh-Q3Tsyh2mljFxiQxLeA3X9Wd28wGLhhqybWe-y72OA82EoXElqI0Cxn1oIE66LeqzTHOzRi_0ZCX-rtbOdKfN5f3QkIsL_zMzije_dzKeLS48Kh5-k_FOKdcsglQIQZrN4Iml7BlXf-dziu_9jMqlGBVIaNzEBzprdIBLN_YG1bf_8SUsohpsFWQghhwhEe5KMFzL25V9fwRjVEkmZTqqAGqePXexPrd098lhVDgPbKoaoW-Gmie4Z8PSHdAOihiR7wAF3PfrUbO7Vw8NB24GSygptVcA1tZ3QpYmHu88D5WDOtfej2TFeso9rR_RdvjaQco-P5GAn3xVBSA8Stf5i1BYYZjyrD2iK7KaWF-Bf3dhyeJTtweEuwjuXWVaYBNYTcGkr6kssfi9yTTxx32rvjzeciYE_uTAX7n90Z_hqpiwa15GE9t-YE8aa6P3Qt68JIOgHoV6juYL0mHsDdmTTl3RKBN1nUYxaDiIy-V-7qtFgDL1hRPsvL5tHd82_p041OTv1Ig_ay8i-SBJQpQUcoKc99rUvL5ez2IahQZ6RjhCP-JckejCOuxixoVbgFphGQlYksELoNsz1DRWdQOX02WIV488pveDTeP-qOe7tl8LrWC7ZmTU5TFANrl95MLzQzKIW7JxAQqBW2f_H6tAuLH2xYJXA245hBPwThWutV_TRnjql8p2MolwMurLyjAWSVadS6Kytfxy9Gp-bwa9JvHm5MQcx5e0ifYJjE4T2CypZdoGsW7TSxyKXPnqN__5NLrnaRwmW1QYR5C6a32yMAi0vGOPivHN6UB1S_E7cMeWrMUTEUEruuMJDax-gPG0Gdh5PqD9FxlMOEOksM19q0aQZaY8_fCFRP0qetYwk2hF-93puxqQe_Y64k3mRyJxIfMWsbNApqLJpXHssnHEU4ch9XVGxM7lg575F6ggx_x3CGZfWy7AeJfjF6ZkaH-8hcDWy54TBH9TdhOoWmbC1uNSDS1jFP-Vv5GsPMCGq0HvFFC9oCMsMBqSIrwYaZJMYw2lZjxCGtAajfjhKwgAK_3ug8KQ1lz4PSV_2wB63toKc7-jnW9BMZecX5webk-nPuxZ_B5EC1iYYQexz4c_a4RUwLC6lCu7C5_nEbXFsRLljbN_0BVgJtIsDiHGdfbjKk1qs06UqMhWtzMy3GpseypBPTI-jhxSMf5znKsV4cZNw30P6ijvd_lLDn_gTf3xojkkpwEMAFTK2ltxxRZxV45F6rwG51KjoTGJJ9zJN4DSGRo8sG_v6HEiLRLJEJuMwmiqOH7m1quwwlDNGGbB1EaWesnPJ_xiy4_tgQbc_f8g9KpIQBx_N-AKlMKI2DEoylMfH4dqaPoBcgxR1zTZT7TA55d4SVBqxc-f7nGuk7ZLITdSgqS51vjnJXIOUtsxJtXWXs5KcKANIVaxl3ihvywfg06wDpGYIclt02xz2UZehJPRuFuCD-GpBx3RyWgn8qJMLK9zNFKNU5i8C-0MkTQnrUW3z0_imCKHEzWFAxB05DvhUwVsShh9cVLCI4899t-DHmUpEC8gF257DMbHKl1icTcF0-R8GgTOKjoiY4Rnty6IOUGwq9gVgiPiNglW9KqM3M2d1ym3wZ34VKqu0LsvKzMBa4Sb49Zmmcdh_aXCcy0KJVm3epDQIfdczn5pdPZDazjP44BeeSzHLDd_1K3Kx5T_3BWWIlB6PkfHkairrLObPkUstPnLOG3gq1yttcatc6mVZM-WHAA6eS7D--r6foyTblw42y0Z6BwkIaAkGIV_nMic9uM1pK5dXU_VfdxbpVn5J1SI92LKcpxY7I43keW1AU1FRcwX3c0-KDcmN9SHbIFhPI8am-qEnzusj84RlYtP0OkvFAcZrn3LQBS6ekB5AR_4JXm1dPWAdhIPVHaijBYZE35KEuSCTbqPZmDJv-FLMq6DwKWz-CoDwNE0CgrusXySURD5KZviFsl2TZbZxLn5ztnjgaaLpcsQNocSzLgdzw7GZv8oymSwkUWba16r8qEX27LmjnUESU9nSRD23ZFnjVFf&cid=CAASJORotL_EHzQYBP6l8bKN7Zcrn-QOiOBKzaZsahSIksGyFprZBw&rfl=1%2Chttps%253A%252F%252Ftinhte.vn%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:45:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 06:45:05 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220314/r20110914/ Frame 05DE 25 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220314/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 16576748017229546422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 06:43:12 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 98C6 0
0 60ms
58ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVIC0A4gxYuP1DpvsgAeopaL4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAcKu6N0DyAEJqQLPqCIQ6WWyPuACAKgDAaoEwAJP0LnDUMkBButJEIziMmtI9j0MaDv0ydqzGytlJftagq1nUv8uC8cmcTieyUwE9BIHLOR8EXThZ4zQPXfJM37uxW793_Z--eX1Yhg8Y3MelQIEoQG_AZS46u2PNXUVTkKUmrdSMRDbpsB9KgV94YrXKCcN9cRwD_xlmXz2TotbckSRdccUD33RUK3WaZQlGMct1xYDaU-FsQx6Uxt-CmAqmjIci7SNZM-GN2Ha4grJeaad15V42EmsTNanUzIQ3rmsIQfw7o08CG2qPjRqnSMEAXS3RQbQf9RRmdy5p2D3oKvzkrZvyc9upwUVjbk8atEkBhJe3hSxEGKB6dk9MTyE4cmGbLVjnoryTDL2cb-LAHYy6SVpsLDWPahsAdTk3Hsv182JpFA8Yz2zPPGArlgms3HAekXApsecokWni1YDFuAEAYAGgoaOsvyw2Zb6AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQzMjg3NDIxNTU0MzI4NzIYtOwP&sigh=Vbgk68e7oxo&uach_m=[UACH]&cid=CAQSOwCNIrLMsNK3kHON4IdaS6ueFe2a5MMeVmxL7X0Eap5YQPWhrcUcHThcMZFwOXSuLd8VOslof_lcI4qTGAE
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 98C6 0
0 60ms
21ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gvmt6g3bpwxe627ezb2p4avrd6580hggt2jq7sgzk4z5a6yvzayaaq2d3sbdpcv7h6a54k5vpaf9cwdh68mfnbqkyhwpbhrx4fct6r3knajy9w7dekzvkn6rj0pqqzy37d2416523t2yhk56a66kedgmy5w0gdkay45cwe3sst66z6kre1t55bzdvq5etnh8089r3pqy0fraffkhpcep4q4ysvw2y4w26hvfdq2pk28tv69z7v6kpyq3n3mfs5wggjp9ph6dps5nqa530k0qxe73pmapmsp95zr7sx5fgxvh8esbkz8347k8rc21trhsqa3cf5kqwfe8e0t7207p1wfsshrhqnqb1e9v01320enwxh71s2n2kc26vn1qffejn5dqr23xm1jw5b7ktznm21hea00e&b=YjGIAwADuuMK4DYbAAiSqERfUY0FH6RScnwUqQ
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 16 Mar 2022 06:47:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame FC69 2 KB
3 KB 70ms
29ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1km6rgykhkz0a6fy8tr7zj6na2h9fv7h58xb7krkazxtenpdewmx516vwabmv3e8hjm57f2dwbmebmwqfs98n8k3vj1fbe8nwdfged0stnw11sgpnbj6gtdvfda9vg2z89nj53f7vw2vxc3wqtmym5pmp36s2js1953yap94d3tax9s7rx2bg54j7ra9jw3ahnjzpk2k12gj1kte7hm2zpbjetxndxhf6n5qjqfpww908st6616zg35ay55mh8vhx27q6dcrqhzpg3w3454bv1ktch4ehzmdv6rgn7ffk89a145qbn1638h7kz3b5ap9e1wj7j63kcags97tjz6n7wypa3bb58svgzr2tdm9hyjrg706k52sed30b3peyvr57vcr70wznfwvq0p5bgx4b5pmjax62pq9d7x9x5g680sfjht8vdd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXacxA4gxYuP1DpvsgAeopaL4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAcKu6N0DyAEJqQLPqCIQ6WWyPuACAKgDAaoEwwJP0LnDUMkBButJEIziMmtI9j0MaDv0ydqzGytlJftagq1nUv8uC8cmcTieyUwE9BIHLOR8EXThZ4zQPXfJM37uxW793_Z--eX1Yhg8Y3MelQIEoQG_AZS46u2PNXUVTkKUmrdSMRDbpsB9KgV94YrXKCcN9cRwD_xlmXz2TotbckSRdccUD33RUK3WaZQlGMct1xYDaU-FsQx6Uxt-CmAqmjIci7SNZM-GN2Ha4grJeaad15V42EmsTNanUzIQ3rmsIQfw7o08CG2qPjRqnSMEAXS3RQbQf9RRmdy5p2D3oKvzkrZvyc9upwUVjbk8atEkBhJe3hSxEGKB6dk9MTyE4cmGbLVjnoryTDL2cb-LAHYy6SVpsLDWPaguA_V2C4KolwUO7MbmKq9BBeWKA1IIq6xAuAxSXlOCjl1yV8lD3mg75OAEAYAGgoaOsvyw2Zb6AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3dbWuYYFUIAxeuhUr_3DwOC57jYg%26client%3Dca-pub-4328742155432872%26adurl%3D

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

479a5a8ba049dc0c16a8aea0b2e3480dde08fdaec9510d6b00290eec26641e1f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/

Response headers

date: Wed, 16 Mar 2022 06:47:32 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ecb89b97f565c5c-FRA
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 98C6 2 KB
1 KB 17ms
14ms Script
text/javascript 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 05:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 05:57:45 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8053 1 KB
749 B 42ms
39ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Tue, 15 Mar 2022 13:26:12 GMT
expires: Wed, 16 Mar 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 62480
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 98C6 15 KB
6 KB 20ms
18ms Script
text/javascript 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 06:31:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 98C6 0
0 54ms
51ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQHtwmR-Sdly0sWy2nFo6-x5DuhWqKbFew9Pa1FsGN1xXcftKHDBTDUoHPMivuF5xcazLjR0CsXlUnu9mgoBqQ3GeAiTA
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 98C6 22 KB
7 KB 21ms
18ms Script
text/javascript 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 12 Mar 2022 12:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 326849
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 12 Mar 2023 12:00:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 98C6 117 KB
36 KB 62ms
59ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 06:47:32 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4F41 0
23 B 44ms
25ms Ping
image/gif 142.250.179.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams17s10-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 06:47:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

request.php Show response
hal900025.redintelligence.net/ Frame 89DB
Redirect Chain

https://hal900025.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=775bececd6&subid=&uid=ca8075ca900c4d9c&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900025.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=775bececd6&subid=&uid=ca8075ca900c4d9c&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

111ms
78ms

Script
application/x-javascript

138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=775bececd6&subid=&uid=ca8075ca900c4d9c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi8uKA4gxYsfmDoeJgQeV-Z6gD7XN-YNX_Ni5q-UM8C4QASCM-YEaYJXikIKgB8gBCakCz6giEOllsj6oAwGqBNwBT9C40gs9bGSIX-i1zWle1f4X_DhkST_tQUJnkQCRWVtIAdNLz6pQpyos6soTZ2Nryiq4qEahNyPjA-JTFU4EA3-RwOhLxo5loF6y-m4YcsSC-2OaVwDHGYT2Uyrnyiflt1EhEdHNOz7bEBdn0eSGM0dbO06JbUgkXfnxgb3KRE96QmZsy_HNKOFSIrZWkuOnZt4owQ1qksG0fN7f9Ne6CsO3O0vA30R7LXzI-OYCR6DzQ9OHK_654om-fFUvuvBw-8Kwd3uERqJBXx0QKgClXqKw-_SAljmjdnbt88AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJORowg6tnwFTXgZh8Fanq1VmJmKQhxLgBANSIwyGja36e-Qg0Q%26sig%3DAOD64_1j8IbNHURmDv_EuJ4Apb_Ur-oerg%26client%3Dca-pub-4328742155432872%26dbm_c%3DAKAmf-DfZez0W5vkNbdyhgB0AkXsyw7dHB_kiK1zmHqhJx3H3k4zvXgvHEDtXHZ_kzKuQ2aifp7EGZGuxYs7S5DSNDJ4CJRsrwSCBshMxNYGuz1HjIXTWnnK-Kk9yIN_HWLvw-sxgIhxBUZBmn65rIBwKApyDZgoZA%26cry%3D1%26dbm_d%3DAKAmf-CupFV6ottWqmt6iKHWANnNc-1ZiVf0nXBbEDVimTN1JW6srQaIhB6XMXOczRoQKOWGeIq9zCTofC4e42AtDchY8REvc_7lmsGow6If_ngqOSzZd-g-UrbAB4BMIxGbCBrA1dfNJ2hXvpAt9JNIKdKKIqJOQPrsA0yAbBTXNQY6K2nAX41_GchGoea7R3wNFqhVmfeiIjtry5bEl0IRLTfeTfuCVdKrAgNdUS627OurzCXO3th9fU-XhoPNKiblRF8LqtdPCj4Rmr2hFePDWTwD7e8C-FS99VxkI4c3gvLqI9Ky1LlWyxvdnsbD8tLMNSR--FkUDF7wYvdWelaEu9b-Y1cgeCZ5WAJnT5K4MnzG0EdJIIg1Zbdb6AOtZse8gmXTwf-L30xi4QgxpLKLwcCKeTmrhlIBA7wyiY1OEO7EnlRVreyTdgnIlyf1_AHkT2hfq4Vn973LwBYFylhcVjzMMFl6xyW9vXrqVmLnBYzeca3R3qB-sLvPSUuUGlqENjZxWIpeyGuW8Ay6aghytfl-TRSbpvbb2sC7obGDj75psFaQ2as%26adurl%3D&documentReferer=https%3A%2F%2Ftinhte.vn%2F&ancestorOrigins=https%3A%2F%2Ftinhte.vn&random=4449684827340&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: fe3ab67edad59cd989c5d84574b0f9fe2614664cc55b803d808cabfe6cc4050c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 06:47:32 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 71770400030503500710612011900025
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1309
Expires: Wed, 16 Mar 2022 06:47:32 +0100

Redirect headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 06:47:32 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=775bececd6&subid=&uid=ca8075ca900c4d9c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi8uKA4gxYsfmDoeJgQeV-Z6gD7XN-YNX_Ni5q-UM8C4QASCM-YEaYJXikIKgB8gBCakCz6giEOllsj6oAwGqBNwBT9C40gs9bGSIX-i1zWle1f4X_DhkST_tQUJnkQCRWVtIAdNLz6pQpyos6soTZ2Nryiq4qEahNyPjA-JTFU4EA3-RwOhLxo5loF6y-m4YcsSC-2OaVwDHGYT2Uyrnyiflt1EhEdHNOz7bEBdn0eSGM0dbO06JbUgkXfnxgb3KRE96QmZsy_HNKOFSIrZWkuOnZt4owQ1qksG0fN7f9Ne6CsO3O0vA30R7LXzI-OYCR6DzQ9OHK_654om-fFUvuvBw-8Kwd3uERqJBXx0QKgClXqKw-_SAljmjdnbt88AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJORowg6tnwFTXgZh8Fanq1VmJmKQhxLgBANSIwyGja36e-Qg0Q%26sig%3DAOD64_1j8IbNHURmDv_EuJ4Apb_Ur-oerg%26client%3Dca-pub-4328742155432872%26dbm_c%3DAKAmf-DfZez0W5vkNbdyhgB0AkXsyw7dHB_kiK1zmHqhJx3H3k4zvXgvHEDtXHZ_kzKuQ2aifp7EGZGuxYs7S5DSNDJ4CJRsrwSCBshMxNYGuz1HjIXTWnnK-Kk9yIN_HWLvw-sxgIhxBUZBmn65rIBwKApyDZgoZA%26cry%3D1%26dbm_d%3DAKAmf-CupFV6ottWqmt6iKHWANnNc-1ZiVf0nXBbEDVimTN1JW6srQaIhB6XMXOczRoQKOWGeIq9zCTofC4e42AtDchY8REvc_7lmsGow6If_ngqOSzZd-g-UrbAB4BMIxGbCBrA1dfNJ2hXvpAt9JNIKdKKIqJOQPrsA0yAbBTXNQY6K2nAX41_GchGoea7R3wNFqhVmfeiIjtry5bEl0IRLTfeTfuCVdKrAgNdUS627OurzCXO3th9fU-XhoPNKiblRF8LqtdPCj4Rmr2hFePDWTwD7e8C-FS99VxkI4c3gvLqI9Ky1LlWyxvdnsbD8tLMNSR--FkUDF7wYvdWelaEu9b-Y1cgeCZ5WAJnT5K4MnzG0EdJIIg1Zbdb6AOtZse8gmXTwf-L30xi4QgxpLKLwcCKeTmrhlIBA7wyiY1OEO7EnlRVreyTdgnIlyf1_AHkT2hfq4Vn973LwBYFylhcVjzMMFl6xyW9vXrqVmLnBYzeca3R3qB-sLvPSUuUGlqENjZxWIpeyGuW8Ay6aghytfl-TRSbpvbb2sC7obGDj75psFaQ2as%26adurl%3D&documentReferer=https%3A%2F%2Ftinhte.vn%2F&ancestorOrigins=https%3A%2F%2Ftinhte.vn&random=4449684827340&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 16 Mar 2022 06:47:32 +0100

GET
H/1.1

200
OK

request.php Show response
hal900012.redintelligence.net/ Frame 051C
Redirect Chain

https://hal900012.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=44d2bf5e18&subid=&uid=dbbe8e4ac9751e7d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900012.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=44d2bf5e18&subid=&uid=dbbe8e4ac9751e7d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

106ms
79ms

Script
application/x-javascript

94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=44d2bf5e18&subid=&uid=dbbe8e4ac9751e7d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRgNKA4gxYpb1DofH7gOvwJGYDLXN-YNX_Ni5q-UM8C4QASCM-YEaYJXikIKgB8gBCakCz6giEOllsj6oAwGqBNwBT9BJY2dkN88ao2r1S0P-gQYYIrwq9pMJAR63AcqmdNdLk4LtwiNAQLqFX9PyAkWLZyjM0nIJqAo5DtmhPKkxnEQZvDXn-s0NRH7rsDzPG30O2faadn82NyXR0M_qJe9iPcj9nq0VPmLQ-cKFoLLIW_P44hvFKqW6r0xkyvg_u7DrOC11KfLF3FAjuWZhubyBAhI2Fsc6PmKXmx4VIeopvwShzKzpgiPiFUano6_5isVSNCmBDq_CB-58-oJny8M2keQCh7tkwHbO_nFUaYoRwqp3TRclRFYpDCV_cMAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJORoiBZ6_T6_J17-vGwoSBNn1QAdJCFpjCSykN2Hexuk48Utgg%26sig%3DAOD64_1tz8ZrIUnhS1MQUVEFj9INp8_bbQ%26client%3Dca-pub-4328742155432872%26dbm_c%3DAKAmf-B3iWYwmj1XwwQkJOvIWd9Oj6bBUI1jf7wmulBVoPCR8UlNau9N7v_l511o1X-PATC0wSGw2f7v8JgFu5bIopNjGmM3ZAGZa46QuKB5BQ3fd_JkUQcuVA7LdZrBFWTPidYv_7pWRStym3Mx-8dkbwIfP24kkA%26cry%3D1%26dbm_d%3DAKAmf-CEo-Moi2eEmDRq3tlebZTanzi4b0LnXcPMrboFCJrg6NmxauYm609l-9bCjnemPLeatKoXzzeIrF8Aef4YdhL2UM5Zwm7T99_sC2zqPcL7dnn_h5ZUdtlpeA78cQgTeL-2pAX5M1oSY_-13iWnRP1fhicxFXQTrHfjXy974LyA3zEgVcdgGcbhq-R_VKzj_HEOqYSdAmTFOwyBIPZOdq05LCy1ZhamsxSILmRhVFBiM2uJ6MiSnMOWpaIVBxFK7TbOgL3bMy4G0DnZ07Hv0Av6KkzTIq-CmiT8dXmffZ9yv431by7Q5oLendn89s1bgMSgthb2sdWIrydBbA9IPj2I6v1rrDgEs6nKjaPtlwNs1xZxk1kxjeE0b_5G94Gc5AhxXwGvsrSKMEUPtinAAR5PftrOT3J9ZIifG_4lycAN5OmNt2YEXLJQkel3n31CfIoYaL657pasRdZylHkLfBGS2OcVy1FEAYcpD5DKfVIcdFCkHe9BKxJy-GyVleS61VHsaN4tcpb9efreJBKvDOr9OMLBwxMFRb3V8YOndiGVgIKLhqQ%26adurl%3D&documentReferer=https%3A%2F%2Ftinhte.vn%2F&ancestorOrigins=https%3A%2F%2Ftinhte.vn&random=3807544422330&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e11bb0fb09a4e42f3ce7d5911a1903de3f0cfcc08301edce333f851d54bce94d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 06:47:32 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 72482400022588400710612011900012
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1310
Expires: Wed, 16 Mar 2022 06:47:32 +0100

Redirect headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 06:47:32 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=44d2bf5e18&subid=&uid=dbbe8e4ac9751e7d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRgNKA4gxYpb1DofH7gOvwJGYDLXN-YNX_Ni5q-UM8C4QASCM-YEaYJXikIKgB8gBCakCz6giEOllsj6oAwGqBNwBT9BJY2dkN88ao2r1S0P-gQYYIrwq9pMJAR63AcqmdNdLk4LtwiNAQLqFX9PyAkWLZyjM0nIJqAo5DtmhPKkxnEQZvDXn-s0NRH7rsDzPG30O2faadn82NyXR0M_qJe9iPcj9nq0VPmLQ-cKFoLLIW_P44hvFKqW6r0xkyvg_u7DrOC11KfLF3FAjuWZhubyBAhI2Fsc6PmKXmx4VIeopvwShzKzpgiPiFUano6_5isVSNCmBDq_CB-58-oJny8M2keQCh7tkwHbO_nFUaYoRwqp3TRclRFYpDCV_cMAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJORoiBZ6_T6_J17-vGwoSBNn1QAdJCFpjCSykN2Hexuk48Utgg%26sig%3DAOD64_1tz8ZrIUnhS1MQUVEFj9INp8_bbQ%26client%3Dca-pub-4328742155432872%26dbm_c%3DAKAmf-B3iWYwmj1XwwQkJOvIWd9Oj6bBUI1jf7wmulBVoPCR8UlNau9N7v_l511o1X-PATC0wSGw2f7v8JgFu5bIopNjGmM3ZAGZa46QuKB5BQ3fd_JkUQcuVA7LdZrBFWTPidYv_7pWRStym3Mx-8dkbwIfP24kkA%26cry%3D1%26dbm_d%3DAKAmf-CEo-Moi2eEmDRq3tlebZTanzi4b0LnXcPMrboFCJrg6NmxauYm609l-9bCjnemPLeatKoXzzeIrF8Aef4YdhL2UM5Zwm7T99_sC2zqPcL7dnn_h5ZUdtlpeA78cQgTeL-2pAX5M1oSY_-13iWnRP1fhicxFXQTrHfjXy974LyA3zEgVcdgGcbhq-R_VKzj_HEOqYSdAmTFOwyBIPZOdq05LCy1ZhamsxSILmRhVFBiM2uJ6MiSnMOWpaIVBxFK7TbOgL3bMy4G0DnZ07Hv0Av6KkzTIq-CmiT8dXmffZ9yv431by7Q5oLendn89s1bgMSgthb2sdWIrydBbA9IPj2I6v1rrDgEs6nKjaPtlwNs1xZxk1kxjeE0b_5G94Gc5AhxXwGvsrSKMEUPtinAAR5PftrOT3J9ZIifG_4lycAN5OmNt2YEXLJQkel3n31CfIoYaL657pasRdZylHkLfBGS2OcVy1FEAYcpD5DKfVIcdFCkHe9BKxJy-GyVleS61VHsaN4tcpb9efreJBKvDOr9OMLBwxMFRb3V8YOndiGVgIKLhqQ%26adurl%3D&documentReferer=https%3A%2F%2Ftinhte.vn%2F&ancestorOrigins=https%3A%2F%2Ftinhte.vn&random=3807544422330&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 16 Mar 2022 06:47:32 +0100

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 05DE 41 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 10:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159991
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Mar 2023 10:21:01 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 06DA 1 KB
749 B 39ms
39ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Tue, 15 Mar 2022 13:26:12 GMT
expires: Wed, 16 Mar 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 62480
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 05DE 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0c85fda20d3f75555f7d182072b04d5952f4e7f906c501a27abfa55ab67ada5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 TjpYlOcWKM7YNRcoDyE6vgMo6zJPBqbQyyiG91AfIxw.js Show response
pagead2.googlesyndication.com/bg/ Frame 47A3 35 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TjpYlOcWKM7YNRcoDyE6vgMo6zJPBqbQyyiG91AfIxw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e3a5894e71628ced83517280f213abe0328eb324f06a6d0cb2886f7501f231c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 20:53:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13855
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 20:53:55 GMT

GET
H3 200 TjpYlOcWKM7YNRcoDyE6vgMo6zJPBqbQyyiG91AfIxw.js Show response
pagead2.googlesyndication.com/bg/ Frame 79CF 35 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TjpYlOcWKM7YNRcoDyE6vgMo6zJPBqbQyyiG91AfIxw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e3a5894e71628ced83517280f213abe0328eb324f06a6d0cb2886f7501f231c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 20:53:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13855
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 20:53:55 GMT

GET
DATA 200
OK truncated
/ Frame 98C6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e9db017155248715a973e4ef9de72901acc22d30d50f8a7f9ce7cd29ea9965d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame FC69 81 KB
11 KB 40ms
22ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1km6rgykhkz0a6fy8tr7zj6na2h9fv7h58xb7krkazxtenpdewmx516vwabmv3e8hjm57f2dwbmebmwqfs98n8k3vj1fbe8nwdfged0stnw11sgpnbj6gtdvfda9vg2z89nj53f7vw2vxc3wqtmym5pmp36s2js1953yap94d3tax9s7rx2bg54j7ra9jw3ahnjzpk2k12gj1kte7hm2zpbjetxndxhf6n5qjqfpww908st6616zg35ay55mh8vhx27q6dcrqhzpg3w3454bv1ktch4ehzmdv6rgn7ffk89a145qbn1638h7kz3b5ap9e1wj7j63kcags97tjz6n7wypa3bb58svgzr2tdm9hyjrg706k52sed30b3peyvr57vcr70wznfwvq0p5bgx4b5pmjax62pq9d7x9x5g680sfjht8vdd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXacxA4gxYuP1DpvsgAeopaL4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAcKu6N0DyAEJqQLPqCIQ6WWyPuACAKgDAaoEwwJP0LnDUMkBButJEIziMmtI9j0MaDv0ydqzGytlJftagq1nUv8uC8cmcTieyUwE9BIHLOR8EXThZ4zQPXfJM37uxW793_Z--eX1Yhg8Y3MelQIEoQG_AZS46u2PNXUVTkKUmrdSMRDbpsB9KgV94YrXKCcN9cRwD_xlmXz2TotbckSRdccUD33RUK3WaZQlGMct1xYDaU-FsQx6Uxt-CmAqmjIci7SNZM-GN2Ha4grJeaad15V42EmsTNanUzIQ3rmsIQfw7o08CG2qPjRqnSMEAXS3RQbQf9RRmdy5p2D3oKvzkrZvyc9upwUVjbk8atEkBhJe3hSxEGKB6dk9MTyE4cmGbLVjnoryTDL2cb-LAHYy6SVpsLDWPaguA_V2C4KolwUO7MbmKq9BBeWKA1IIq6xAuAxSXlOCjl1yV8lD3mg75OAEAYAGgoaOsvyw2Zb6AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3dbWuYYFUIAxeuhUr_3DwOC57jYg%26client%3Dca-pub-4328742155432872%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1km6rgykhkz0a6fy8tr7zj6na2h9fv7h58xb7krkazxtenpdewmx516vwabmv3e8hjm57f2dwbmebmwqfs98n8k3vj1fbe8nwdfged0stnw11sgpnbj6gtdvfda9vg2z89nj53f7vw2vxc3wqtmym5pmp36s2js1953yap94d3tax9s7rx2bg54j7ra9jw3ahnjzpk2k12gj1kte7hm2zpbjetxndxhf6n5qjqfpww908st6616zg35ay55mh8vhx27q6dcrqhzpg3w3454bv1ktch4ehzmdv6rgn7ffk89a145qbn1638h7kz3b5ap9e1wj7j63kcags97tjz6n7wypa3bb58svgzr2tdm9hyjrg706k52sed30b3peyvr57vcr70wznfwvq0p5bgx4b5pmjax62pq9d7x9x5g680sfjht8vdd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXacxA4gxYuP1DpvsgAeopaL4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAcKu6N0DyAEJqQLPqCIQ6WWyPuACAKgDAaoEwwJP0LnDUMkBButJEIziMmtI9j0MaDv0ydqzGytlJftagq1nUv8uC8cmcTieyUwE9BIHLOR8EXThZ4zQPXfJM37uxW793_Z--eX1Yhg8Y3MelQIEoQG_AZS46u2PNXUVTkKUmrdSMRDbpsB9KgV94YrXKCcN9cRwD_xlmXz2TotbckSRdccUD33RUK3WaZQlGMct1xYDaU-FsQx6Uxt-CmAqmjIci7SNZM-GN2Ha4grJeaad15V42EmsTNanUzIQ3rmsIQfw7o08CG2qPjRqnSMEAXS3RQbQf9RRmdy5p2D3oKvzkrZvyc9upwUVjbk8atEkBhJe3hSxEGKB6dk9MTyE4cmGbLVjnoryTDL2cb-LAHYy6SVpsLDWPaguA_V2C4KolwUO7MbmKq9BBeWKA1IIq6xAuAxSXlOCjl1yV8lD3mg75OAEAYAGgoaOsvyw2Zb6AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3dbWuYYFUIAxeuhUr_3DwOC57jYg%26client%3Dca-pub-4328742155432872%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:32 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 680254
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Tue, 08 Mar 2022 09:49:58 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6ecb89ba3d058fe6-FRA
cf-bgj: minify

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame FC69 35 KB
13 KB 27ms
25ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1km6rgykhkz0a6fy8tr7zj6na2h9fv7h58xb7krkazxtenpdewmx516vwabmv3e8hjm57f2dwbmebmwqfs98n8k3vj1fbe8nwdfged0stnw11sgpnbj6gtdvfda9vg2z89nj53f7vw2vxc3wqtmym5pmp36s2js1953yap94d3tax9s7rx2bg54j7ra9jw3ahnjzpk2k12gj1kte7hm2zpbjetxndxhf6n5qjqfpww908st6616zg35ay55mh8vhx27q6dcrqhzpg3w3454bv1ktch4ehzmdv6rgn7ffk89a145qbn1638h7kz3b5ap9e1wj7j63kcags97tjz6n7wypa3bb58svgzr2tdm9hyjrg706k52sed30b3peyvr57vcr70wznfwvq0p5bgx4b5pmjax62pq9d7x9x5g680sfjht8vdd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXacxA4gxYuP1DpvsgAeopaL4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAcKu6N0DyAEJqQLPqCIQ6WWyPuACAKgDAaoEwwJP0LnDUMkBButJEIziMmtI9j0MaDv0ydqzGytlJftagq1nUv8uC8cmcTieyUwE9BIHLOR8EXThZ4zQPXfJM37uxW793_Z--eX1Yhg8Y3MelQIEoQG_AZS46u2PNXUVTkKUmrdSMRDbpsB9KgV94YrXKCcN9cRwD_xlmXz2TotbckSRdccUD33RUK3WaZQlGMct1xYDaU-FsQx6Uxt-CmAqmjIci7SNZM-GN2Ha4grJeaad15V42EmsTNanUzIQ3rmsIQfw7o08CG2qPjRqnSMEAXS3RQbQf9RRmdy5p2D3oKvzkrZvyc9upwUVjbk8atEkBhJe3hSxEGKB6dk9MTyE4cmGbLVjnoryTDL2cb-LAHYy6SVpsLDWPaguA_V2C4KolwUO7MbmKq9BBeWKA1IIq6xAuAxSXlOCjl1yV8lD3mg75OAEAYAGgoaOsvyw2Zb6AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3dbWuYYFUIAxeuhUr_3DwOC57jYg%26client%3Dca-pub-4328742155432872%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ddcdb425051dbc349b91079fe450031f1c28e182aa24974ddfa20a92b4facbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=i40RNw==, md5=nlnmslSy2ZaL7/XdQ+Tixw==
date: Wed, 16 Mar 2022 06:47:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55107
x-guploader-uploadid: ADPycdsCv3CIjp6I6p0v8kjX1BDcUrBKlshJB3XYJJgZa-GzaYtJ8CbytPthLEO5nic4BUP-bkzWIMfpqToABFPlzY4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 15 Mar 2022 15:28:50 GMT
server: cloudflare
etag: W/"9e59e6b254b2d9968beff5dd43e4e2c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7g0RS6dg2YLn9yW2k%2BYpxNEjYBix30TGX4VFOAzsCR9C6n%2BkCEGQbRH74oaGY0%2FaQ7yCmZ6AYvEVv0Ucca7AKcDDZImmYEjtrC8COT%2BHl4dNhnJGzwGPEX4fWS9KsXSt%2FAKcGCA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1647358130172556
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11881
cf-ray: 6ecb89ba28a95c5c-FRA
expires: Tue, 15 Mar 2022 15:29:05 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8053
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKnxvEJ8FtDiM-VA1mW13Gg&google_cver=1&google_push=AYg5qPIs9yWfNdboK2Ho2hQOjsl8hnb2sv3fb_9BIP3-SR1ai3YMzpoWb9...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIs9yWfNdboK2Ho2hQOjsl8hnb2sv3fb_9BIP3-SR1ai3YMzpoWb9N_mwaxlDu3BQz9yhqN2MbcTXk3Bpqa7XjZ1DW64Gg&google_hm=sPSXW8dUTcOfp...

170 B
188 B

94ms
93ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIs9yWfNdboK2Ho2hQOjsl8hnb2sv3fb_9BIP3-SR1ai3YMzpoWb9N_mwaxlDu3BQz9yhqN2MbcTXk3Bpqa7XjZ1DW64Gg&google_hm=sPSXW8dUTcOfp6QejnxeRw

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIs9yWfNdboK2Ho2hQOjsl8hnb2sv3fb_9BIP3-SR1ai3YMzpoWb9N_mwaxlDu3BQz9yhqN2MbcTXk3Bpqa7XjZ1DW64Gg&google_hm=sPSXW8dUTcOfp6QejnxeRw
pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8053
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIWwzQTqVp8efn8uiv_XSeJ1yk-MpkP4yb37j4...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWpHSUJBQUFBVEM2dHdPMA&google_push=AYg5qPIWwzQTqVp8efn8uiv_XSeJ1yk-MpkP4yb37j4P0TM7ho-gYjcXSRQimEEjPdwEcKVKB5aFYy7OwXfP0KrC1Wfzv96U5phs

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWpHSUJBQUFBVEM2dHdPMA&google_push=AYg5qPIWwzQTqVp8efn8uiv_XSeJ1yk-MpkP4yb37j4P0TM7ho-gYjcXSRQimEEjPdwEcKVKB5aFYy7OwXfP0KrC1Wfzv96U5phs

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWpHSUJBQUFBVEM2dHdPMA&google_push=AYg5qPIWwzQTqVp8efn8uiv_XSeJ1yk-MpkP4yb37j4P0TM7ho-gYjcXSRQimEEjPdwEcKVKB5aFYy7OwXfP0KrC1Wfzv96U5phs
Date: Wed, 16 Mar 2022 06:47:32 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3 200 dds
rtb.openx.net/sync/ Frame 8053 43 B
64 B 41ms
23ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEF14d40uxADgBJTWbbOPBSs&google_cver=1&google_push=AYg5qPLOWgbf3HqgzZClpeYiiSVCyLW0tAzWswFDuC-u0GYgdMBpnms181P7slzNEMQ_h9jlrEqUy2u0belnXJcQslNV2Fjx-1tF
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ufe6jvn8if46ufh671h19ld9p7vq0ba7

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8053
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

51ms
50ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKTbCKIQcXO7d0hjN9sYrNDOtYyAC6pN6RObPDMnscd-OYLJCghv7K2w1j9oURcxM_yca4nPtxCE5xNbqBP72eebhPiPLgY

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKTbCKIQcXO7d0hjN9sYrNDOtYyAC6pN6RObPDMnscd-OYLJCghv7K2w1j9oURcxM_yca4nPtxCE5xNbqBP72eebhPiPLgY
date: Wed, 16 Mar 2022 06:47:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8053
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA5WN69DkXgkope8Ki-glkI&google_cver=1&google_push=AYg5qPI-D-CzTM7EEDeuAmqbw6w5_A21hwbEde2TdmUrYbA5WVvEYgduoz_EdFTxJ6ypBXbmjQc...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBUN0JDVjQtMTgtRlFROQ==&google_push=AYg5qPI-D-CzTM7EEDeuAmqbw6w5_A21hwbEde2TdmUrYbA5WVvEYgduoz_EdFTxJ6ypBXbmjQcIjR8W3umGaSrZskUtpqlfYc-6

170 B
188 B

50ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBUN0JDVjQtMTgtRlFROQ==&google_push=AYg5qPI-D-CzTM7EEDeuAmqbw6w5_A21hwbEde2TdmUrYbA5WVvEYgduoz_EdFTxJ6ypBXbmjQcIjR8W3umGaSrZskUtpqlfYc-6

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBUN0JDVjQtMTgtRlFROQ==&google_push=AYg5qPI-D-CzTM7EEDeuAmqbw6w5_A21hwbEde2TdmUrYbA5WVvEYgduoz_EdFTxJ6ypBXbmjQcIjR8W3umGaSrZskUtpqlfYc-6
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 8053
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGF...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGF...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGF...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGF...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGF...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGF...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGF...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGF...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGF...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGF...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGF...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGF...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGF...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGF...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGF...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGF...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGF...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGF...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGF...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGF...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8053
Redirect Chain

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMa2SJ9Puev5L0dsrxNy5EU&google_cver=1&google_push=AYg5qPIEkNcoazX3LlZyR2w4eKBLTKWznhqH5L229Gh1kh3FJSfqOetGrQpX4ZoN9yuefkTy3h_3RpgFhgz8wyxRaFgnPXA...
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPIEkNcoazX3LlZyR2w4eKBLTKWznhqH5L229Gh1kh3FJSfqOetGrQpX4ZoN9yuefkTy3h_3RpgFhgz8wyxRaFgnPXAkNQY&google_hm=XSh_YfA4RGmvPveLS...

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPIEkNcoazX3LlZyR2w4eKBLTKWznhqH5L229Gh1kh3FJSfqOetGrQpX4ZoN9yuefkTy3h_3RpgFhgz8wyxRaFgnPXAkNQY&google_hm=XSh_YfA4RGmvPveLSidiLw

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPIEkNcoazX3LlZyR2w4eKBLTKWznhqH5L229Gh1kh3FJSfqOetGrQpX4ZoN9yuefkTy3h_3RpgFhgz8wyxRaFgnPXAkNQY&google_hm=XSh_YfA4RGmvPveLSidiLw
pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
cache-control: no-cache
content-length: 0
request-time: 1
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8053 0
12 B 47ms
47ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LkdnWcyt_ra6P0uXnV1_33WdBOmjddsVYfpbYtB48G36sfF77qDkqgTPKyWdEp-2QkxOQ3

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7660565476681256380/ Frame 1B0F 6 KB
2 KB 88ms
40ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7660565476681256380/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a79fbeaa5ac66e22c54579f807d787f4bc5dfe9bf9eda4f278e5549f8c8d80af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 2297
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 14 Mar 2022 15:53:21 GMT
expires: Tue, 14 Mar 2023 15:53:21 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 31 Jan 2022 14:31:16 GMT
content-type: text/html
age: 140051
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 05DE 0
24 B 31ms
31ms Ping
image/gif 142.250.179.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvutske4gMYDp5WWonsTcjMU_WTdtcqqfdGyVQY1d_Ge8IL-zisHjhzKV52bI7KosqmQdoJNpbzrOVQt9E39mcZT6r-at6BbWrhTarmEczSw83Gwsi2uB14l0XVAR9VIWBTv-yAaKcBuvVzr1PvrOxQr3KpWPshxUg8lZm1QjPu9uxMGrFxWngs2zZdbXCQnGWiWBHynQUvLg122oZZ-bR8DpSxgGPxWK3vJPlpdEslglsYqqKiqPhXzWybdRocGC2FHvbYIh8NZd3F20XyTUT9aHXOxgVlaw6tMKGrY0YIDXExgFP8uZ2iaznqUXoBzTdQXl91E_5hyM9gmMVXGPsWqY8JgEsr3W2KHmkLcCqOV0YPvvqJAUOsAkF6_lnl8d3dliy8vOO5NfW6UXUHSUWj4IRHSOZx9T7TfdW5uuqsxPTVHGMx7tOMf_lMc7pEPCXTyudv94Q8v3Z2kfqTKRmeAZTTxpWAwObu_fxXKmvYs5YxABKmbKvCw2vPzfbeZLNM4srrykasdJ1XKloY_xfkZLvuux5Bo3iKMrG2Henfu7BqoNiWmqP7PLCSC7Cf14nxjy3tGlys1d5DdD-JYjlCB0d2MYK1EuGRE6147NwTTiS8kNm-r_4IRhncKKX9mHeiNSnx1Nv8f0IATVjBY7RqC8AU5egem38cPTH4VuArfLfuZOIoOfOrt22L8mClhKRvaZl0DVoKF0ieLaKRCC2qDkFHz-10-yvVncpq1qYqGjgzhiQbHFz4gFMR04gg8wBiMRpYD8bdUu7ZQo4AMYECWNb2RGXzq6GObfoNyRTCaGopS6HfsxjSvojPdwSZhjd-_OtlWzwmYIJycwi4-BI2J6Jqa1qeXKvoN9Sh44X5En8r8jyoK01YYWHi5HRe0r3l3UD09gZazn5BMvY-p9pJZY41CcZXOQqIHpR_h1nv7LuuK3VM8BnEqH3hVLBGwSyHNLRrAkP1iv4ljjkeg2W1zJkuWpvSYwcxdOkmQC7WVwdJkggUjWsmNhXZXemWtrFaQTJbCiaQ7Vxg3iMbCETby92KhZFi2hK5uuqRml6pdqmmi0Mxkk28JDkGgutdMIlb2cj8xmhJdxuJrzV3x68e-HYGWkqh6dI4G0pBugSiSObhz0XSU0rnellrcPkDzRI5qDvzxonC4oumdL4&sai=AMfl-YSMB5CqOXYIxV4zgR9Yh6vpWLZ0RukzIpT227a2nEHRFND7PEgOLS3MQI_9jPVvf1armEg1sAH6TV5s8uPlkQIxccnjqXzIHIXxS8qNgZDNZjH4JyBHG8lDd71SzD-hNYTBRuImyvXgU-xGM09x_PTD9ujkCsq2RD0A6IEVCNXQXTUEjAwzc3ob4Rjm00aXEYRtLLh3qXaCx4CQR7Ljiw&sig=Cg0ArKJSzD8ChEon_upCEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=313&cbvp=1&cstd=309&cisv=r20220314.19438&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams17s10-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 16 Mar 2022 06:47:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 cpx_cms
lg1.logging.admicro.vn/ 35 B
467 B 217ms
217ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/cpx_cms?dmn=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&zid=kmd65c33&pli=kmd9vwii&cmpg=kmd650bd&items=kmd9vwit&cat=null&cov=2&pgid=1647413250505357236&uid=1647413249084434761
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
content-length: 35
content-type: image/gif

GET
H2 200 main.gr.19.8.299.js Show response
static.adsafeprotected.com/ Frame 05DE 189 KB
60 KB 82ms
20ms Script
application/javascript 2600:9000:225f:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.299.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/949432/60827839/skeleton.js?ias_dspID=3&ias_campId=26650973&ias_pubId=pub-4328742155432872&ias_chanId=1&ias_placementId=16184950690&bidurl=https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ing9p_oOXvAwlgOsYenjsA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 20:37:01 GMT
content-encoding: gzip
age: 727832
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Mar 2022 19:11:01 GMT
server: AmazonS3
etag: W/"587738d3e44b43a2620f42eb51d89fbf"
vary: Accept-Encoding
x-amz-version-id: kp2GPcLunARmvxyYiu0RKpd0_UaoR.nW
via: 1.1 fdea8c36228dc968e7ca648afb7fdafa.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P2
content-type: application/javascript
x-amz-cf-id: DRRXWQMkGzBjpipI7zqXBnBdJ3faPr464GOy_4MhZ9k8mTrSYV9Y1g==

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EB2E 22 KB
8 KB 14ms
14ms Document
text/html 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Mar 2022 10:21:01 GMT
expires: Tue, 14 Mar 2023 10:21:01 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 159991
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cpx_cms
lg1.logging.admicro.vn/ 35 B
467 B 219ms
219ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/cpx_cms?dmn=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&zid=kmd6509n&pli=kmd9w8fz&cmpg=kmd650bd&items=kmd9w8ga&cat=null&cov=2&pgid=1647413250505357236&uid=1647413249084434761
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
content-length: 35
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 06DA
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLDW4yk-K32AP_gV2mq0mSA0QQe6nWLkxk9-UF...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWpHSUJBQUFBVVZ5bFh6dw&google_push=AYg5qPLDW4yk-K32AP_gV2mq0mSA0QQe6nWLkxk9-UFD7qjNM3KHNoZ98VnzoF_zOebgjY8VPcgNkN8U2i0tVuGnnJPhwHzIcQ...

170 B
188 B

57ms
57ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWpHSUJBQUFBVVZ5bFh6dw&google_push=AYg5qPLDW4yk-K32AP_gV2mq0mSA0QQe6nWLkxk9-UFD7qjNM3KHNoZ98VnzoF_zOebgjY8VPcgNkN8U2i0tVuGnnJPhwHzIcQFV5Q

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWpHSUJBQUFBVVZ5bFh6dw&google_push=AYg5qPLDW4yk-K32AP_gV2mq0mSA0QQe6nWLkxk9-UFD7qjNM3KHNoZ98VnzoF_zOebgjY8VPcgNkN8U2i0tVuGnnJPhwHzIcQFV5Q
Date: Wed, 16 Mar 2022 06:47:32 GMT
Server: Apache
Connection: keep-alive
Content-Length: 393
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 06DA 43 B
324 B 51ms
20ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEGqGw3klM8sy_Nmlf08QYjU&google_push=AYg5qPLuYetSNmqzMXDk9knM-7TJxDIJ8mVFXLuhvmD66-xD76Hzce97eXTSFIYZK6DG9Ya08I2GnD2hlQpHrn9ohaEInbrScx07vg&google_cver=1
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 06DA 43 B
64 B 22ms
21ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEF14d40uxADgBJTWbbOPBSs&google_cver=1&google_push=AYg5qPLXJU5l9Ovc6PJNaQ36S_yvsUrRaBbjSX6cPcHH0PqelMvIUgRpbTD9dMSxjUthn2INmOarpnuT9hNEkErupgX7jhj_3IZU
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:31 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: p1ke0c6cqh6qnj44qlk9gnf91o8t988j

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 06DA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA5WN69DkXgkope8Ki-glkI&google_cver=1&google_push=AYg5qPKvfaw0xyh0Rdwetclu1TDE0bXxb0q9FFqswkuL13oDBIPRDkCD3In6FU7HxDubvO2GbiT...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBUN0JDWUgtSS1IM0Y4&google_push=AYg5qPKvfaw0xyh0Rdwetclu1TDE0bXxb0q9FFqswkuL13oDBIPRDkCD3In6FU7HxDubvO2GbiT0vfbpFZDlqVFIkfSxCZTdCqFSEA

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBUN0JDWUgtSS1IM0Y4&google_push=AYg5qPKvfaw0xyh0Rdwetclu1TDE0bXxb0q9FFqswkuL13oDBIPRDkCD3In6FU7HxDubvO2GbiT0vfbpFZDlqVFIkfSxCZTdCqFSEA

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBUN0JDWUgtSS1IM0Y4&google_push=AYg5qPKvfaw0xyh0Rdwetclu1TDE0bXxb0q9FFqswkuL13oDBIPRDkCD3In6FU7HxDubvO2GbiT0vfbpFZDlqVFIkfSxCZTdCqFSEA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 06DA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GI...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 06DA
Redirect Chain

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMa2SJ9Puev5L0dsrxNy5EU&google_cver=1&google_push=AYg5qPLnHnBY-fAe0RPkSRYEnRFqEdGu97nB9l7IxmNl_f3ePTKZg0Y1_K-av6OgdkZ1nqemeLfHn5hXR2Aa0rECZrmUrlH...
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLnHnBY-fAe0RPkSRYEnRFqEdGu97nB9l7IxmNl_f3ePTKZg0Y1_K-av6OgdkZ1nqemeLfHn5hXR2Aa0rECZrmUrlH6wh_XIA&google_hm=XSh_YfA4RGmvPv...

170 B
188 B

51ms
50ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLnHnBY-fAe0RPkSRYEnRFqEdGu97nB9l7IxmNl_f3ePTKZg0Y1_K-av6OgdkZ1nqemeLfHn5hXR2Aa0rECZrmUrlH6wh_XIA&google_hm=XSh_YfA4RGmvPveLSidiLw

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLnHnBY-fAe0RPkSRYEnRFqEdGu97nB9l7IxmNl_f3ePTKZg0Y1_K-av6OgdkZ1nqemeLfHn5hXR2Aa0rECZrmUrlH6wh_XIA&google_hm=XSh_YfA4RGmvPveLSidiLw
pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
cache-control: no-cache
content-length: 0
request-time: 1
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 06DA
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFUNaRYKxQVS-MzB3uOqMJY&google_cver=1&google_push=AYg5qPLugNPYyOJ-TO-GWWrs...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLugNPYyOJ-TO-GWWrso7r3CdVB4b8KI_v_iNdMuUWb8hXLE_EUMyEIVECHfSupGN-l8VQLDNLXs2sGL650QAacwDBdHjR_OBg&google_hm=

170 B
188 B

51ms
50ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLugNPYyOJ-TO-GWWrso7r3CdVB4b8KI_v_iNdMuUWb8hXLE_EUMyEIVECHfSupGN-l8VQLDNLXs2sGL650QAacwDBdHjR_OBg&google_hm=

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLugNPYyOJ-TO-GWWrso7r3CdVB4b8KI_v_iNdMuUWb8hXLE_EUMyEIVECHfSupGN-l8VQLDNLXs2sGL650QAacwDBdHjR_OBg&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Tue, 15 Mar 2022 06:47:32 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 06DA 0
12 B 47ms
46ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JiGmgX_zxa7g0WNwUcukjcQFHWiFa-8co-krdzlg0uNCCYivIzbChWIAjA6oNgDdqTmThI5g

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 genuuidpc Show response
fgp.philacct.com/ Frame 643C 32 B
197 B 1036ms
349ms XHR
text/plain 123.30.151.81
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://fgp.philacct.com/genuuidpc
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.151.81 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: Rapidoid /
Resource Hash: 9b7c7bf5c4e6f680db7a443955079d0624679c918a96a95626a7bfeb79ae27e6

Request headers

Referer: https://tinhte.vn/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 16 Mar 2022 06:47:33 GMT
server: Rapidoid
content-length: 32
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS
content-type: text/plain; charset=utf-8

GET
H2 200 cpx_cms
lg1.logging.admicro.vn/ 35 B
467 B 216ms
216ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/cpx_cms?dmn=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&zid=kmd69fot&pli=kmd9wo8l&cmpg=kmd650bd&items=kmd9wo8w&cat=null&cov=2&pgid=1647413250505357236&uid=1647413249084434761
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
content-length: 35
content-type: image/gif

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame FC69 3 KB
4 KB 57ms
24ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Wed, 16 Mar 2022 06:47:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4317534
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VS5NTrJ2xuHzTKOVVwuqpiWc3uaMJSq%2Fk9ET5bRAQP1Nqa2NPD%2FnK%2FRo0ZAnWKNJhfzYBGvsRPa1ulgEucJzjjZlZ0Ekjcw%2F9TPAMlKJDpZ5SQpNvmfu5q4VJXFETKMODO%2BqKmznr%2FzS4F51vEaLm9Hm"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6ecb89bee9a4692b-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H2 200 ssp
lg1.logging.admicro.vn/ 35 B
467 B 216ms
216ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/ssp?td=0&ec=204&t=pc&oid=sspid_2018943&lsn=1647413248338&ce=1&lc=115&cr=1647413249&ui=2574132493117783970&uuid=
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
content-length: 35
content-type: image/gif

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame B97E
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=71770400030503500710612011900025&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=71770400030503500710612011900025&actionid=981741&produktid=&dt_url=

0
607 B

147ms
110ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=71770400030503500710612011900025&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=775bececd6&subid=&uid=ca8075ca900c4d9c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi8uKA4gxYsfmDoeJgQeV-Z6gD7XN-YNX_Ni5q-UM8C4QASCM-YEaYJXikIKgB8gBCakCz6giEOllsj6oAwGqBNwBT9C40gs9bGSIX-i1zWle1f4X_DhkST_tQUJnkQCRWVtIAdNLz6pQpyos6soTZ2Nryiq4qEahNyPjA-JTFU4EA3-RwOhLxo5loF6y-m4YcsSC-2OaVwDHGYT2Uyrnyiflt1EhEdHNOz7bEBdn0eSGM0dbO06JbUgkXfnxgb3KRE96QmZsy_HNKOFSIrZWkuOnZt4owQ1qksG0fN7f9Ne6CsO3O0vA30R7LXzI-OYCR6DzQ9OHK_654om-fFUvuvBw-8Kwd3uERqJBXx0QKgClXqKw-_SAljmjdnbt88AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJORowg6tnwFTXgZh8Fanq1VmJmKQhxLgBANSIwyGja36e-Qg0Q%26sig%3DAOD64_1j8IbNHURmDv_EuJ4Apb_Ur-oerg%26client%3Dca-pub-4328742155432872%26dbm_c%3DAKAmf-DfZez0W5vkNbdyhgB0AkXsyw7dHB_kiK1zmHqhJx3H3k4zvXgvHEDtXHZ_kzKuQ2aifp7EGZGuxYs7S5DSNDJ4CJRsrwSCBshMxNYGuz1HjIXTWnnK-Kk9yIN_HWLvw-sxgIhxBUZBmn65rIBwKApyDZgoZA%26cry%3D1%26dbm_d%3DAKAmf-CupFV6ottWqmt6iKHWANnNc-1ZiVf0nXBbEDVimTN1JW6srQaIhB6XMXOczRoQKOWGeIq9zCTofC4e42AtDchY8REvc_7lmsGow6If_ngqOSzZd-g-UrbAB4BMIxGbCBrA1dfNJ2hXvpAt9JNIKdKKIqJOQPrsA0yAbBTXNQY6K2nAX41_GchGoea7R3wNFqhVmfeiIjtry5bEl0IRLTfeTfuCVdKrAgNdUS627OurzCXO3th9fU-XhoPNKiblRF8LqtdPCj4Rmr2hFePDWTwD7e8C-FS99VxkI4c3gvLqI9Ky1LlWyxvdnsbD8tLMNSR--FkUDF7wYvdWelaEu9b-Y1cgeCZ5WAJnT5K4MnzG0EdJIIg1Zbdb6AOtZse8gmXTwf-L30xi4QgxpLKLwcCKeTmrhlIBA7wyiY1OEO7EnlRVreyTdgnIlyf1_AHkT2hfq4Vn973LwBYFylhcVjzMMFl6xyW9vXrqVmLnBYzeca3R3qB-sLvPSUuUGlqENjZxWIpeyGuW8Ay6aghytfl-TRSbpvbb2sC7obGDj75psFaQ2as%26adurl%3D&documentReferer=https%3A%2F%2Ftinhte.vn%2F&ancestorOrigins=https%3A%2F%2Ftinhte.vn&random=4449684827340&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 16 Mar 2022 07:47:32 GMT
server: Microsoft-IIS/10.0
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Wed, 16 Mar 2022 06:47:32 GMT
content-length: 0

Redirect headers

Server: nginx/1.17.5
Date: Wed, 16 Mar 2022 06:47:33 GMT
Content-Type: application/javascript
Content-Length: 0
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=71770400030503500710612011900025&actionid=981741&produktid=&dt_url=
Host: pv.medialead.de
Proxy-Host: pv.medialead.de
X-IPLB-Request-ID: B9D59BA2:B900_91EFC182:01BB_62318804_D963962:F725
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027

GET
H2 200 / Show response
adv.office-partner.de/ Frame E137 930 B
931 B 117ms
6ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=775bececd6&subid=&uid=ca8075ca900c4d9c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi8uKA4gxYsfmDoeJgQeV-Z6gD7XN-YNX_Ni5q-UM8C4QASCM-YEaYJXikIKgB8gBCakCz6giEOllsj6oAwGqBNwBT9C40gs9bGSIX-i1zWle1f4X_DhkST_tQUJnkQCRWVtIAdNLz6pQpyos6soTZ2Nryiq4qEahNyPjA-JTFU4EA3-RwOhLxo5loF6y-m4YcsSC-2OaVwDHGYT2Uyrnyiflt1EhEdHNOz7bEBdn0eSGM0dbO06JbUgkXfnxgb3KRE96QmZsy_HNKOFSIrZWkuOnZt4owQ1qksG0fN7f9Ne6CsO3O0vA30R7LXzI-OYCR6DzQ9OHK_654om-fFUvuvBw-8Kwd3uERqJBXx0QKgClXqKw-_SAljmjdnbt88AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJORowg6tnwFTXgZh8Fanq1VmJmKQhxLgBANSIwyGja36e-Qg0Q%26sig%3DAOD64_1j8IbNHURmDv_EuJ4Apb_Ur-oerg%26client%3Dca-pub-4328742155432872%26dbm_c%3DAKAmf-DfZez0W5vkNbdyhgB0AkXsyw7dHB_kiK1zmHqhJx3H3k4zvXgvHEDtXHZ_kzKuQ2aifp7EGZGuxYs7S5DSNDJ4CJRsrwSCBshMxNYGuz1HjIXTWnnK-Kk9yIN_HWLvw-sxgIhxBUZBmn65rIBwKApyDZgoZA%26cry%3D1%26dbm_d%3DAKAmf-CupFV6ottWqmt6iKHWANnNc-1ZiVf0nXBbEDVimTN1JW6srQaIhB6XMXOczRoQKOWGeIq9zCTofC4e42AtDchY8REvc_7lmsGow6If_ngqOSzZd-g-UrbAB4BMIxGbCBrA1dfNJ2hXvpAt9JNIKdKKIqJOQPrsA0yAbBTXNQY6K2nAX41_GchGoea7R3wNFqhVmfeiIjtry5bEl0IRLTfeTfuCVdKrAgNdUS627OurzCXO3th9fU-XhoPNKiblRF8LqtdPCj4Rmr2hFePDWTwD7e8C-FS99VxkI4c3gvLqI9Ky1LlWyxvdnsbD8tLMNSR--FkUDF7wYvdWelaEu9b-Y1cgeCZ5WAJnT5K4MnzG0EdJIIg1Zbdb6AOtZse8gmXTwf-L30xi4QgxpLKLwcCKeTmrhlIBA7wyiY1OEO7EnlRVreyTdgnIlyf1_AHkT2hfq4Vn973LwBYFylhcVjzMMFl6xyW9vXrqVmLnBYzeca3R3qB-sLvPSUuUGlqENjZxWIpeyGuW8Ay6aghytfl-TRSbpvbb2sC7obGDj75psFaQ2as%26adurl%3D&documentReferer=https%3A%2F%2Ftinhte.vn%2F&ancestorOrigins=https%3A%2F%2Ftinhte.vn&random=4449684827340&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/

Response headers

server: keycdn-engine
date: Wed, 16 Mar 2022 06:47:33 GMT
content-type: text/html
content-length: 552
x-accel-version: 0.01
last-modified: Thu, 06 May 2021 15:37:28 GMT
etag: "3a2-5c1ab16b3be00-gzip"
vary: Accept-Encoding
content-encoding: gzip
expires: Wed, 23 Mar 2022 06:47:33 GMT
cache-control: max-age=604800
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache: HIT
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 89DB 1 KB
2 KB 216ms
121ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3432265&wgcampaignid=99582&js=1&nw=1&viewref=71770400030503500710612011900025
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 4088a57f5a85cb20abcefe95e002d9080e33d87c7a1a2bb54f176e19c1b8e184

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 06:47:33 GMT
Last-Modified: Wed, 16 Mar 2022 06:47:33 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1238
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 89DB 1 KB
2 KB 228ms
132ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=71770400030503500710612011900025&nw=1
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 5c000fc3c895b7b703ddde26da0f477a9c0d8375d4cb0b4b32cb796a3a3e16c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 06:47:33 GMT
Last-Modified: Wed, 16 Mar 2022 06:47:33 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1233
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

activityi;dc_pre=CLuz_c2EyvYCFTFFHQkdJaUNLQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8513424182466.683 Show response
5994599.fls.doubleclick.net/ Frame 58A7
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8513424182466.683?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLuz_c2EyvYCFTFFHQkdJaUNLQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8513424182466.683?

391 B
345 B

103ms
58ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CLuz_c2EyvYCFTFFHQkdJaUNLQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8513424182466.683?

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

3a0f971765cfd5b5e07a86cec8ae4f80a1f8b61f707a70c9201f386c42975e8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 16 Mar 2022 06:47:33 GMT
expires: Wed, 16 Mar 2022 06:47:33 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 16 Mar 2022 06:47:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLuz_c2EyvYCFTFFHQkdJaUNLQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8513424182466.683?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900025.redintelligence.net/ Frame DC0A 7 KB
2 KB 38ms
14ms Document
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/request_content.php?s=71770400030503500710612011900025&a=720163e3
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=775bececd6&subid=&uid=ca8075ca900c4d9c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi8uKA4gxYsfmDoeJgQeV-Z6gD7XN-YNX_Ni5q-UM8C4QASCM-YEaYJXikIKgB8gBCakCz6giEOllsj6oAwGqBNwBT9C40gs9bGSIX-i1zWle1f4X_DhkST_tQUJnkQCRWVtIAdNLz6pQpyos6soTZ2Nryiq4qEahNyPjA-JTFU4EA3-RwOhLxo5loF6y-m4YcsSC-2OaVwDHGYT2Uyrnyiflt1EhEdHNOz7bEBdn0eSGM0dbO06JbUgkXfnxgb3KRE96QmZsy_HNKOFSIrZWkuOnZt4owQ1qksG0fN7f9Ne6CsO3O0vA30R7LXzI-OYCR6DzQ9OHK_654om-fFUvuvBw-8Kwd3uERqJBXx0QKgClXqKw-_SAljmjdnbt88AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJORowg6tnwFTXgZh8Fanq1VmJmKQhxLgBANSIwyGja36e-Qg0Q%26sig%3DAOD64_1j8IbNHURmDv_EuJ4Apb_Ur-oerg%26client%3Dca-pub-4328742155432872%26dbm_c%3DAKAmf-DfZez0W5vkNbdyhgB0AkXsyw7dHB_kiK1zmHqhJx3H3k4zvXgvHEDtXHZ_kzKuQ2aifp7EGZGuxYs7S5DSNDJ4CJRsrwSCBshMxNYGuz1HjIXTWnnK-Kk9yIN_HWLvw-sxgIhxBUZBmn65rIBwKApyDZgoZA%26cry%3D1%26dbm_d%3DAKAmf-CupFV6ottWqmt6iKHWANnNc-1ZiVf0nXBbEDVimTN1JW6srQaIhB6XMXOczRoQKOWGeIq9zCTofC4e42AtDchY8REvc_7lmsGow6If_ngqOSzZd-g-UrbAB4BMIxGbCBrA1dfNJ2hXvpAt9JNIKdKKIqJOQPrsA0yAbBTXNQY6K2nAX41_GchGoea7R3wNFqhVmfeiIjtry5bEl0IRLTfeTfuCVdKrAgNdUS627OurzCXO3th9fU-XhoPNKiblRF8LqtdPCj4Rmr2hFePDWTwD7e8C-FS99VxkI4c3gvLqI9Ky1LlWyxvdnsbD8tLMNSR--FkUDF7wYvdWelaEu9b-Y1cgeCZ5WAJnT5K4MnzG0EdJIIg1Zbdb6AOtZse8gmXTwf-L30xi4QgxpLKLwcCKeTmrhlIBA7wyiY1OEO7EnlRVreyTdgnIlyf1_AHkT2hfq4Vn973LwBYFylhcVjzMMFl6xyW9vXrqVmLnBYzeca3R3qB-sLvPSUuUGlqENjZxWIpeyGuW8Ay6aghytfl-TRSbpvbb2sC7obGDj75psFaQ2as%26adurl%3D&documentReferer=https%3A%2F%2Ftinhte.vn%2F&ancestorOrigins=https%3A%2F%2Ftinhte.vn&random=4449684827340&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 24d223d0197b4bb35fd2457d335cd840d00ecbb7746d3464dfee4a9ca141616b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/

Response headers

Date: Wed, 16 Mar 2022 06:47:32 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 16 Mar 2022 06:47:32 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2103
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 89DB
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=71770400030503500710612011900025
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=71770400030503500710612011900025
https://ad-server.eu/wm/pb/native.png

68 B
312 B

151ms
27ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:53:06 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Wed, 16 Mar 2022 06:47:33 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B9D59BA2:B908_91EFC182:01BB_62318805_DC7FA19:7DE1
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=15768000
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame D749
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=72482400022588400710612011900012&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72482400022588400710612011900012&actionid=981741&produktid=&dt_url=

0
179 B

138ms
117ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72482400022588400710612011900012&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=44d2bf5e18&subid=&uid=dbbe8e4ac9751e7d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRgNKA4gxYpb1DofH7gOvwJGYDLXN-YNX_Ni5q-UM8C4QASCM-YEaYJXikIKgB8gBCakCz6giEOllsj6oAwGqBNwBT9BJY2dkN88ao2r1S0P-gQYYIrwq9pMJAR63AcqmdNdLk4LtwiNAQLqFX9PyAkWLZyjM0nIJqAo5DtmhPKkxnEQZvDXn-s0NRH7rsDzPG30O2faadn82NyXR0M_qJe9iPcj9nq0VPmLQ-cKFoLLIW_P44hvFKqW6r0xkyvg_u7DrOC11KfLF3FAjuWZhubyBAhI2Fsc6PmKXmx4VIeopvwShzKzpgiPiFUano6_5isVSNCmBDq_CB-58-oJny8M2keQCh7tkwHbO_nFUaYoRwqp3TRclRFYpDCV_cMAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJORoiBZ6_T6_J17-vGwoSBNn1QAdJCFpjCSykN2Hexuk48Utgg%26sig%3DAOD64_1tz8ZrIUnhS1MQUVEFj9INp8_bbQ%26client%3Dca-pub-4328742155432872%26dbm_c%3DAKAmf-B3iWYwmj1XwwQkJOvIWd9Oj6bBUI1jf7wmulBVoPCR8UlNau9N7v_l511o1X-PATC0wSGw2f7v8JgFu5bIopNjGmM3ZAGZa46QuKB5BQ3fd_JkUQcuVA7LdZrBFWTPidYv_7pWRStym3Mx-8dkbwIfP24kkA%26cry%3D1%26dbm_d%3DAKAmf-CEo-Moi2eEmDRq3tlebZTanzi4b0LnXcPMrboFCJrg6NmxauYm609l-9bCjnemPLeatKoXzzeIrF8Aef4YdhL2UM5Zwm7T99_sC2zqPcL7dnn_h5ZUdtlpeA78cQgTeL-2pAX5M1oSY_-13iWnRP1fhicxFXQTrHfjXy974LyA3zEgVcdgGcbhq-R_VKzj_HEOqYSdAmTFOwyBIPZOdq05LCy1ZhamsxSILmRhVFBiM2uJ6MiSnMOWpaIVBxFK7TbOgL3bMy4G0DnZ07Hv0Av6KkzTIq-CmiT8dXmffZ9yv431by7Q5oLendn89s1bgMSgthb2sdWIrydBbA9IPj2I6v1rrDgEs6nKjaPtlwNs1xZxk1kxjeE0b_5G94Gc5AhxXwGvsrSKMEUPtinAAR5PftrOT3J9ZIifG_4lycAN5OmNt2YEXLJQkel3n31CfIoYaL657pasRdZylHkLfBGS2OcVy1FEAYcpD5DKfVIcdFCkHe9BKxJy-GyVleS61VHsaN4tcpb9efreJBKvDOr9OMLBwxMFRb3V8YOndiGVgIKLhqQ%26adurl%3D&documentReferer=https%3A%2F%2Ftinhte.vn%2F&ancestorOrigins=https%3A%2F%2Ftinhte.vn&random=3807544422330&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 16 Mar 2022 07:47:32 GMT
server: Microsoft-IIS/10.0
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Wed, 16 Mar 2022 06:47:32 GMT
content-length: 0

Redirect headers

Server: nginx/1.17.5
Date: Wed, 16 Mar 2022 06:47:33 GMT
Content-Type: application/javascript
Content-Length: 0
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72482400022588400710612011900012&actionid=981741&produktid=&dt_url=
Host: pv.medialead.de
Proxy-Host: pv.medialead.de
X-IPLB-Request-ID: B9D59BA2:B908_91EFC182:01BB_62318804_DC7FA04:7DE1
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40028

GET
H2 200 / Show response
adv.office-partner.de/ Frame FBCC 930 B
930 B 113ms
7ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=44d2bf5e18&subid=&uid=dbbe8e4ac9751e7d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRgNKA4gxYpb1DofH7gOvwJGYDLXN-YNX_Ni5q-UM8C4QASCM-YEaYJXikIKgB8gBCakCz6giEOllsj6oAwGqBNwBT9BJY2dkN88ao2r1S0P-gQYYIrwq9pMJAR63AcqmdNdLk4LtwiNAQLqFX9PyAkWLZyjM0nIJqAo5DtmhPKkxnEQZvDXn-s0NRH7rsDzPG30O2faadn82NyXR0M_qJe9iPcj9nq0VPmLQ-cKFoLLIW_P44hvFKqW6r0xkyvg_u7DrOC11KfLF3FAjuWZhubyBAhI2Fsc6PmKXmx4VIeopvwShzKzpgiPiFUano6_5isVSNCmBDq_CB-58-oJny8M2keQCh7tkwHbO_nFUaYoRwqp3TRclRFYpDCV_cMAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJORoiBZ6_T6_J17-vGwoSBNn1QAdJCFpjCSykN2Hexuk48Utgg%26sig%3DAOD64_1tz8ZrIUnhS1MQUVEFj9INp8_bbQ%26client%3Dca-pub-4328742155432872%26dbm_c%3DAKAmf-B3iWYwmj1XwwQkJOvIWd9Oj6bBUI1jf7wmulBVoPCR8UlNau9N7v_l511o1X-PATC0wSGw2f7v8JgFu5bIopNjGmM3ZAGZa46QuKB5BQ3fd_JkUQcuVA7LdZrBFWTPidYv_7pWRStym3Mx-8dkbwIfP24kkA%26cry%3D1%26dbm_d%3DAKAmf-CEo-Moi2eEmDRq3tlebZTanzi4b0LnXcPMrboFCJrg6NmxauYm609l-9bCjnemPLeatKoXzzeIrF8Aef4YdhL2UM5Zwm7T99_sC2zqPcL7dnn_h5ZUdtlpeA78cQgTeL-2pAX5M1oSY_-13iWnRP1fhicxFXQTrHfjXy974LyA3zEgVcdgGcbhq-R_VKzj_HEOqYSdAmTFOwyBIPZOdq05LCy1ZhamsxSILmRhVFBiM2uJ6MiSnMOWpaIVBxFK7TbOgL3bMy4G0DnZ07Hv0Av6KkzTIq-CmiT8dXmffZ9yv431by7Q5oLendn89s1bgMSgthb2sdWIrydBbA9IPj2I6v1rrDgEs6nKjaPtlwNs1xZxk1kxjeE0b_5G94Gc5AhxXwGvsrSKMEUPtinAAR5PftrOT3J9ZIifG_4lycAN5OmNt2YEXLJQkel3n31CfIoYaL657pasRdZylHkLfBGS2OcVy1FEAYcpD5DKfVIcdFCkHe9BKxJy-GyVleS61VHsaN4tcpb9efreJBKvDOr9OMLBwxMFRb3V8YOndiGVgIKLhqQ%26adurl%3D&documentReferer=https%3A%2F%2Ftinhte.vn%2F&ancestorOrigins=https%3A%2F%2Ftinhte.vn&random=3807544422330&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/

Response headers

server: keycdn-engine
date: Wed, 16 Mar 2022 06:47:33 GMT
content-type: text/html
content-length: 552
x-accel-version: 0.01
last-modified: Thu, 06 May 2021 15:37:28 GMT
etag: "3a2-5c1ab16b3be00-gzip"
vary: Accept-Encoding
content-encoding: gzip
expires: Wed, 23 Mar 2022 06:47:33 GMT
cache-control: max-age=604800
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache: HIT
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 051C 1 KB
2 KB 225ms
132ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3432245&wgcampaignid=99582&viewref=72482400022588400710612011900012&js=1&nw=1
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 72dbae5ea7cf4802f48cbc7576b59bbc166f0ffd12bfb67c8d962d89a7f0af21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 06:47:33 GMT
Last-Modified: Wed, 16 Mar 2022 06:47:33 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1239
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 051C 1 KB
2 KB 215ms
123ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=72482400022588400710612011900012&nw=1
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 3724543e0e8a60152a42a8c091c2e37e8a3412a8d6c606d1b79d6f30759943da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 06:47:33 GMT
Last-Modified: Wed, 16 Mar 2022 06:47:33 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1233
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

activityi;dc_pre=CPK1_c2EyvYCFa1FHQkdMcIBiQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5344401744805.531 Show response
5994599.fls.doubleclick.net/ Frame 58BF
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5344401744805.531?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPK1_c2EyvYCFa1FHQkdMcIBiQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5344401744805.531?

391 B
345 B

106ms
59ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CPK1_c2EyvYCFa1FHQkdMcIBiQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5344401744805.531?

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

b04459c2b27ea0aadbe9c2b6eee0a58c02f46b860ca3a7ca6142e0aedb013a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 16 Mar 2022 06:47:33 GMT
expires: Wed, 16 Mar 2022 06:47:33 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 16 Mar 2022 06:47:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPK1_c2EyvYCFa1FHQkdMcIBiQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5344401744805.531?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900012.redintelligence.net/ Frame 9560 7 KB
2 KB 47ms
24ms Document
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request_content.php?s=72482400022588400710612011900012&a=56e326cb
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=44d2bf5e18&subid=&uid=dbbe8e4ac9751e7d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRgNKA4gxYpb1DofH7gOvwJGYDLXN-YNX_Ni5q-UM8C4QASCM-YEaYJXikIKgB8gBCakCz6giEOllsj6oAwGqBNwBT9BJY2dkN88ao2r1S0P-gQYYIrwq9pMJAR63AcqmdNdLk4LtwiNAQLqFX9PyAkWLZyjM0nIJqAo5DtmhPKkxnEQZvDXn-s0NRH7rsDzPG30O2faadn82NyXR0M_qJe9iPcj9nq0VPmLQ-cKFoLLIW_P44hvFKqW6r0xkyvg_u7DrOC11KfLF3FAjuWZhubyBAhI2Fsc6PmKXmx4VIeopvwShzKzpgiPiFUano6_5isVSNCmBDq_CB-58-oJny8M2keQCh7tkwHbO_nFUaYoRwqp3TRclRFYpDCV_cMAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJORoiBZ6_T6_J17-vGwoSBNn1QAdJCFpjCSykN2Hexuk48Utgg%26sig%3DAOD64_1tz8ZrIUnhS1MQUVEFj9INp8_bbQ%26client%3Dca-pub-4328742155432872%26dbm_c%3DAKAmf-B3iWYwmj1XwwQkJOvIWd9Oj6bBUI1jf7wmulBVoPCR8UlNau9N7v_l511o1X-PATC0wSGw2f7v8JgFu5bIopNjGmM3ZAGZa46QuKB5BQ3fd_JkUQcuVA7LdZrBFWTPidYv_7pWRStym3Mx-8dkbwIfP24kkA%26cry%3D1%26dbm_d%3DAKAmf-CEo-Moi2eEmDRq3tlebZTanzi4b0LnXcPMrboFCJrg6NmxauYm609l-9bCjnemPLeatKoXzzeIrF8Aef4YdhL2UM5Zwm7T99_sC2zqPcL7dnn_h5ZUdtlpeA78cQgTeL-2pAX5M1oSY_-13iWnRP1fhicxFXQTrHfjXy974LyA3zEgVcdgGcbhq-R_VKzj_HEOqYSdAmTFOwyBIPZOdq05LCy1ZhamsxSILmRhVFBiM2uJ6MiSnMOWpaIVBxFK7TbOgL3bMy4G0DnZ07Hv0Av6KkzTIq-CmiT8dXmffZ9yv431by7Q5oLendn89s1bgMSgthb2sdWIrydBbA9IPj2I6v1rrDgEs6nKjaPtlwNs1xZxk1kxjeE0b_5G94Gc5AhxXwGvsrSKMEUPtinAAR5PftrOT3J9ZIifG_4lycAN5OmNt2YEXLJQkel3n31CfIoYaL657pasRdZylHkLfBGS2OcVy1FEAYcpD5DKfVIcdFCkHe9BKxJy-GyVleS61VHsaN4tcpb9efreJBKvDOr9OMLBwxMFRb3V8YOndiGVgIKLhqQ%26adurl%3D&documentReferer=https%3A%2F%2Ftinhte.vn%2F&ancestorOrigins=https%3A%2F%2Ftinhte.vn&random=3807544422330&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: d9b8a32e1c8ddf74e7269b9b334e774b45119c87252cdcaf9e34917eef7c2fb1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/

Response headers

Date: Wed, 16 Mar 2022 06:47:33 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 16 Mar 2022 06:47:33 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2113
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 051C
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=72482400022588400710612011900012
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=72482400022588400710612011900012
https://ad-server.eu/wm/pb/native.png

68 B
312 B

157ms
33ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:53:06 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Wed, 16 Mar 2022 06:47:33 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B9D59BA2:B900_91EFC182:01BB_62318805_D963975:F725
X-IPLB-Instance: 40027
Strict-Transport-Security: max-age=15768000
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H3 200 frame.html Show response
ad4m.at/ Frame 7E8A 2 KB
2 KB 16ms
16ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 16 Mar 2022 06:47:32 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdugBLBP-Vwd2B9WHPfqz7wLElCJPL4RDx_q8DQF8SE2-ZYKEh4d8NJI0q3TqTXs-Lt8QdoPKRS3lY5o3ig520BPzOfHoA
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
expires: Wed, 16 Mar 2022 07:47:32 GMT
cache-control: public, max-age=3600
last-modified: Wed, 06 May 2020 15:09:30 GMT
age: 1640054
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTi7n08sijyKOUHeR44tbpj3sgEd2q7eYzrBp%2BaWd7ZGOWl5LVGTQcvuYTh12sFjqMiS9SGRtIprs%2FeJdKoQrPFQlFJRTpU0QoOUv5y%2FO4WJ7dTG3dQ3%2FnxLA20BZEMTPFyO68o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6ecb89bf1af18fe6-FRA
content-encoding: br

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 1B0F 236 KB
63 KB 78ms
16ms Script
text/javascript 2a02:26f0:f7::5c7b:e051
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7660565476681256380/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e051 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:33 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Wed, 16 Mar 2022 07:02:33 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/7660565476681256380/ Frame 1B0F 50 KB
7 KB 42ms
42ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7660565476681256380/index.js?1643623552606

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7660565476681256380/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

050104f4133404fdc6fedbaf4f93329faa2bec4ae2a72fc03a802158ee81c074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7660565476681256380/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 09:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 594956
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7422
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 14:31:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 09:31:36 GMT

GET
H2

200

mapid
lg1.logging.admicro.vn/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adqjgml&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adqjgml&ttd_tpi=1
https://lg1.logging.admicro.vn/mapid?src=admttd&uid=674df52f-73e4-45b2-9905-bfb64b7ee98d

35 B
225 B

217ms
216ms

Image
image/gif

123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/mapid?src=admttd&uid=674df52f-73e4-45b2-9905-bfb64b7ee98d
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://lg1.logging.admicro.vn/mapid?src=admttd&uid=674df52f-73e4-45b2-9905-bfb64b7ee98d
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 207

GET
H2 200 mapid
lg1.logging.admicro.vn/ 35 B
225 B 216ms
216ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/mapid?src=admssp&uid=tinhte.vn_774e265a7903b2f677dad103aacd5a10_&m=0
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
content-length: 35
content-type: image/gif

GET
H2 200 ssp
lg1.logging.admicro.vn/ 35 B
467 B 216ms
216ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/ssp?td=0&ec=204&t=mb&oid=sspid_2018950
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
content-length: 35
content-type: image/gif

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F696 1 KB
752 B 40ms
40ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Tue, 15 Mar 2022 13:26:12 GMT
expires: Wed, 16 Mar 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 62481
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 89DB 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4a3bc6e4ac3190d81b7dbaa239f372bf997fbd43b7fb1979b9a20ced137ac46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B6EA 1 KB
752 B 43ms
40ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Tue, 15 Mar 2022 13:26:12 GMT
expires: Wed, 16 Mar 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 62481
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 051C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e056f74a1af444d057bf3f1e09dcfc5d2529307fefbc0f66ecad9509c9f5a4e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adm-tracking.js Show response
adi.admicro.vn/adt/cpc/tvcads/files/js/core/ 2 KB
978 B 237ms
237ms Script
application/javascript 123.30.242.13
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://adi.admicro.vn/adt/cpc/tvcads/files/js/core/adm-tracking.js?v=0.41265228615964866

Requested by

Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/mb_core.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.13 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 249.b924d751680d3099fe227f948bab337a /

Resource Hash

0f0fb4b01ebe72db6ad4251b31d6849c51c5423ec62042a77923c876b0341d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 05 Mar 2022 10:43:27 GMT
server: VCCloud CDN / 249.b924d751680d3099fe227f948bab337a
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 92cdf2a69e890fbcbdf1affdea54190e098e21f97fa007db7244655a0d9ee5a5.jpg
qc-static.coccoc.com/a-images/92c/df2/ Frame CA7E 66 KB
67 KB 3413ms
433ms Image
image/jpeg 123.30.168.3
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qc-static.coccoc.com/a-images/92c/df2/92cdf2a69e890fbcbdf1affdea54190e098e21f97fa007db7244655a0d9ee5a5.jpg
Requested by: Host: qccoccocmedia.vn
URL: https://qccoccocmedia.vn/get_adm?id=1cf562a1-1da8-49f7-af15-3c25938ba3d7&reqid=7196d993-a10b-4e77-b386-ceb5971b5180
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: nginx /
Resource Hash: 92cdf2a69e890fbcbdf1affdea54190e098e21f97fa007db7244655a0d9ee5a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qccoccocmedia.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Wed, 16 Mar 2022 06:47:36 GMT
last-modified: Tue, 01 Mar 2022 03:08:26 GMT
server: nginx
etag: "621d8e2a-10947"
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=25200
accept-ranges: bytes
content-length: 67911
x-cached: HIT
expires: Wed, 16 Mar 2022 13:47:36 GMT

GET
H2 200 event
ssp.qc.coccoc.com/ Frame CA7E 0
43 B 219ms
218ms Image
text/plain 123.30.175.112
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.qc.coccoc.com/event?data=_0prS50vfHtCQgHuUfGZcB6HlyyNwdCrRrtJD7yBT8OdEuADJo9-yIAQQ48H4-GeCiZzSFNa4pxsinNbzZGBatlVyxNhrBpmNeX1Up3ae4MYtWrLlZaHPb3SxG11HzZHYDOb6r1fMk0uJwrgCg8tfK6hOR98QLQ35S0*Qt2KIggq0OqG3fw6H1Pqt00WjU*L58-0I1WfVe*w*iQnuo2cCu7IuobPc7GkDDBlBHnCt*IpMdtfaQHgBuc1XHZr6fuMsmX*Cu9hwZLEaYBfQskmNMRcNF6iIjLr9-SEoiakgdcAH-sLP*S4EgCs13nvn7iGhxZPtdXmTuwhBQC5zy26cEi-mVM1*jJgc-EgwExbvpSBrIiuv-7gQifcZ5HyfIsjkiNn8T0nDkH-hxl5oAREOoUBupPHlpHhLL3MNbjBVcFTFpyePShgqIYaBCBzNnr8o*YJ3IIDFKLDN4pEGke5iw-puMDjRWhLO2gBQ3ublXK2BzCRMzupwKVFfNDDoFhRigDgZnBmlPOvNgTbGkGC4ZBGzcq*Ug7WefbII6UxIVrVkk8aCZU6POlLfFeSwcpApW-y95YGn5zxQ6wtsuV2KgnbzWLZcKyKUuasQJ8o7PppfB0Lv612A3JsOnNxkq9-Dvu7PtQoIu4l1btsav9wZjEBj4W31V74a*KPhkvkCXCVqUt7ktcBqvQr8.&reqid=7196d993-a10b-4e77-b386-ceb5971b5180
Requested by: Host: qccoccocmedia.vn
URL: https://qccoccocmedia.vn/get_adm?id=1cf562a1-1da8-49f7-af15-3c25938ba3d7&reqid=7196d993-a10b-4e77-b386-ceb5971b5180
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.175.112 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: coccoc.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qccoccocmedia.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:33 GMT
content-length: 0
server: nginx

GET
H2 200 show
display.qc.coccoc.com/ Frame CA7E 0
91 B 1236ms
440ms Image
image/gif 123.30.175.43
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://display.qc.coccoc.com/show?show=_0WrW50vdareQwPpoHGezJMzlNhJZWq7AVa9iSktjb0YdVYzziIcZTqiqE0HMnDCu3Kb3IaE4W9QeFcW7mJ*-DKRAzRK9BhPEICgO6TVzXqXe-vFJBwyPmmreZVMwKmqxu41X5h-BFvutFgPmQ6oDPkOFWdZXLXUDscyjYrQAaKrNI8*tHE2Fc08hSWyQM1*lMdPIjTz*RwTAij9dv1FnvF7iBEIJgIroRFg4oIGLl3mzMuliojHOiq33R18urDtUUd-9LXuwZxRe*zEB9iadjLtynm82MhdxqXN*RksmWbjvc-RMLaEVPTe-g0cNoUXkhbRgWIGJN*if7yf9ImYMxMXr1B6CreLWsXVPsgM6T6s7VS4RtmFEo65-tY1bCrY3MVr14ub5wtYPF7pWlwczAL-ks10HdqTMXfDgT4SCTmO1VkQtgI33fBj62lJe2UCoR2*nBViT8x4OfZP-cnBs0EzwrOkbxpAF1ChAmhHgBqmNB2VYqC*L6ZBAxpyncY7*O1iSn5djKNxQ3rp4A1-b8BW0Qf-VqxHlaJPrYgA3J73hxoNjzvYnbrB3F4svHMAaTfsPMKfFZPtGe354z9A0sxlfl8rjyP9mTl3*5GG0M&reqid=7196d993-a10b-4e77-b386-ceb5971b5180
Requested by: Host: qccoccocmedia.vn
URL: https://qccoccocmedia.vn/get_adm?id=1cf562a1-1da8-49f7-af15-3c25938ba3d7&reqid=7196d993-a10b-4e77-b386-ceb5971b5180
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.30.175.43 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: coccoc.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qccoccocmedia.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
cache-control: no-cache
server: nginx
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame CA7E 461 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e64a159c0ffe87b8a2d15ee3891c49c2705a0f898d9adcd865ffbc57163ba46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

passback_300x600.js Show response
static.adsafeprotected.com/ Frame 05DE
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/949432/60827839/skeleton.js?ias_dspID=3&ias_campId=26650973&ias_pubId=pub-4328742155432872&ias_chanId=1&ias_placementId=16184950690&bidurl=https://tinhte.vn/th...
https://static.adsafeprotected.com/passback_300x600.js

3 KB
2 KB

18ms
18ms

Script
application/javascript

2600:9000:225f:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_300x600.js
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:225f:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b542fa63865c7855e651a48910a341dfdd0508ec6f293e1253537b2778e2742

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: kTzCLI3J0Rawp2tFRAwfopfiJxzrNFGH
content-encoding: gzip
etag: W/"439e58c5a30158dbdc47481bb170410a"
age: 210648
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:42 GMT
server: AmazonS3
date: Sun, 13 Mar 2022 20:16:46 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 fdea8c36228dc968e7ca648afb7fdafa.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: cgYk1-YYsUTf340Obr0SPTjplho2c6GUzkfRf5M6-VXq7Vc4mcgkPA==

Redirect headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/passback_300x600.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame E9D9 80 KB
21 KB 19ms
19ms Script
application/javascript 2600:9000:225f:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
content-encoding: gzip
age: 2479770
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 fdea8c36228dc968e7ca648afb7fdafa.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P2
content-type: application/javascript
x-amz-cf-id: zojICbzKPFojtXnzwJd2DxuoziRStJnwGuYQl8AHAVai5tkc-DhYmA==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4F41 42 B
64 B 117ms
70ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVzEh_ifEwWuqvL0n0kc9LzSjZUyODNs_0GBCDOczoaIvizg--l8nGu9y5u1QudHKJupwnhXASaO7jWUKF2caMdwIhZYqS4WTxVRL9azNp8HJyTKQSGQ&sai=AMfl-YRDodpclPdo720iw-Jb1rofANCkfGHMSSj_VWxyfPCWh0rfk_pV0U2YFWEORy19uwAWxpo7PmTjry78z3WAgCZk2UAEEZqyy70JITxtgCYKpE5rkcj7zEJ8n38&sig=Cg0ArKJSzI1iXCEZJ8csEAE&cid=CAASJORoMGaJBVyMoDwsublm2_s-AY0kKKKJ_l3-Pct-30lCAYit8Q&id=lidar2&mcvt=1124&p=254,1046,504,1346&mtos=1124,1124,1124,1124,1124&tos=1124,0,0,0,0&v=20220314&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2492448454&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647413251680&rpt=355&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 TjpYlOcWKM7YNRcoDyE6vgMo6zJPBqbQyyiG91AfIxw.js Show response
pagead2.googlesyndication.com/bg/ Frame EB2E 35 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TjpYlOcWKM7YNRcoDyE6vgMo6zJPBqbQyyiG91AfIxw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e3a5894e71628ced83517280f213abe0328eb324f06a6d0cb2886f7501f231c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 20:53:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13855
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 20:53:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DC0A 1 KB
419 B 101ms
53ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=71770400030503500710612011900025&a=720163e3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 06:19:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Mar 2022 06:47:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Mar 2022 06:47:33 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame DC0A 16 KB
16 KB 34ms
12ms Image
image/png 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=71770400030503500710612011900025&a=720163e3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: df6d923e4ef94af0593fa6fc67c3f269945c259dae8ad1a9843de972aff9a2d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:33 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16248
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame DC0A 16 KB
16 KB 39ms
12ms Image
image/png 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52085/creativesup/affiliate-panini-harry-potter-banner-1200x627.jpg
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=71770400030503500710612011900025&a=720163e3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: b7c6c98c959cfa75a37af0886b1c71f9ab43fe7576939377defeacfeb7719da1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:33 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 15971
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame DC0A 16 KB
16 KB 38ms
12ms Image
image/png 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=71770400030503500710612011900025&a=720163e3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 17527ef4ac81e67813b3299e5a221f1dc6dff9c1bb268289f2b735d425259f30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:33 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16530
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 05DE 43 B
215 B 348ms
102ms Image
image/gif 34.237.61.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949432&asId=4b00390f-7086-fac9-28a0-5e3b9da871d4&tv=%7Bc:70luPU,pingTime:-3,time:870,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:764%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:870,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:764,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B133~0%5D,as:%5B133~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t0dY7o0+11%7C12%7C13%7C141%7C15%7C16%7C171%7C1721%7C173%7C181%7C1821%7C183%7C184%7C185%7C186%7C187%7C191%7C1921%7C193%7C194%7C195%7C196%7C197%7C1a*.949432-60827839%7C1a1%7C1a2%7C1a3%7C1a4%7C1b11%7C1b2%7C1c1%7C1d%7C1e%7C1f,idMap:1a*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.61.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-61-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 05DE 43 B
215 B 346ms
102ms Image
image/gif 34.237.61.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949432&asId=4b00390f-7086-fac9-28a0-5e3b9da871d4&tv=%7Bc:70luPV,pingTime:-6,time:871,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:871,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:764,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B135~0%5D,as:%5B135~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t0dY7o0+11%7C12%7C13%7C141%7C15%7C16%7C171%7C1721%7C173%7C181%7C1821%7C183%7C184%7C185%7C186%7C187%7C191%7C1921%7C193%7C194%7C195%7C196%7C197%7C1a*.949432-60827839%7C1a1%7C1a2%7C1a3%7C1a4%7C1b11%7C1b2%7C1c1%7C1d%7C1e%7C1f,idMap:1a*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:tinhte.vn*&br=c
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.61.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-61-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 css
fonts.googleapis.com/ Frame 9560 1 KB
419 B 74ms
46ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=72482400022588400710612011900012&a=56e326cb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 05:08:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Mar 2022 06:47:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Mar 2022 06:47:33 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 9560 16 KB
16 KB 40ms
12ms Image
image/png 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=72482400022588400710612011900012&a=56e326cb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: df6d923e4ef94af0593fa6fc67c3f269945c259dae8ad1a9843de972aff9a2d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:33 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16248
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 9560 15 KB
15 KB 40ms
14ms Image
image/png 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52113/creativesup/TRG-star-wars-marvel-comics-panini-banner-1200x627.jpg
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=72482400022588400710612011900012&a=56e326cb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a10a30fe77c1783f28469cc79ebf3ed5ec719650e3cb5674967e3ea419107547

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:33 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 15275
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 9560 16 KB
16 KB 40ms
15ms Image
image/png 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=72482400022588400710612011900012&a=56e326cb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 17527ef4ac81e67813b3299e5a221f1dc6dff9c1bb268289f2b735d425259f30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:33 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16530
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 05DE 42 B
64 B 69ms
69ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMVPJ-OoofLE_Xs6sOe8B2mhm6Y3NlIyQNiqARAMC_oCmAzaeyEk_-dqhxbYb_E4FehdwwLuqIqfMxfrYzW7dYPbitk9_DP58xzBcSeuk3YvmEuR2kdg&sai=AMfl-YTE5dUuhS17LOWGBNvFd_dlpp1OjaEoohaQ0q4hhUrWPKLzJLEiaEKx7vv3VVGG-TZ0gH5ICqOMfqjreqVH3gIaEv0YT_Zoj_rhcdukS9lfsMPjWhA1H1v_Rw0&sig=Cg0ArKJSzAk8p_Nb07JJEAE&cid=CAASJORotL_EHzQYBP6l8bKN7Zcrn-QOiOBKzaZsahSIksGyFprZBw&id=lidar2&mcvt=1076&p=620,1046,1220,1346&mtos=377,1076,1076,1076,1076&tos=377,699,0,0,0&v=20220314&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2661219764&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647413251809&rpt=345&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 postscribe.min.js Show response
adi.admicro.vn/adt/banners/nam2015/3043/postscribe/ 17 KB
6 KB 220ms
219ms Script
application/javascript 123.30.242.13
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://adi.admicro.vn/adt/banners/nam2015/3043/postscribe/postscribe.min.js

Requested by

Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/mb_core.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.13 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 249.cad9e3e113f388d558f485d40a589553 /

Resource Hash

c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Oct 2021 04:29:28 GMT
server: VCCloud CDN / 249.cad9e3e113f388d558f485d40a589553
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 05DE 43 B
216 B 277ms
101ms Image
image/gif 34.237.61.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949432&asId=4b00390f-7086-fac9-28a0-5e3b9da871d4&tv=%7Bc:70luR3,pingTime:-2,time:941,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:571,beZ:572,mfA:1305,cmA:1306,inA:1306,inZ:1310,prA:1310,prZ:1331,si:1336,poA:1337,poZ:1351,cmZ:1351,mfZ:1351,loA:1442,loZ:1444,ltA:1511,ltZ:1511%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:764%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:941,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:764,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B204~0%5D,as:%5B204~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t0dY7o0+11%7C12%7C13%7C141%7C15%7C16%7C171%7C1721%7C173%7C181%7C1821%7C183%7C184%7C185%7C186%7C187%7C191%7C1921%7C193%7C194%7C195%7C196%7C197%7C1a*.949432-60827839%7C1a1%7C1a2%7C1a3%7C1a4%7C1b11%7C1b2%7C1c1%7C1d%7C1e%7C1f,idMap:1a*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,sinceFw:174,readyFired:true%7D&br=c
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.61.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-61-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame E137 82 KB
32 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

91908bea2f90521f73741cb769af1e3f96455e4f92a5a053bfba21c697269bf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32656
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 16 Mar 2022 06:47:33 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame FBCC 82 KB
32 KB 72ms
71ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

91908bea2f90521f73741cb769af1e3f96455e4f92a5a053bfba21c697269bf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32656
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 16 Mar 2022 06:47:33 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2090 0
22 B 73ms
72ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BySWnA4gxYunhDs2dgQfhyJpoAAAAADgB4AQC&bg=!jY6ljsrNAAZgliNcYJY7ACkAdvg8WjsqGeDFNR3jmxdZ3AMyaxBUuIPynntJdaYG2693WqCbFNErvQIAAARZUgAAAAFoAQeZAyNr_bkJF3ZqctCEt3mNnDm67T6STgLOIaVCCwE061XoHpFmkY-cXxJdfcBYFeJHs9y5SANdsep290cKdwAT5me_4XDtJkA5-U22AedERwdI2oXqksMITFhJ9lRKruHATjq_cPEzwC7Jr-LxI-7_7khyjj2-VZdUgKmCRPDyJLzZavTk8rglOQQUHLlm4ACcrbuQ6XZffDFFWD0MMf5MLidSOlNDbUEbV_6tvLtIuFRmHDDnkU7oljPw_zH70D5MVfGcisl9GRQF5Amih-NGl24wm6RD5FPyNIY-mVCv0e9aMYxoNtC-iVBkGo8u8GvvgBk2eqxh3HSYAn3LQI_pppa_W12x9wNphZEqGdZTG8pw8K1J6OC0QAyRvSiaYg27OeD3bWRZ94FtAw2O4pTquTEZFLL3u-dFhlovtd8iWynPvRL2_Mz-zrG3X_WrIINn8UpHlqlihAV0MoN7Z3tnGoTHbcB6IxMUDK6X2u2MgHdM7lYnvf199JDJTP0m_ZCYhTV0jgXtzIsToGmjIr65s4dhk9ejoKjUInPb4jcQ5D-rLvoYFFTFCALaz0qFtMHZKu3lXuYKFvDn6qxYQco2prASAfGmcvYmzHGiFwAZRmSZV3Y12ar_VIMX6FMwp5SQqgFILdoGVYdg27nS5XfvGXLzjUm9A9UCr-OgSwpHUX9Rd_66SWEvJ69G7la_chG7MEAHAa5Q_qs1iGVJAwlkkRLJMUS86cmfx04-5F6UKIpjoawyOpHm7_khJJEhQbHODtEAebAzcCTEt7s1bPUT2OIFy9-bAFndQTIZbxLIYZMeV-I_Zh0P6DlTLOZ0oiaTBR6wqO9b6409pOPE_loamH8YFJk4IxOHzd4kvms48bMJ7J9X3V2zeMSdszYRq3FjtbyMwZQH_nTIvfj-Qf12wTNopvs3outsG0d2FEGgUZOGYsjRs0EQTuRmr9r-2PfDFQEVlFFm6ukDxa4-4MtmDpnhkyF7RlGcFXIC_MKCRnKzFLHPeqtIXUpB3PVm_875EZVkH5AAg9QyGPl4c8DQiRrg_aevDS10kizvwWQdfZ2RMAsW4Q

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CLuz_c2EyvYCFTFFHQkdJaUNLQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8513424182466.683
adservice.google.com/ddm/fls/z/ Frame 58A7 42 B
63 B 73ms
72ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLuz_c2EyvYCFTFFHQkdJaUNLQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8513424182466.683

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLuz_c2EyvYCFTFFHQkdJaUNLQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8513424182466.683?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CPK1_c2EyvYCFa1FHQkdMcIBiQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5344401744805.531
adservice.google.com/ddm/fls/z/ Frame 58BF 42 B
63 B 72ms
71ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPK1_c2EyvYCFa1FHQkdMcIBiQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5344401744805.531

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPK1_c2EyvYCFa1FHQkdMcIBiQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5344401744805.531?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F696
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKnxvEJ8FtDiM-VA1mW13Gg&google_cver=1&google_push=AYg5qPI4MdwywQm9vpxk7cm5fVO8SNPWOYqZ5FkeTyFcXZcrV8o85JZbLI...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI4MdwywQm9vpxk7cm5fVO8SNPWOYqZ5FkeTyFcXZcrV8o85JZbLI91W2f3N8Kaw19sG5wT0OFtaQDU_kez0hhZz94vduT8&google_hm=sPSXW8dUTcOf...

170 B
188 B

55ms
52ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI4MdwywQm9vpxk7cm5fVO8SNPWOYqZ5FkeTyFcXZcrV8o85JZbLI91W2f3N8Kaw19sG5wT0OFtaQDU_kez0hhZz94vduT8&google_hm=sPSXW8dUTcOfp6QejnxeRw

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI4MdwywQm9vpxk7cm5fVO8SNPWOYqZ5FkeTyFcXZcrV8o85JZbLI91W2f3N8Kaw19sG5wT0OFtaQDU_kez0hhZz94vduT8&google_hm=sPSXW8dUTcOfp6QejnxeRw
pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F696
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPI38x-x...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMTYwNjQ3MzEwMDAxMzMyNzY2MjY2Mw%3D%3D&google_push=AYg5qPI38x-x6BPbkCDqIxHLVpQ9z6He_x8uVjTn7Mk8dfS0P0ZRTK-F0tpjOp4l2zUkzk...

170 B
188 B

52ms
51ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMTYwNjQ3MzEwMDAxMzMyNzY2MjY2Mw%3D%3D&google_push=AYg5qPI38x-x6BPbkCDqIxHLVpQ9z6He_x8uVjTn7Mk8dfS0P0ZRTK-F0tpjOp4l2zUkzkRtQITFMpG3zw7Y3KF694fAHFK41-gD

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMTYwNjQ3MzEwMDAxMzMyNzY2MjY2Mw%3D%3D&google_push=AYg5qPI38x-x6BPbkCDqIxHLVpQ9z6He_x8uVjTn7Mk8dfS0P0ZRTK-F0tpjOp4l2zUkzkRtQITFMpG3zw7Y3KF694fAHFK41-gD
pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Wed, 16 Mar 2022 06:47:33 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame F696 43 B
64 B 29ms
25ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEF14d40uxADgBJTWbbOPBSs&google_cver=1&google_push=AYg5qPKKuqIDkbD6dxlSmWJl40S2Qcbw4_lIY1cdxcNdG3P0nys0VAOOz-8nK76ygynS6ubLyPQ304CHUvWruXC4YX6e7PfF8p4
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: uaj8em4f3916bnd9saj707gi9j9gjf4n

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F696
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

58ms
57ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPITacn5zjMZtNpONjiW1C5ZZrmpveK1jx84L4yGC-IgxeXuNuHgr-sk30PK8h3sEWmaVVkG2koEUTout0Vix08e176y1_wE

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPITacn5zjMZtNpONjiW1C5ZZrmpveK1jx84L4yGC-IgxeXuNuHgr-sk30PK8h3sEWmaVVkG2koEUTout0Vix08e176y1_wE
date: Wed, 16 Mar 2022 06:47:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F696
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA5WN69DkXgkope8Ki-glkI&google_cver=1&google_push=AYg5qPIrd6LOxzNaKt8ETo-1OPRKQYD9Xd-LLmXUprrUFGOPEReJ7bn_rQdZiBgbZcCZYkgvtEp...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBUN0JET0MtVi1GVlc3&google_push=AYg5qPIrd6LOxzNaKt8ETo-1OPRKQYD9Xd-LLmXUprrUFGOPEReJ7bn_rQdZiBgbZcCZYkgvtEpXfsRxmdoI36oTo5HjJfWGZg9p

170 B
188 B

56ms
53ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBUN0JET0MtVi1GVlc3&google_push=AYg5qPIrd6LOxzNaKt8ETo-1OPRKQYD9Xd-LLmXUprrUFGOPEReJ7bn_rQdZiBgbZcCZYkgvtEpXfsRxmdoI36oTo5HjJfWGZg9p

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBUN0JET0MtVi1GVlc3&google_push=AYg5qPIrd6LOxzNaKt8ETo-1OPRKQYD9Xd-LLmXUprrUFGOPEReJ7bn_rQdZiBgbZcCZYkgvtEpXfsRxmdoI36oTo5HjJfWGZg9p
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame F696
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhR...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F696
Redirect Chain

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMa2SJ9Puev5L0dsrxNy5EU&google_cver=1&google_push=AYg5qPJBCJP7yA0EwjfG3YndakQa8LWByi-Wtt4gOkNER1xGm52l5cl6ym7fpMYpvLgO2MifitZec68n2SVm2nUhz1SgPz4...
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPJBCJP7yA0EwjfG3YndakQa8LWByi-Wtt4gOkNER1xGm52l5cl6ym7fpMYpvLgO2MifitZec68n2SVm2nUhz1SgPz4W4Wg&google_hm=XSh_YfA4RGmvPveLS...

170 B
188 B

55ms
55ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPJBCJP7yA0EwjfG3YndakQa8LWByi-Wtt4gOkNER1xGm52l5cl6ym7fpMYpvLgO2MifitZec68n2SVm2nUhz1SgPz4W4Wg&google_hm=XSh_YfA4RGmvPveLSidiLw

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPJBCJP7yA0EwjfG3YndakQa8LWByi-Wtt4gOkNER1xGm52l5cl6ym7fpMYpvLgO2MifitZec68n2SVm2nUhz1SgPz4W4Wg&google_hm=XSh_YfA4RGmvPveLSidiLw
pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
cache-control: no-cache
content-length: 0
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F696 0
12 B 48ms
47ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LX74TVusVu4y22cjFk90XPtNbEl5ij2GmP8euhlwwDoqqmx3CBVrWhTUn3fLW4hara1DFw

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index_atlas_1.png
s0.2mdn.net/sadbundle/7660565476681256380/images/ Frame 1B0F 356 KB
356 KB 45ms
41ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7660565476681256380/images/index_atlas_1.png?1643623552569

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98d199db60e8345aff777954a118cb8a2952043a6208dece67f848c73390a5ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7660565476681256380/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 21:05:54 GMT
x-content-type-options: nosniff
age: 121299
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 364582
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 14:31:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 14 Mar 2023 21:05:54 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 05DE 0
23 B 27ms
26ms Ping
image/gif 142.250.179.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvutske4gMYDp5WWonsTcjMU_WTdtcqqfdGyVQY1d_Ge8IL-zisHjhzKV52bI7KosqmQdoJNpbzrOVQt9E39mcZT6r-at6BbWrhTarmEczSw83Gwsi2uB14l0XVAR9VIWBTv-yAaKcBuvVzr1PvrOxQr3KpWPshxUg8lZm1QjPu9uxMGrFxWngs2zZdbXCQnGWiWBHynQUvLg122oZZ-bR8DpSxgGPxWK3vJPlpdEslglsYqqKiqPhXzWybdRocGC2FHvbYIh8NZd3F20XyTUT9aHXOxgVlaw6tMKGrY0YIDXExgFP8uZ2iaznqUXoBzTdQXl91E_5hyM9gmMVXGPsWqY8JgEsr3W2KHmkLcCqOV0YPvvqJAUOsAkF6_lnl8d3dliy8vOO5NfW6UXUHSUWj4IRHSOZx9T7TfdW5uuqsxPTVHGMx7tOMf_lMc7pEPCXTyudv94Q8v3Z2kfqTKRmeAZTTxpWAwObu_fxXKmvYs5YxABKmbKvCw2vPzfbeZLNM4srrykasdJ1XKloY_xfkZLvuux5Bo3iKMrG2Henfu7BqoNiWmqP7PLCSC7Cf14nxjy3tGlys1d5DdD-JYjlCB0d2MYK1EuGRE6147NwTTiS8kNm-r_4IRhncKKX9mHeiNSnx1Nv8f0IATVjBY7RqC8AU5egem38cPTH4VuArfLfuZOIoOfOrt22L8mClhKRvaZl0DVoKF0ieLaKRCC2qDkFHz-10-yvVncpq1qYqGjgzhiQbHFz4gFMR04gg8wBiMRpYD8bdUu7ZQo4AMYECWNb2RGXzq6GObfoNyRTCaGopS6HfsxjSvojPdwSZhjd-_OtlWzwmYIJycwi4-BI2J6Jqa1qeXKvoN9Sh44X5En8r8jyoK01YYWHi5HRe0r3l3UD09gZazn5BMvY-p9pJZY41CcZXOQqIHpR_h1nv7LuuK3VM8BnEqH3hVLBGwSyHNLRrAkP1iv4ljjkeg2W1zJkuWpvSYwcxdOkmQC7WVwdJkggUjWsmNhXZXemWtrFaQTJbCiaQ7Vxg3iMbCETby92KhZFi2hK5uuqRml6pdqmmi0Mxkk28JDkGgutdMIlb2cj8xmhJdxuJrzV3x68e-HYGWkqh6dI4G0pBugSiSObhz0XSU0rnellrcPkDzRI5qDvzxonC4oumdL4&sai=AMfl-YSMB5CqOXYIxV4zgR9Yh6vpWLZ0RukzIpT227a2nEHRFND7PEgOLS3MQI_9jPVvf1armEg1sAH6TV5s8uPlkQIxccnjqXzIHIXxS8qNgZDNZjH4JyBHG8lDd71SzD-hNYTBRuImyvXgU-xGM09x_PTD9ujkCsq2RD0A6IEVCNXQXTUEjAwzc3ob4Rjm00aXEYRtLLh3qXaCx4CQR7Ljiw&sig=Cg0ArKJSzD8ChEon_upCEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1333&vt=11&dtpt=1020&dett=3&cstd=309&cisv=r20220314.19438&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams17s10-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 06:47:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 89DB 51 KB
51 KB 48ms
7ms Script
application/javascript 18.66.97.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3432265&wgcampaignid=99582&js=1&nw=1&viewref=71770400030503500710612011900025
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 6867
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Wed, 16 Mar 2022 04:53:06 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: qfcrXNZippYjrE0nL--FSXlNGANWhoZ4PmjAM1CDQhrolUA3786emg==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 89DB 667 B
1 KB 69ms
26ms Image
image/jpeg 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=87782100024086600951393011900003&wglinkid=3432265
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 9ea21905a7edfa4ceda705f977891d5e100f9709318836cfacbab47ad3321ff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 06:47:33 GMT
Last-Modified: Wed, 16 Mar 2022 06:47:33 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/jpeg
Content-Length: 667
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 051C 51 KB
51 KB 59ms
19ms Script
application/javascript 18.66.97.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=72482400022588400710612011900012&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 6867
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Wed, 16 Mar 2022 04:53:06 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: Wgz0q7k1jI76autd-UT5WErbxPSuSa3FKXabUb2vQrz-CgG29VDILg==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 051C 3 KB
3 KB 70ms
26ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=64571700022322200710680011900005&wglinkid=2513145
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 06:47:33 GMT
Last-Modified: Wed, 16 Mar 2022 06:47:33 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Content-Length: 2808
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 051C 667 B
1 KB 69ms
25ms Image
image/jpeg 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=51170800023344800710744011900002&wglinkid=3432245
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 9ea21905a7edfa4ceda705f977891d5e100f9709318836cfacbab47ad3321ff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 06:47:33 GMT
Last-Modified: Wed, 16 Mar 2022 06:47:33 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/jpeg
Content-Length: 667
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B6EA
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKnxvEJ8FtDiM-VA1mW13Gg&google_cver=1&google_push=AYg5qPI4y6KNXZLfmQh9Hfh0uuGjXUz0NAgZ80-vOMPzeQlbkx6qH6-IWX...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI4y6KNXZLfmQh9Hfh0uuGjXUz0NAgZ80-vOMPzeQlbkx6qH6-IWXBTOhs9bbTzWqMOy9QGSVnuq6f9u-zN2p7O1MZyAFo&google_hm=sPSXW8dUTcOfp...

170 B
188 B

55ms
54ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI4y6KNXZLfmQh9Hfh0uuGjXUz0NAgZ80-vOMPzeQlbkx6qH6-IWXBTOhs9bbTzWqMOy9QGSVnuq6f9u-zN2p7O1MZyAFo&google_hm=sPSXW8dUTcOfp6QejnxeRw

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI4y6KNXZLfmQh9Hfh0uuGjXUz0NAgZ80-vOMPzeQlbkx6qH6-IWXBTOhs9bbTzWqMOy9QGSVnuq6f9u-zN2p7O1MZyAFo&google_hm=sPSXW8dUTcOfp6QejnxeRw
pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 466606.gif
id.rlcdn.com/ Frame B6EA 42 B
318 B 25ms
24ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPI6GYCAeZHZ05GO9KgKac1X6mF8fmjXFXIUSiIRfWthAWXK0da5pBacJd-xRHZdBK32L-5vHrUK9ED4AM7w2ZyUqmoyTq4&google_gid=CAESEOP-Mfm8mFbX6dJNXhfGgrQ&google_cver=1
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 06:47:33 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B6EA
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKUgom3...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMTYwNjQ3MzEwMDAxMzMyNzY2MjY2Mw%3D%3D&google_push=AYg5qPKUgom3B2nwM7y6-TW2aHviAUyKjrNH3lRPbhK9QLTbwaRer6BhKObTfd-zTh4rGZ...

170 B
188 B

75ms
74ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMTYwNjQ3MzEwMDAxMzMyNzY2MjY2Mw%3D%3D&google_push=AYg5qPKUgom3B2nwM7y6-TW2aHviAUyKjrNH3lRPbhK9QLTbwaRer6BhKObTfd-zTh4rGZyQ6JEDa4adFcQ5n9u2ttiT4OjqHis

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMTYwNjQ3MzEwMDAxMzMyNzY2MjY2Mw%3D%3D&google_push=AYg5qPKUgom3B2nwM7y6-TW2aHviAUyKjrNH3lRPbhK9QLTbwaRer6BhKObTfd-zTh4rGZyQ6JEDa4adFcQ5n9u2ttiT4OjqHis
pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Wed, 16 Mar 2022 06:47:33 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame B6EA 43 B
64 B 28ms
27ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEF14d40uxADgBJTWbbOPBSs&google_cver=1&google_push=AYg5qPLzOvyfMnGDZ-7Ty9VRmfoq6lXkpsumdsu3I64UdmtvpyTwc51W-Su9jldLYVR4KYEgAFQ1jvxiBZrN7WIY8EEceN24Zxc
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:32 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 2bhlc2e08cga6088sok71od0mhouhkq0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B6EA
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

56ms
56ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLixTHFJh3syr-dXe5bm8xQsIJm6rb3gQprhD6kReCYlB4K7BqGt9b1gPo1c-O-FvzLt-fq25bD5syLgM4NmYEfe9Zjv9M

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLixTHFJh3syr-dXe5bm8xQsIJm6rb3gQprhD6kReCYlB4K7BqGt9b1gPo1c-O-FvzLt-fq25bD5syLgM4NmYEfe9Zjv9M
date: Wed, 16 Mar 2022 06:47:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B6EA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA5WN69DkXgkope8Ki-glkI&google_cver=1&google_push=AYg5qPK6QsYb7IFULPnDX-RW2JV_12W8A1uIoO1qwIbRaSmbIPGBm16Top7lwxvAMXQ25Mg8TjU...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBUN0JEUEctUi1EWFpa&google_push=AYg5qPK6QsYb7IFULPnDX-RW2JV_12W8A1uIoO1qwIbRaSmbIPGBm16Top7lwxvAMXQ25Mg8TjUjERTP6_vX7Xt05uIwO_VtioA

170 B
188 B

51ms
50ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBUN0JEUEctUi1EWFpa&google_push=AYg5qPK6QsYb7IFULPnDX-RW2JV_12W8A1uIoO1qwIbRaSmbIPGBm16Top7lwxvAMXQ25Mg8TjUjERTP6_vX7Xt05uIwO_VtioA

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBUN0JEUEctUi1EWFpa&google_push=AYg5qPK6QsYb7IFULPnDX-RW2JV_12W8A1uIoO1qwIbRaSmbIPGBm16Top7lwxvAMXQ25Mg8TjUjERTP6_vX7Xt05uIwO_VtioA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame B6EA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B6EA 0
12 B 52ms
52ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JUe5YxGHEttl1K2LAs789v27ygTLr2DAcxZLVMvhiLVsdeNkIQVvOKJUXstXfbnWf_6P0L

Requested by

Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 89DB 3 KB
3 KB 77ms
27ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=74517900021673400951435011900012&wglinkid=2513145
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 06:47:33 GMT
Last-Modified: Wed, 16 Mar 2022 06:47:33 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Content-Length: 2808
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900012.redintelligence.net/ Frame 9560 0
150 B 43ms
12ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/viewability?s=72482400022588400710612011900012&a=cb648a08&vb=m
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=72482400022588400710612011900012&a=56e326cb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/request_content.php?s=72482400022588400710612011900012&a=56e326cb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:33 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 IAS_PassbackAds_300x600.png
static.adsafeprotected.com/ Frame 05DE 34 KB
34 KB 25ms
25ms Image
image/png 2600:9000:225f:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_300x600.png
Requested by: Host: 6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
URL: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e503fe67eef6d53b7297abd5062e4db7a6b381eaa7d4ac4f8c53a9bb08e248c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: tQgHbMfZoUlj3hcvrSYdqixcUVtCIeBK
via: 1.1 fdea8c36228dc968e7ca648afb7fdafa.cloudfront.net (CloudFront)
etag: "26e2b461771f6fb855141aa77c859584"
age: 36631
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 34357
last-modified: Fri, 18 Feb 2022 23:29:00 GMT
server: AmazonS3
date: Tue, 15 Mar 2022 20:37:04 GMT
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
x-amz-cf-id: 2wABwxU22r5ewhfFsuwnfBNsd0MHD6uZ_tzqVwKlAZplX3wwsx3qqw==

GET
H/1.1 200
OK viewability Show response
hal900025.redintelligence.net/ Frame DC0A 0
150 B 42ms
13ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/viewability?s=71770400030503500710612011900025&a=c566d90c&vb=m
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=71770400030503500710612011900025&a=720163e3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/request_content.php?s=71770400030503500710612011900025&a=720163e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:33 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H3 200 rs Show response
ad4m.at/ Frame FC69 2 KB
2 KB 37ms
37ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45938bf50a75bc2a012afbd642eea832c2b933114d546ceb4a505c8d062fc551

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6ecb89c2fcfa9277-FRA
date: Wed, 16 Mar 2022 06:47:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3A3TYJGG6BOjsqJDvQPEgEW%2B3U2TzjcuvIQPNhSqN%2FGs%2FGANxhUI68Isz8bEcrA1yQCES4rtoa5H2fh7HGCXwnyQANjD5HOl7vFswv0lAXbTK8Rt9SMdVGg8PSisV7SFKt2Vo7M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-bjhb

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 60ms
42ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 16 Mar 2022 06:47:33 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-bjhb
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rISeMrQfOubLnf86FqhmAdTx68RXLgDmnBShsQEmjbDtBr14DDr211eANvugYVPdyYqNqXwt4zpTx6Hl%2BIgLsrfCyCzrjWGnFmKo5n%2FB%2BryQ7%2FY%2BFcjllhzyvHfKj28pvtnJDlA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ecb89c2acac9277-FRA

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 79CF 0
22 B 64ms
62ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BS7yDA4gxYtz6M-LP7_UP56CRsAoAAAAAOAHgBAI&bg=!qaqlqu7NAAZgliNcYJY7ACkAdvg8WjEobhUIvVCFU1zokwIOmER5RCEgg-XtPqGMJD-OKyMpX83wwgIAAARIUgAAAAJoAQeZAw8MDyd-RK66eYDy923B41-iOU-NWpVpKL_sxk1hUOM_WkeMNGp-nOm-ljgSQMt9U-PAWRQsDKzrlGEZKGYRpxusX-G1efK76-HjQGh70Ppvr2tyGEgmWnWTtoIB2fG_URoYa90Zik9jz2-7HWodQi_HIi-CARhUq8KVAqVt1Y-TjgMXga92xKhYfwQJYstjKrlTZaIWus7zSdhMosul3hAZ_aN1EF6m6an6raFTR7Jdi_UcFJplmPjnPCTy5rKuRJLAnucmb3YFuJtkii3ZKDP9ECTNZSBlE5HISKmbipGn6FKjSQBFNpIfA1UU334JyZOa1Ihqqy5hj484k8jSffzDon7AHgcajHwlfjTqCywmmLJtJTtFm22-fWQm9dFHMk93zf0y1McTU2ZEEMZsMzgy34zGgj-IYbu0VOuJoSgZ9VWBc1MBHDN72thhJe0Wl-20Tbq2C0N5AVj5rWJm8qK-ItSCziqRhSaHZedHudQz_OEBviIhmW7hAqimW4QZcuFQ21XRNR-T5kKLf6-Eb7q-eOgdCn-ulH8TYMNUwuw5lvWMB5tdLQ5KjcHgtf3s8chXt5HbiPlyFCQFP7Qhq-_1sat5HnVmuYdCq8001vEcuanSvzqpU7MdZRMAxGcEtQsIxJClTLHk_Z5VRswEIWqSHvz9CaxaonfpgBtRjzKNRJId6n95phWx5nq-G1cLZTcAAOpiCFDy62aGx7x0TJg_c2ffR2Aw4M22CvYel_XG2q3eHae08qNGAf5Pl9ASeR7SNSkl2L1J7lkMc2HMATYkv7Ht4wg1yvw3s0X179cLDJyr6oKYP0qfAPBHt610UR5jRBiDtvmL9UYI3dcAjiCam8sRc4zmJvFT_0Qzy4O9evX_AFbWSVED4rWirWMyRBbwLeAVoTUkWivgb8ERpdMh_RedWon8EJPmK3ELmCyBe2l7OqH7aG8g6oqiMSAjOOrEdo2rcKNiknW8BxyHF0ydUwJLpYq34gdQJNVTa2hq2rgcGf2CeO4M1hifLZAI8RN5qlBK2WhGutwJlRhRFbU

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 47A3 0
22 B 63ms
63ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJjvdA4gxYunFMvPH7_UPp_-N2AsAAAAAOAHgBAI&bg=!UFOlUxfNAAZgliNcYJY7ACkAdvg8Wm_8TaVsChuWc8-Ee2dk__gtZqKzpvLUlGBPk0z_OLI0-5u6SAIAAAR4UgAAAAJoAQeZAxnxa9E1wFFtecuwoZ25aG8ipbqjQJr2zEPGHU6bpZB8kcwUom4LF45J0LiDWIrtZKcrcTq9b27KWGx5SoGMCqwb6TeoyhJAPI8gm3zJDulSOb1uxH6aPDFHTHiw9A8ohEDbdSb76QcJlJL-HmLC8G3bbVwaUuaXRKM7miSfM8y6oCwpWVFf6Po0ZMOEqFxEehAQN5XUBTO5q4xFeheO0pN2MzX8BB8zAvjW4Ezfudx0RSjqYjzGobOkE7Q8XHVWdIV72nUwKyirLjU768f8fGoM4PUu7xXAp2Dk117PR4Dg4vr5zQnwZU2JK2ht-zOADNMyXNNcpYrUV6pIIxA13yVOhxO-oaMRS9hENXpJDBjId_vBtdnaOwXVZXCQg3bYBCaOupTGnjh8zeHzB6S7sBuERZRiNwv4b3Ul6Zl1i3BtxQAgR-ZMQoNhBn9BvAq8aeyE6boBB5QoY__WVepRDzSACJdsom9dzaScoVjd7sxr7-y_YxNsX_SVfHD9nTtPwd8_ursu6Dx0QDLPLJZrg3oA6OT6HA-96OuNACa0f6U5yIpZWJ1CF8-mY1ZVBjUi6WbqduGJrxkqyedLlAL7I1mN6QQdrFeDWk-eyvhIvzmEw0aA427lZf_nIaAQIdC-Z_Cu3v4Aab2RnnPbyg-2tk2IQAqyVCq3LlZaOYkhfNZQ2kuXI-UGEPY-fSWrnp2HgJLREG3DVcrhTZ041l50V1Voa1J4hzivXhdlRHAxWrrQkmucCri7BRrxXnvTZH_x1uENvH2Q40pGbEBRtAt8P683AcHUk6v5o9UpkE3XYEW_mFu-Ra8PG5EV0SbcO1PUFLR6ZUsfZ7SV58j67VdZo9s7onRatJLbdAZQbFYxVK9l9DMyZLLehLPDbofCeXE8c19XRWBmewIJj6rrWslDLzMNeQHUImucIhCBVnjy9QhxL7v8QA0-LYnpgUo6bAADFaUTCaxkZVWqWkGDiE5r3hZkps23crJP_nFXhqbqPuhydiZsDWwgDKegIyqeXV86pmESNjFWkxie2ehATFXySOsRwwnqi2ecGgnP

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 7F5E 7 KB
4 KB 21ms
21ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nci&g=1fe6412b04a1dc712599cadd0e1a0767%2F13841441758141254669&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647413253606&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4v1gpmh9gsjsvqvrt9y71cr1t8cafmvxyefb1sfvp307sv3dcnn8r37fee9sp1swst6cdh8ksabk6cdw6wd1afk2hy9ks78zcnj9f31nt30dt7fc5wyv3a0t2e8xfk41jeq91h3gh8v4vpqg8z1herpwztk9kfg5saen1yc8ft5jatt34jpxsakhtzfyqebdbg2srv6rwss97t9ze23dk216998c6thfaa0m8gyab6gch4c4mvx7f8bxse8arv80m9p5dp9br3ptn4tr1g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXacxA4gxYuP1DpvsgAeopaL4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAcKu6N0DyAEJqQLPqCIQ6WWyPuACAKgDAaoEwwJP0LnDUMkBButJEIziMmtI9j0MaDv0ydqzGytlJftagq1nUv8uC8cmcTieyUwE9BIHLOR8EXThZ4zQPXfJM37uxW793_Z--eX1Yhg8Y3MelQIEoQG_AZS46u2PNXUVTkKUmrdSMRDbpsB9KgV94YrXKCcN9cRwD_xlmXz2TotbckSRdccUD33RUK3WaZQlGMct1xYDaU-FsQx6Uxt-CmAqmjIci7SNZM-GN2Ha4grJeaad15V42EmsTNanUzIQ3rmsIQfw7o08CG2qPjRqnSMEAXS3RQbQf9RRmdy5p2D3oKvzkrZvyc9upwUVjbk8atEkBhJe3hSxEGKB6dk9MTyE4cmGbLVjnoryTDL2cb-LAHYy6SVpsLDWPaguA_V2C4KolwUO7MbmKq9BBeWKA1IIq6xAuAxSXlOCjl1yV8lD3mg75OAEAYAGgoaOsvyw2Zb6AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3dbWuYYFUIAxeuhUr_3DwOC57jYg%252526client%25253Dca-pub-4328742155432872%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc1d01deec9eacf15c44dd2aa1f5b5547ac0438ec1fc23ee12abe91e6cbc8088

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1km6rgykhkz0a6fy8tr7zj6na2h9fv7h58xb7krkazxtenpdewmx516vwabmv3e8hjm57f2dwbmebmwqfs98n8k3vj1fbe8nwdfged0stnw11sgpnbj6gtdvfda9vg2z89nj53f7vw2vxc3wqtmym5pmp36s2js1953yap94d3tax9s7rx2bg54j7ra9jw3ahnjzpk2k12gj1kte7hm2zpbjetxndxhf6n5qjqfpww908st6616zg35ay55mh8vhx27q6dcrqhzpg3w3454bv1ktch4ehzmdv6rgn7ffk89a145qbn1638h7kz3b5ap9e1wj7j63kcags97tjz6n7wypa3bb58svgzr2tdm9hyjrg706k52sed30b3peyvr57vcr70wznfwvq0p5bgx4b5pmjax62pq9d7x9x5g680sfjht8vdd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXacxA4gxYuP1DpvsgAeopaL4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAcKu6N0DyAEJqQLPqCIQ6WWyPuACAKgDAaoEwwJP0LnDUMkBButJEIziMmtI9j0MaDv0ydqzGytlJftagq1nUv8uC8cmcTieyUwE9BIHLOR8EXThZ4zQPXfJM37uxW793_Z--eX1Yhg8Y3MelQIEoQG_AZS46u2PNXUVTkKUmrdSMRDbpsB9KgV94YrXKCcN9cRwD_xlmXz2TotbckSRdccUD33RUK3WaZQlGMct1xYDaU-FsQx6Uxt-CmAqmjIci7SNZM-GN2Ha4grJeaad15V42EmsTNanUzIQ3rmsIQfw7o08CG2qPjRqnSMEAXS3RQbQf9RRmdy5p2D3oKvzkrZvyc9upwUVjbk8atEkBhJe3hSxEGKB6dk9MTyE4cmGbLVjnoryTDL2cb-LAHYy6SVpsLDWPaguA_V2C4KolwUO7MbmKq9BBeWKA1IIq6xAuAxSXlOCjl1yV8lD3mg75OAEAYAGgoaOsvyw2Zb6AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3dbWuYYFUIAxeuhUr_3DwOC57jYg%26client%3Dca-pub-4328742155432872%26adurl%3D

Response headers

date: Wed, 16 Mar 2022 06:47:33 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ecb89c429998fe6-FRA
content-encoding: br

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 46ms
45ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tinhte.vn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 06:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 48ms
47ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tinhte.vn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 06:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F8DD 25 KB
11 KB 380ms
376ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4328742155432872&output=html&h=280&slotname=1959476942&adk=861964628&adf=694063878&pi=t.ma~as.1959476942&w=1104&fwrn=4&fwrnh=100&lmt=1647413253&rafmt=1&psa=1&format=1104x280&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647413253677&bpp=3&bdt=6750&idt=3&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D505bfcd1677e4221%3AT%3D1647413248%3AS%3DALNI_MaCNzVJX2BkxC3L7xdKC5ux7aWduw&prev_fmts=0x0%2C310x1066&nras=1&correlator=7002574165498&frm=20&pv=1&ga_vid=1323063238.1647413248&ga_sid=1647413248&ga_hid=371717794&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=248&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065531&oid=2&psts=AGkb-H8b_0ewmnN_hnqKt8mKtC7CHFoJvgcoSMtI9KUawtsCR86sKH-CPSIkMHaQ3fdQANavT_D6tORHsCIALw&pvsid=365009433287654&pem=129&tmod=1540678822&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=rRgBu5cOOf&p=https%3A//tinhte.vn&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa1cebcafab2a2b388422e9014d4dfaa7019de12ac4e08e0e9d3b9f984a28239

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 16 Mar 2022 06:47:34 GMT
server: cafe
content-length: 11070
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 05DE 43 B
215 B 100ms
99ms Image
image/gif 34.237.61.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949432&asId=4b00390f-7086-fac9-28a0-5e3b9da871d4&tv=%7Bc:70luXl,pingTime:-10,time:1331,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1647413253710%7C%7Cad382cfaf2e72e8801722e807a3135a3%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Ce7720d02dd78118fd0bdcf2b2320b0ec%7C%7Ccd6231d36923b7727946c30489a9244c%7C%7Ce32f3806af4df20fe60685373dabf081%7C%7C0d2ef6223b67a46c1c188f6dbb72a0e7%7C%7Ced3af2693200f7d8f0542b36922a8b6e%7C%7C1629390669,im:%7Bpci:%7Btdr:221%7D%7D%7D
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.61.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-61-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 7F5E 81 KB
11 KB 19ms
18ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nci&g=1fe6412b04a1dc712599cadd0e1a0767%2F13841441758141254669&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647413253606&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4v1gpmh9gsjsvqvrt9y71cr1t8cafmvxyefb1sfvp307sv3dcnn8r37fee9sp1swst6cdh8ksabk6cdw6wd1afk2hy9ks78zcnj9f31nt30dt7fc5wyv3a0t2e8xfk41jeq91h3gh8v4vpqg8z1herpwztk9kfg5saen1yc8ft5jatt34jpxsakhtzfyqebdbg2srv6rwss97t9ze23dk216998c6thfaa0m8gyab6gch4c4mvx7f8bxse8arv80m9p5dp9br3ptn4tr1g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXacxA4gxYuP1DpvsgAeopaL4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAcKu6N0DyAEJqQLPqCIQ6WWyPuACAKgDAaoEwwJP0LnDUMkBButJEIziMmtI9j0MaDv0ydqzGytlJftagq1nUv8uC8cmcTieyUwE9BIHLOR8EXThZ4zQPXfJM37uxW793_Z--eX1Yhg8Y3MelQIEoQG_AZS46u2PNXUVTkKUmrdSMRDbpsB9KgV94YrXKCcN9cRwD_xlmXz2TotbckSRdccUD33RUK3WaZQlGMct1xYDaU-FsQx6Uxt-CmAqmjIci7SNZM-GN2Ha4grJeaad15V42EmsTNanUzIQ3rmsIQfw7o08CG2qPjRqnSMEAXS3RQbQf9RRmdy5p2D3oKvzkrZvyc9upwUVjbk8atEkBhJe3hSxEGKB6dk9MTyE4cmGbLVjnoryTDL2cb-LAHYy6SVpsLDWPaguA_V2C4KolwUO7MbmKq9BBeWKA1IIq6xAuAxSXlOCjl1yV8lD3mg75OAEAYAGgoaOsvyw2Zb6AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3dbWuYYFUIAxeuhUr_3DwOC57jYg%252526client%25253Dca-pub-4328742155432872%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nci&g=1fe6412b04a1dc712599cadd0e1a0767%2F13841441758141254669&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647413253606&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4v1gpmh9gsjsvqvrt9y71cr1t8cafmvxyefb1sfvp307sv3dcnn8r37fee9sp1swst6cdh8ksabk6cdw6wd1afk2hy9ks78zcnj9f31nt30dt7fc5wyv3a0t2e8xfk41jeq91h3gh8v4vpqg8z1herpwztk9kfg5saen1yc8ft5jatt34jpxsakhtzfyqebdbg2srv6rwss97t9ze23dk216998c6thfaa0m8gyab6gch4c4mvx7f8bxse8arv80m9p5dp9br3ptn4tr1g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXacxA4gxYuP1DpvsgAeopaL4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAcKu6N0DyAEJqQLPqCIQ6WWyPuACAKgDAaoEwwJP0LnDUMkBButJEIziMmtI9j0MaDv0ydqzGytlJftagq1nUv8uC8cmcTieyUwE9BIHLOR8EXThZ4zQPXfJM37uxW793_Z--eX1Yhg8Y3MelQIEoQG_AZS46u2PNXUVTkKUmrdSMRDbpsB9KgV94YrXKCcN9cRwD_xlmXz2TotbckSRdccUD33RUK3WaZQlGMct1xYDaU-FsQx6Uxt-CmAqmjIci7SNZM-GN2Ha4grJeaad15V42EmsTNanUzIQ3rmsIQfw7o08CG2qPjRqnSMEAXS3RQbQf9RRmdy5p2D3oKvzkrZvyc9upwUVjbk8atEkBhJe3hSxEGKB6dk9MTyE4cmGbLVjnoryTDL2cb-LAHYy6SVpsLDWPaguA_V2C4KolwUO7MbmKq9BBeWKA1IIq6xAuAxSXlOCjl1yV8lD3mg75OAEAYAGgoaOsvyw2Zb6AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3dbWuYYFUIAxeuhUr_3DwOC57jYg%252526client%25253Dca-pub-4328742155432872%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:33 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 680255
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Tue, 08 Mar 2022 09:49:58 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6ecb89c459f38fe6-FRA
cf-bgj: minify

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 7F5E 53 KB
54 KB 45ms
36ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nci&g=1fe6412b04a1dc712599cadd0e1a0767%2F13841441758141254669&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647413253606&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4v1gpmh9gsjsvqvrt9y71cr1t8cafmvxyefb1sfvp307sv3dcnn8r37fee9sp1swst6cdh8ksabk6cdw6wd1afk2hy9ks78zcnj9f31nt30dt7fc5wyv3a0t2e8xfk41jeq91h3gh8v4vpqg8z1herpwztk9kfg5saen1yc8ft5jatt34jpxsakhtzfyqebdbg2srv6rwss97t9ze23dk216998c6thfaa0m8gyab6gch4c4mvx7f8bxse8arv80m9p5dp9br3ptn4tr1g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXacxA4gxYuP1DpvsgAeopaL4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAcKu6N0DyAEJqQLPqCIQ6WWyPuACAKgDAaoEwwJP0LnDUMkBButJEIziMmtI9j0MaDv0ydqzGytlJftagq1nUv8uC8cmcTieyUwE9BIHLOR8EXThZ4zQPXfJM37uxW793_Z--eX1Yhg8Y3MelQIEoQG_AZS46u2PNXUVTkKUmrdSMRDbpsB9KgV94YrXKCcN9cRwD_xlmXz2TotbckSRdccUD33RUK3WaZQlGMct1xYDaU-FsQx6Uxt-CmAqmjIci7SNZM-GN2Ha4grJeaad15V42EmsTNanUzIQ3rmsIQfw7o08CG2qPjRqnSMEAXS3RQbQf9RRmdy5p2D3oKvzkrZvyc9upwUVjbk8atEkBhJe3hSxEGKB6dk9MTyE4cmGbLVjnoryTDL2cb-LAHYy6SVpsLDWPaguA_V2C4KolwUO7MbmKq9BBeWKA1IIq6xAuAxSXlOCjl1yV8lD3mg75OAEAYAGgoaOsvyw2Zb6AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3dbWuYYFUIAxeuhUr_3DwOC57jYg%252526client%25253Dca-pub-4328742155432872%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date: Wed, 16 Mar 2022 06:47:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122127
cf-polished: origFmt=png, origSize=115129
x-guploader-uploadid: ADPycds6H08d37wmKvOpxgL121e5rQqw9rGeyT2XGfVKLLDmudDx0unbmlUPTEyWp0_Rl5pF5-6GHpIGP8EcBxrxabI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbQFOiJRjGEltGE7Pq7Xd%2F68I3TfgidA1glZI4l5Ysjdk%2BiluDdblYpbFImLHmRcTmFVFQni31nzhnWIU6cV7nHpvOchI03sMF%2F2i759i2YDPXYZn0wonghpSoPueB8lZgJ%2FvOIlfjm30TB7"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883484779402
content-type: image/webp
expires: Thu, 17 Mar 2022 06:47:33 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 115129
accept-ranges: bytes
cf-ray: 6ecb89c46f655c5c-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 7F5E 23 KB
23 KB 22ms
20ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nci&g=1fe6412b04a1dc712599cadd0e1a0767%2F13841441758141254669&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647413253606&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4v1gpmh9gsjsvqvrt9y71cr1t8cafmvxyefb1sfvp307sv3dcnn8r37fee9sp1swst6cdh8ksabk6cdw6wd1afk2hy9ks78zcnj9f31nt30dt7fc5wyv3a0t2e8xfk41jeq91h3gh8v4vpqg8z1herpwztk9kfg5saen1yc8ft5jatt34jpxsakhtzfyqebdbg2srv6rwss97t9ze23dk216998c6thfaa0m8gyab6gch4c4mvx7f8bxse8arv80m9p5dp9br3ptn4tr1g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXacxA4gxYuP1DpvsgAeopaL4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAcKu6N0DyAEJqQLPqCIQ6WWyPuACAKgDAaoEwwJP0LnDUMkBButJEIziMmtI9j0MaDv0ydqzGytlJftagq1nUv8uC8cmcTieyUwE9BIHLOR8EXThZ4zQPXfJM37uxW793_Z--eX1Yhg8Y3MelQIEoQG_AZS46u2PNXUVTkKUmrdSMRDbpsB9KgV94YrXKCcN9cRwD_xlmXz2TotbckSRdccUD33RUK3WaZQlGMct1xYDaU-FsQx6Uxt-CmAqmjIci7SNZM-GN2Ha4grJeaad15V42EmsTNanUzIQ3rmsIQfw7o08CG2qPjRqnSMEAXS3RQbQf9RRmdy5p2D3oKvzkrZvyc9upwUVjbk8atEkBhJe3hSxEGKB6dk9MTyE4cmGbLVjnoryTDL2cb-LAHYy6SVpsLDWPaguA_V2C4KolwUO7MbmKq9BBeWKA1IIq6xAuAxSXlOCjl1yV8lD3mg75OAEAYAGgoaOsvyw2Zb6AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3dbWuYYFUIAxeuhUr_3DwOC57jYg%252526client%25253Dca-pub-4328742155432872%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=I4uEDQ==, md5=w0ixd5U6xXIINsBOGiFnPQ==
date: Wed, 16 Mar 2022 06:47:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121073
cf-polished: qual=85, origFmt=jpeg, origSize=132437
x-guploader-uploadid: ADPycdu82z9Ksy0_PpiZdQIPZIMRc-w6OTMKXys2ZGX-PXUT0StT-vc15t3GioKnrfOVJAOilzHKNZ_Wp4Ev1nXUiR1AQyNOIw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23154
last-modified: Thu, 09 Dec 2021 17:51:23 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FuGoywBjcEuoFkVyAeze3S3DbnWF5lV%2BAspQSdwt1IoxX7V2cZdcdl5Qmpmy%2BU9fElBlANaY97smCy5Pa4sc4Kg1qVKTFkTWKQE6%2Blzn6jWvK%2FZ5KneG%2FuP3oW3HTWlaMJhZsjkSiWvy1R1L"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1639072283176296
content-type: image/webp
expires: Thu, 17 Mar 2022 06:47:33 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 132437
accept-ranges: bytes
cf-ray: 6ecb89c46f645c5c-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 7F5E
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuid3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nciasuid__suite_Netmix_Reach13_BlackFridayPush&gd...
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuid3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nciasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_c...
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022031607473365697728795X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuid3Rj4zDk...

49 B
2 KB

54ms
23ms

Image
image/gif

46.4.62.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022031607473365697728795X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuid3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nciasuid__suite_Netmix_Reach13_BlackFridayPush&spid=2022031607473365697728795X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuid3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nciasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nci&g=1fe6412b04a1dc712599cadd0e1a0767%2F13841441758141254669&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647413253606&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4v1gpmh9gsjsvqvrt9y71cr1t8cafmvxyefb1sfvp307sv3dcnn8r37fee9sp1swst6cdh8ksabk6cdw6wd1afk2hy9ks78zcnj9f31nt30dt7fc5wyv3a0t2e8xfk41jeq91h3gh8v4vpqg8z1herpwztk9kfg5saen1yc8ft5jatt34jpxsakhtzfyqebdbg2srv6rwss97t9ze23dk216998c6thfaa0m8gyab6gch4c4mvx7f8bxse8arv80m9p5dp9br3ptn4tr1g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXacxA4gxYuP1DpvsgAeopaL4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAcKu6N0DyAEJqQLPqCIQ6WWyPuACAKgDAaoEwwJP0LnDUMkBButJEIziMmtI9j0MaDv0ydqzGytlJftagq1nUv8uC8cmcTieyUwE9BIHLOR8EXThZ4zQPXfJM37uxW793_Z--eX1Yhg8Y3MelQIEoQG_AZS46u2PNXUVTkKUmrdSMRDbpsB9KgV94YrXKCcN9cRwD_xlmXz2TotbckSRdccUD33RUK3WaZQlGMct1xYDaU-FsQx6Uxt-CmAqmjIci7SNZM-GN2Ha4grJeaad15V42EmsTNanUzIQ3rmsIQfw7o08CG2qPjRqnSMEAXS3RQbQf9RRmdy5p2D3oKvzkrZvyc9upwUVjbk8atEkBhJe3hSxEGKB6dk9MTyE4cmGbLVjnoryTDL2cb-LAHYy6SVpsLDWPaguA_V2C4KolwUO7MbmKq9BBeWKA1IIq6xAuAxSXlOCjl1yV8lD3mg75OAEAYAGgoaOsvyw2Zb6AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3dbWuYYFUIAxeuhUr_3DwOC57jYg%252526client%25253Dca-pub-4328742155432872%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 46.4.62.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads4.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:33 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022031607473365697728795X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuid3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nciasuid__suite_Netmix_Reach13_BlackFridayPush&spid=2022031607473365697728795X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuid3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nciasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211
date: Wed, 16 Mar 2022 06:47:33 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 7F5E 9 KB
10 KB 38ms
36ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nci&g=1fe6412b04a1dc712599cadd0e1a0767%2F13841441758141254669&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647413253606&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4v1gpmh9gsjsvqvrt9y71cr1t8cafmvxyefb1sfvp307sv3dcnn8r37fee9sp1swst6cdh8ksabk6cdw6wd1afk2hy9ks78zcnj9f31nt30dt7fc5wyv3a0t2e8xfk41jeq91h3gh8v4vpqg8z1herpwztk9kfg5saen1yc8ft5jatt34jpxsakhtzfyqebdbg2srv6rwss97t9ze23dk216998c6thfaa0m8gyab6gch4c4mvx7f8bxse8arv80m9p5dp9br3ptn4tr1g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXacxA4gxYuP1DpvsgAeopaL4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAcKu6N0DyAEJqQLPqCIQ6WWyPuACAKgDAaoEwwJP0LnDUMkBButJEIziMmtI9j0MaDv0ydqzGytlJftagq1nUv8uC8cmcTieyUwE9BIHLOR8EXThZ4zQPXfJM37uxW793_Z--eX1Yhg8Y3MelQIEoQG_AZS46u2PNXUVTkKUmrdSMRDbpsB9KgV94YrXKCcN9cRwD_xlmXz2TotbckSRdccUD33RUK3WaZQlGMct1xYDaU-FsQx6Uxt-CmAqmjIci7SNZM-GN2Ha4grJeaad15V42EmsTNanUzIQ3rmsIQfw7o08CG2qPjRqnSMEAXS3RQbQf9RRmdy5p2D3oKvzkrZvyc9upwUVjbk8atEkBhJe3hSxEGKB6dk9MTyE4cmGbLVjnoryTDL2cb-LAHYy6SVpsLDWPaguA_V2C4KolwUO7MbmKq9BBeWKA1IIq6xAuAxSXlOCjl1yV8lD3mg75OAEAYAGgoaOsvyw2Zb6AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3dbWuYYFUIAxeuhUr_3DwOC57jYg%252526client%25253Dca-pub-4328742155432872%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date: Wed, 16 Mar 2022 06:47:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 116517
cf-polished: origFmt=png, origSize=24833
x-guploader-uploadid: ADPycdtAoDp9SEII5v85uTPCjNo7Cu3f4Wp_mDJjAIVX1OgvRsD6i46fZvUntCtJv6tB9Ism5NFV1yFUPPTBqnwNQ2gEkWL8jw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9258
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJZ6VIRRxzqlDeHPdmCaUYB%2BJMFHSI3oFolptS3QF7U8izI7RPpooKBhv3Y3dtiN5mLHXMo23YPzUU%2FGN%2BPAYr1k6OIxFFyleGjIV71wrDfRfDP8nksSrYSiI058mPMKJM40BhZfT3vl2Qiv"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883517528266
content-type: image/webp
expires: Thu, 17 Mar 2022 06:47:33 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 24833
accept-ranges: bytes
cf-ray: 6ecb89c46f675c5c-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
assets.ad4m.at/product_image/ Frame 7F5E 19 KB
19 KB 23ms
21ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nci&g=1fe6412b04a1dc712599cadd0e1a0767%2F13841441758141254669&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647413253606&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4v1gpmh9gsjsvqvrt9y71cr1t8cafmvxyefb1sfvp307sv3dcnn8r37fee9sp1swst6cdh8ksabk6cdw6wd1afk2hy9ks78zcnj9f31nt30dt7fc5wyv3a0t2e8xfk41jeq91h3gh8v4vpqg8z1herpwztk9kfg5saen1yc8ft5jatt34jpxsakhtzfyqebdbg2srv6rwss97t9ze23dk216998c6thfaa0m8gyab6gch4c4mvx7f8bxse8arv80m9p5dp9br3ptn4tr1g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXacxA4gxYuP1DpvsgAeopaL4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAcKu6N0DyAEJqQLPqCIQ6WWyPuACAKgDAaoEwwJP0LnDUMkBButJEIziMmtI9j0MaDv0ydqzGytlJftagq1nUv8uC8cmcTieyUwE9BIHLOR8EXThZ4zQPXfJM37uxW793_Z--eX1Yhg8Y3MelQIEoQG_AZS46u2PNXUVTkKUmrdSMRDbpsB9KgV94YrXKCcN9cRwD_xlmXz2TotbckSRdccUD33RUK3WaZQlGMct1xYDaU-FsQx6Uxt-CmAqmjIci7SNZM-GN2Ha4grJeaad15V42EmsTNanUzIQ3rmsIQfw7o08CG2qPjRqnSMEAXS3RQbQf9RRmdy5p2D3oKvzkrZvyc9upwUVjbk8atEkBhJe3hSxEGKB6dk9MTyE4cmGbLVjnoryTDL2cb-LAHYy6SVpsLDWPaguA_V2C4KolwUO7MbmKq9BBeWKA1IIq6xAuAxSXlOCjl1yV8lD3mg75OAEAYAGgoaOsvyw2Zb6AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3dbWuYYFUIAxeuhUr_3DwOC57jYg%252526client%25253Dca-pub-4328742155432872%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=1aKs/g==, md5=nBaxji7Rcg1LrHhoV5P3TA==
date: Wed, 16 Mar 2022 06:47:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 118588
cf-polished: qual=85, origFmt=jpeg, origSize=84530
x-guploader-uploadid: ADPycdtjtCNlLHRDEK-gcZqgHCMPX3wxwKyFUE4dgv6uvxoNjZMlotuQ5KWyOzyFy0rF4v5nypnvXH5r3mbHNnV_5HTf2iQt_w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19022
last-modified: Wed, 10 Nov 2021 15:00:52 GMT
server: cloudflare
etag: "9c16b18e2ed1720d4bac78685793f74c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VrJdVuwvVg4S5aa9wSgyAPvOYcvu8UMLn5vzDGUU2F4XLisv9tbS3KnDiODTftjDKkz6XUoqBAgSDqqBxyISKrm8k5cZxkRJXKhbnUuKJW8dLjr%2F2SxYsjoRC43kMnuE%2FWwqji0XF%2B6XS9Mz"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1636556452656256
content-type: image/webp
expires: Thu, 17 Mar 2022 06:47:33 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 84530
accept-ranges: bytes
cf-ray: 6ecb89c46f685c5c-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame 7F5E
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuid3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nciasuid__suite_Netmix_Reach13_BlackFridayPush&gd...
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuid3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nciasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_c...
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022031607473365697728793X113752V1225131106MSoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuid3Rj4zDkm8...

49 B
1 KB

60ms
25ms

Image
image/gif

78.46.85.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022031607473365697728793X113752V1225131106MSoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuid3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nciasuid__suite_Netmix_Reach13_BlackFridayPush
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nci&g=1fe6412b04a1dc712599cadd0e1a0767%2F13841441758141254669&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647413253606&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4v1gpmh9gsjsvqvrt9y71cr1t8cafmvxyefb1sfvp307sv3dcnn8r37fee9sp1swst6cdh8ksabk6cdw6wd1afk2hy9ks78zcnj9f31nt30dt7fc5wyv3a0t2e8xfk41jeq91h3gh8v4vpqg8z1herpwztk9kfg5saen1yc8ft5jatt34jpxsakhtzfyqebdbg2srv6rwss97t9ze23dk216998c6thfaa0m8gyab6gch4c4mvx7f8bxse8arv80m9p5dp9br3ptn4tr1g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXacxA4gxYuP1DpvsgAeopaL4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAcKu6N0DyAEJqQLPqCIQ6WWyPuACAKgDAaoEwwJP0LnDUMkBButJEIziMmtI9j0MaDv0ydqzGytlJftagq1nUv8uC8cmcTieyUwE9BIHLOR8EXThZ4zQPXfJM37uxW793_Z--eX1Yhg8Y3MelQIEoQG_AZS46u2PNXUVTkKUmrdSMRDbpsB9KgV94YrXKCcN9cRwD_xlmXz2TotbckSRdccUD33RUK3WaZQlGMct1xYDaU-FsQx6Uxt-CmAqmjIci7SNZM-GN2Ha4grJeaad15V42EmsTNanUzIQ3rmsIQfw7o08CG2qPjRqnSMEAXS3RQbQf9RRmdy5p2D3oKvzkrZvyc9upwUVjbk8atEkBhJe3hSxEGKB6dk9MTyE4cmGbLVjnoryTDL2cb-LAHYy6SVpsLDWPaguA_V2C4KolwUO7MbmKq9BBeWKA1IIq6xAuAxSXlOCjl1yV8lD3mg75OAEAYAGgoaOsvyw2Zb6AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3dbWuYYFUIAxeuhUr_3DwOC57jYg%252526client%25253Dca-pub-4328742155432872%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads1.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 06:47:33 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022031607473365697728793X113752V1225131106MSoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuid3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nciasuid__suite_Netmix_Reach13_BlackFridayPush
date: Wed, 16 Mar 2022 06:47:33 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 7F5E 38 KB
38 KB 23ms
22ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nci&g=1fe6412b04a1dc712599cadd0e1a0767%2F13841441758141254669&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647413253606&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4v1gpmh9gsjsvqvrt9y71cr1t8cafmvxyefb1sfvp307sv3dcnn8r37fee9sp1swst6cdh8ksabk6cdw6wd1afk2hy9ks78zcnj9f31nt30dt7fc5wyv3a0t2e8xfk41jeq91h3gh8v4vpqg8z1herpwztk9kfg5saen1yc8ft5jatt34jpxsakhtzfyqebdbg2srv6rwss97t9ze23dk216998c6thfaa0m8gyab6gch4c4mvx7f8bxse8arv80m9p5dp9br3ptn4tr1g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXacxA4gxYuP1DpvsgAeopaL4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAcKu6N0DyAEJqQLPqCIQ6WWyPuACAKgDAaoEwwJP0LnDUMkBButJEIziMmtI9j0MaDv0ydqzGytlJftagq1nUv8uC8cmcTieyUwE9BIHLOR8EXThZ4zQPXfJM37uxW793_Z--eX1Yhg8Y3MelQIEoQG_AZS46u2PNXUVTkKUmrdSMRDbpsB9KgV94YrXKCcN9cRwD_xlmXz2TotbckSRdccUD33RUK3WaZQlGMct1xYDaU-FsQx6Uxt-CmAqmjIci7SNZM-GN2Ha4grJeaad15V42EmsTNanUzIQ3rmsIQfw7o08CG2qPjRqnSMEAXS3RQbQf9RRmdy5p2D3oKvzkrZvyc9upwUVjbk8atEkBhJe3hSxEGKB6dk9MTyE4cmGbLVjnoryTDL2cb-LAHYy6SVpsLDWPaguA_V2C4KolwUO7MbmKq9BBeWKA1IIq6xAuAxSXlOCjl1yV8lD3mg75OAEAYAGgoaOsvyw2Zb6AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3dbWuYYFUIAxeuhUr_3DwOC57jYg%252526client%25253Dca-pub-4328742155432872%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Wed, 16 Mar 2022 06:47:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 115984
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycdu0Z2IKmti0NH-79hnFe-WuyU-EdEertsD7AA4pYLaEG2hHADBJJdlkw5onJM1BpjK0nrq7djfi3nKkH87CHfc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwgt5oek9nvzZxSY%2BwhUTMcNbX5mwuS%2BoJEL0nqfLCafQP%2F9i9Xiv8oIuqtwX1M%2B83TKFu6Bwj5DEphnUgBEMdt%2FeO%2FfsortlXb%2BjX%2BO3jR0ZsXFUGavY2RiIifiwUazJQfa8nWts7y5dkRe"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Thu, 17 Mar 2022 06:47:33 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 6ecb89c46f695c5c-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 7F5E 84 KB
84 KB 36ms
35ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nci&g=1fe6412b04a1dc712599cadd0e1a0767%2F13841441758141254669&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647413253606&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4v1gpmh9gsjsvqvrt9y71cr1t8cafmvxyefb1sfvp307sv3dcnn8r37fee9sp1swst6cdh8ksabk6cdw6wd1afk2hy9ks78zcnj9f31nt30dt7fc5wyv3a0t2e8xfk41jeq91h3gh8v4vpqg8z1herpwztk9kfg5saen1yc8ft5jatt34jpxsakhtzfyqebdbg2srv6rwss97t9ze23dk216998c6thfaa0m8gyab6gch4c4mvx7f8bxse8arv80m9p5dp9br3ptn4tr1g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXacxA4gxYuP1DpvsgAeopaL4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAcKu6N0DyAEJqQLPqCIQ6WWyPuACAKgDAaoEwwJP0LnDUMkBButJEIziMmtI9j0MaDv0ydqzGytlJftagq1nUv8uC8cmcTieyUwE9BIHLOR8EXThZ4zQPXfJM37uxW793_Z--eX1Yhg8Y3MelQIEoQG_AZS46u2PNXUVTkKUmrdSMRDbpsB9KgV94YrXKCcN9cRwD_xlmXz2TotbckSRdccUD33RUK3WaZQlGMct1xYDaU-FsQx6Uxt-CmAqmjIci7SNZM-GN2Ha4grJeaad15V42EmsTNanUzIQ3rmsIQfw7o08CG2qPjRqnSMEAXS3RQbQf9RRmdy5p2D3oKvzkrZvyc9upwUVjbk8atEkBhJe3hSxEGKB6dk9MTyE4cmGbLVjnoryTDL2cb-LAHYy6SVpsLDWPaguA_V2C4KolwUO7MbmKq9BBeWKA1IIq6xAuAxSXlOCjl1yV8lD3mg75OAEAYAGgoaOsvyw2Zb6AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3dbWuYYFUIAxeuhUr_3DwOC57jYg%252526client%25253Dca-pub-4328742155432872%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Wed, 16 Mar 2022 06:47:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 676154
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ADPycdurVX_TQllJqq9NCW6CCnJhtUBuEYviYLcJ9o5JewjDiNHuXcYN19gc7beLhxzBmbbdTuJnZ5pv0IrAlbaM2pWlyJLPnw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85737
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FC6v%2B6GUz1ApOrnSBogEYbMNAGCfB7EvsaL4tilN%2FnNaWUvcDX1xc3O%2BaMcD6qC8wAfoTI04ffljkt52SiOOe5WHKMEyIOrtYUe%2BmZy1TbyptPAvRtwuTE3cc8CnShJ0QUMT1xGU%2BniozSGT"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Thu, 17 Mar 2022 06:47:33 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 6ecb89c46f6a5c5c-FRA
cf-bgj: imgq:85,h2pri

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EB2E 0
22 B 64ms
63ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhOCtA4gxYvKOOYHv3gOHlaz4DgAAAAA4AeAEAg&bg=!p6SlpODNAAZgliNcYJY7ACkAdvg8WrnbJo08Ne0mw1rqk6brRBeojM50RteEZ2VVKUW5c64qvukxlwIAAAGKUgAAAANoAQeZAxq1mWl-GRnoLfoJZN8-kVafHNmH4laAF7kLht21LJWJ4VyP0-OpdB3uYFZs7kRLibXS5RB06PvEJfW1XiODmGZa97SiJe4UecnHfp1DLBhvvn76NNylnb79w_BUe3i0nhBxE9Tu_XivusMGJY19oFh_Pq45KTl9qEhkYioa_xKbiNUJYxF0eXN-A3W1E9h0ICFKkX0q-eR5GMLorH-x9zr4TFjXZELEREDDdzcu10wVkdLjlIRJBDmAAahZdK5mtmAwGX4VluK7rEeqW6zahO5h5HLQ2PfKxKIYEaw2jk2ZiQP7W4IwNrrTPx6ydZ3e5QFtYYgO_MAdlp9DhiJ2EEvri-PTNR9BPPv0n1DxgzQN-FuHC0AoNJG5qnkO-L6tlaCt_NvMqcCGPQ1cjS9cZCHQs1WARYRI6_neQf628taJon7qRHkCj0vCQofJFNQQRkqP9hdj4ZFxHgCokXqn6lbJt-Amfv41KGDdgXKQsHYCuo3FOMc7_AjdbTvmm57QZ4CbB5dYUJ_3YyC9_lEl9XcBT2x9S8wqElptwmb26SFswDU1LypW5HzcGiLG3UpIdZ_VFeVdbyU-6N9RgWxcHImOgltkwJXKx1Gn4joalx4YGfqMTvPow-H4MmX0ZZofbRsiiwboVSUZ5A52FuIASExNp3vIpBSSTeIoPFA_FuujUBedBUpYGkZQfFs23ICfd-IgWh6N2tc1yloI70TD6w4-aQJ6ZYqrgrajtgpvpsFRTYiJbuIRS-sAy9ZruCU46ZKULWGZwL39dWBjBXjRst3Iwp5MyBfydsX-qTgJTC6fIMpgITMIe7cXvjtEbeFrep2VFq6oM3G-TBrq8XYKGhM_dePaiO78gxjrLNEZOoOJYJYc93862UJRWgDHcB193TnLZPdBcEsj01WN-_3QRD3bbFJa6bl89rk8-eFSerrBh2rmKGyKnr0veJyme0V_3LgK_iG1MI2tXKo_ccGhvxPeGOb83rli1Bz7c5biadWlKJ9969DlshNv-RzASlW1XzdmrejptEEA8RZTb79PWOLxRRypU3RQqcwkpQ

Requested by

Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 7F5E 1 KB
2 KB 163ms
119ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hqa73p0nghh7tdpxd1aq64tab281hnb2xhn2v7gah0ts6514qtan299b9sqanzdmp1m4mkr4vmdrt5g7d0dac31sgajg5qmxymshtnnrcjtrsxxtg0ywfmyxkjqheya7dbgyr27he4mq21nhaxz0j4a3p14dn7bb79bt57psjs1ygz8kqyaw3g81k7bfa3d8zx7y9e7neh1a9qx5hnakyr2dnmd7jqn5xtf2e8nwn00pcqzp7g2h2vwdmjvxy2phrcc1x4y8m2x9h0aq2q140xcqahhj3960jscwvzgdh1x8y4ar55bb08%26a%3D&clickref=oneidApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9oneid__asuid3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nciasuid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7oneid__asuid3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nciasuid__suite_Netmix_Reach13_BlackFridayPush
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nci&g=1fe6412b04a1dc712599cadd0e1a0767%2F13841441758141254669&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647413253606&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4v1gpmh9gsjsvqvrt9y71cr1t8cafmvxyefb1sfvp307sv3dcnn8r37fee9sp1swst6cdh8ksabk6cdw6wd1afk2hy9ks78zcnj9f31nt30dt7fc5wyv3a0t2e8xfk41jeq91h3gh8v4vpqg8z1herpwztk9kfg5saen1yc8ft5jatt34jpxsakhtzfyqebdbg2srv6rwss97t9ze23dk216998c6thfaa0m8gyab6gch4c4mvx7f8bxse8arv80m9p5dp9br3ptn4tr1g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXacxA4gxYuP1DpvsgAeopaL4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAcKu6N0DyAEJqQLPqCIQ6WWyPuACAKgDAaoEwwJP0LnDUMkBButJEIziMmtI9j0MaDv0ydqzGytlJftagq1nUv8uC8cmcTieyUwE9BIHLOR8EXThZ4zQPXfJM37uxW793_Z--eX1Yhg8Y3MelQIEoQG_AZS46u2PNXUVTkKUmrdSMRDbpsB9KgV94YrXKCcN9cRwD_xlmXz2TotbckSRdccUD33RUK3WaZQlGMct1xYDaU-FsQx6Uxt-CmAqmjIci7SNZM-GN2Ha4grJeaad15V42EmsTNanUzIQ3rmsIQfw7o08CG2qPjRqnSMEAXS3RQbQf9RRmdy5p2D3oKvzkrZvyc9upwUVjbk8atEkBhJe3hSxEGKB6dk9MTyE4cmGbLVjnoryTDL2cb-LAHYy6SVpsLDWPaguA_V2C4KolwUO7MbmKq9BBeWKA1IIq6xAuAxSXlOCjl1yV8lD3mg75OAEAYAGgoaOsvyw2Zb6AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3dbWuYYFUIAxeuhUr_3DwOC57jYg%252526client%25253Dca-pub-4328742155432872%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: e7e275e05d4f6591161b937a81a4e8b16d253bc3745f66dc1e6833848efe08d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 06:47:33 GMT
Last-Modified: Wed, 16 Mar 2022 06:47:33 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1442
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 7F5E 51 KB
51 KB 8ms
8ms Script
application/javascript 18.66.97.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hqa73p0nghh7tdpxd1aq64tab281hnb2xhn2v7gah0ts6514qtan299b9sqanzdmp1m4mkr4vmdrt5g7d0dac31sgajg5qmxymshtnnrcjtrsxxtg0ywfmyxkjqheya7dbgyr27he4mq21nhaxz0j4a3p14dn7bb79bt57psjs1ygz8kqyaw3g81k7bfa3d8zx7y9e7neh1a9qx5hnakyr2dnmd7jqn5xtf2e8nwn00pcqzp7g2h2vwdmjvxy2phrcc1x4y8m2x9h0aq2q140xcqahhj3960jscwvzgdh1x8y4ar55bb08%26a%3D&clickref=oneidApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9oneid__asuid3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nciasuid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7oneid__asuid3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nciasuid__suite_Netmix_Reach13_BlackFridayPush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 6868
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Wed, 16 Mar 2022 04:53:06 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: OgaW9lFVNmX7V6xIaHUBSTDvSyx-bGOi8mjYYYHtsu-HFRK-LgOPDw==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 7F5E 85 KB
85 KB 73ms
27ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidQb4f4fjfqPkt4C5HYtGtZgzs6S4TxFVoneid__asuidtmstWNaZhEEFieXGl-LrZlVPTKMNpDmnasuid__Stroeer_RONmobile_300x250&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nci&g=1fe6412b04a1dc712599cadd0e1a0767%2F13841441758141254669&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647413253606&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4v1gpmh9gsjsvqvrt9y71cr1t8cafmvxyefb1sfvp307sv3dcnn8r37fee9sp1swst6cdh8ksabk6cdw6wd1afk2hy9ks78zcnj9f31nt30dt7fc5wyv3a0t2e8xfk41jeq91h3gh8v4vpqg8z1herpwztk9kfg5saen1yc8ft5jatt34jpxsakhtzfyqebdbg2srv6rwss97t9ze23dk216998c6thfaa0m8gyab6gch4c4mvx7f8bxse8arv80m9p5dp9br3ptn4tr1g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXacxA4gxYuP1DpvsgAeopaL4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAcKu6N0DyAEJqQLPqCIQ6WWyPuACAKgDAaoEwwJP0LnDUMkBButJEIziMmtI9j0MaDv0ydqzGytlJftagq1nUv8uC8cmcTieyUwE9BIHLOR8EXThZ4zQPXfJM37uxW793_Z--eX1Yhg8Y3MelQIEoQG_AZS46u2PNXUVTkKUmrdSMRDbpsB9KgV94YrXKCcN9cRwD_xlmXz2TotbckSRdccUD33RUK3WaZQlGMct1xYDaU-FsQx6Uxt-CmAqmjIci7SNZM-GN2Ha4grJeaad15V42EmsTNanUzIQ3rmsIQfw7o08CG2qPjRqnSMEAXS3RQbQf9RRmdy5p2D3oKvzkrZvyc9upwUVjbk8atEkBhJe3hSxEGKB6dk9MTyE4cmGbLVjnoryTDL2cb-LAHYy6SVpsLDWPaguA_V2C4KolwUO7MbmKq9BBeWKA1IIq6xAuAxSXlOCjl1yV8lD3mg75OAEAYAGgoaOsvyw2Zb6AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3dbWuYYFUIAxeuhUr_3DwOC57jYg%252526client%25253Dca-pub-4328742155432872%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 06:47:34 GMT
Last-Modified: Wed, 16 Mar 2022 06:47:34 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame F8DD 2 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4328742155432872&output=html&h=280&slotname=1959476942&adk=861964628&adf=694063878&pi=t.ma~as.1959476942&w=1104&fwrn=4&fwrnh=100&lmt=1647413253&rafmt=1&psa=1&format=1104x280&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647413253677&bpp=3&bdt=6750&idt=3&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D505bfcd1677e4221%3AT%3D1647413248%3AS%3DALNI_MaCNzVJX2BkxC3L7xdKC5ux7aWduw&prev_fmts=0x0%2C310x1066&nras=1&correlator=7002574165498&frm=20&pv=1&ga_vid=1323063238.1647413248&ga_sid=1647413248&ga_hid=371717794&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=248&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065531&oid=2&psts=AGkb-H8b_0ewmnN_hnqKt8mKtC7CHFoJvgcoSMtI9KUawtsCR86sKH-CPSIkMHaQ3fdQANavT_D6tORHsCIALw&pvsid=365009433287654&pem=129&tmod=1540678822&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=rRgBu5cOOf&p=https%3A//tinhte.vn&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 05:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 05:57:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame F8DD 15 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 947
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 06:31:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F8DD 0
0 47ms
46ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTPJCt7nSRf3u_jgqF9MwlC_ynCRqfyWAkxYExpy-KuqK020hN_qISHxTGcpM1cXNoMwB4kMaBdok6vJzZvsUpAQm4NRQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4328742155432872&output=html&h=280&slotname=1959476942&adk=861964628&adf=694063878&pi=t.ma~as.1959476942&w=1104&fwrn=4&fwrnh=100&lmt=1647413253&rafmt=1&psa=1&format=1104x280&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647413253677&bpp=3&bdt=6750&idt=3&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D505bfcd1677e4221%3AT%3D1647413248%3AS%3DALNI_MaCNzVJX2BkxC3L7xdKC5ux7aWduw&prev_fmts=0x0%2C310x1066&nras=1&correlator=7002574165498&frm=20&pv=1&ga_vid=1323063238.1647413248&ga_sid=1647413248&ga_hid=371717794&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=248&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065531&oid=2&psts=AGkb-H8b_0ewmnN_hnqKt8mKtC7CHFoJvgcoSMtI9KUawtsCR86sKH-CPSIkMHaQ3fdQANavT_D6tORHsCIALw&pvsid=365009433287654&pem=129&tmod=1540678822&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=rRgBu5cOOf&p=https%3A//tinhte.vn&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F8DD 117 KB
36 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 06:47:34 GMT

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 103ms
30ms Preflight 52.30.107.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 89DB 16 B
232 B 84ms
83ms Fetch
application/json 52.30.107.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-107-253.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 89DB 16 B
232 B 87ms
85ms Fetch
application/json 52.30.107.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-107-253.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 92ms
29ms Preflight 52.30.107.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 051C 16 B
232 B 90ms
89ms Fetch
application/json 52.30.107.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-107-253.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 63ms
29ms Preflight 52.30.107.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F8DD 0
0 69ms
69ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQ3uLBYgxYof4MczgtwenloP4CMme0rFc1fbi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAdW20uoDyAEJqQLPqCIQ6WWyPqgDAaoEhAJP0ObqbxDh__Twjs2Epsn5mnjWNL_Q5QGLxY6IBivrTsDKlAOyP23S90bUShamSC3JM7_jzUul2E1tMPqFuxbhA2rBlre5yD6mYJhZILl4MHCyNCTYafYKNLK0eUQQpoe1u0CiuxdMQss9z0b01b3dDVwmFzSwZlH6uvlAU9f_QvLE3LG1X-eDf2JoE16DIcWKpzj0wIChPIGUuJGyVwQjou4CzOq4gXAjptYR2WSo9vqSexq9jYbVUP3dB3bi_-Y-yiiB3ArR4MtroRiA16s3GAiay7T6kFI6MECyL-DVVHZLOvAMeyWgN_lANwY9fSLcfy6SyVTkIf5B70LsvIx3Q9eORoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDMyODc0MjE1NTQzMjg3MhgA&sigh=sRVDMEMBy3s&uach_m=[UACH]&cid=CAQSOwCNIrLM0aLjzp7GAj8ZSajzDNQDG-KtUAmxIw5M8jdJOBcHdbtIts2kVSX-oYuH1kh_vkYWyMSEhvFTGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4328742155432872&output=html&h=280&slotname=1959476942&adk=861964628&adf=694063878&pi=t.ma~as.1959476942&w=1104&fwrn=4&fwrnh=100&lmt=1647413253&rafmt=1&psa=1&format=1104x280&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647413253677&bpp=3&bdt=6750&idt=3&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D505bfcd1677e4221%3AT%3D1647413248%3AS%3DALNI_MaCNzVJX2BkxC3L7xdKC5ux7aWduw&prev_fmts=0x0%2C310x1066&nras=1&correlator=7002574165498&frm=20&pv=1&ga_vid=1323063238.1647413248&ga_sid=1647413248&ga_hid=371717794&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=248&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065531&oid=2&psts=AGkb-H8b_0ewmnN_hnqKt8mKtC7CHFoJvgcoSMtI9KUawtsCR86sKH-CPSIkMHaQ3fdQANavT_D6tORHsCIALw&pvsid=365009433287654&pem=129&tmod=1540678822&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=rRgBu5cOOf&p=https%3A//tinhte.vn&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 16 Mar 2022 06:47:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame F8DD 0
0 17ms
17ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=V-b8EMz6RNAImAKdg2ICAgAAAMpVZAEmC476Pu4au96NXYsAyHL4EAWIMWIJkphxH8ajgTuXaQAS&wp=YjGIBQAMfAcK7fBMAADLJ7oaGKC8wQr979AXkQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
server: Kestrel
server-processing-duration-in-ticks: 263524
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame CC79 220 KB
58 KB 197ms
164ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YjGIBQAMfAcK7fBMAADLJ7oaGKC8wQr979AXkQ&u=%7C4lDBT3cx1%2Bcv%2FduExhR%2B2VH1k1RzeSHraY0xIY36mcQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy4EqircJuk9zwvv9cN56hfNNLyJ4OIQvhsr4rJOtEtHm3eWXUgda5Mdu9P8oYG2TkEpEiZaGuwADaUwzSRcLuKAb9RM2VA0EIJHMkR2fVWl7LB_gJKqa8WklVQ3gYd2zT6osM0bX4spBRHYnzqhmpO_PFND3jiMfE6Q4b6NUe7QXyueBwAxNBK2NOjzi2rF4sms9vSduX7KS4rsJQbh2iAZq_7D6n-M4gmLn2y8Uh7wr1kJmYsecVA0syxxBKyOyzXXjrmzpSuYxNCuOC8azfjTumZGj4WGa5YHrTKYwTOF-nZ4GCagQ-zbbdrTwNUShkqUrkloZKkHrCEEgF6YPviVXQJWByk2qpqk-m39DEIr-XDUCccsX8rtLEoLKHhOlZ8j_bxMgI5-b&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzKrGBYgxYof4MczgtwenloP4CMme0rFc1fbi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAdW20uoDyAEJqQLPqCIQ6WWyPqgDAaoEhwJP0ObqbxDh__Twjs2Epsn5mnjWNL_Q5QGLxY6IBivrTsDKlAOyP23S90bUShamSC3JM7_jzUul2E1tMPqFuxbhA2rBlre5yD6mYJhZILl4MHCyNCTYafYKNLK0eUQQpoe1u0CiuxdMQss9z0b01b3dDVwmFzSwZlH6uvlAU9f_QvLE3LG1X-eDf2JoE16DIcWKpzj0wIChPIGUuJGyVwQjou4CzOq4gXAjptYR2WSo9vqSexq9jYbVUP3dB3bi_-Y-yiiB3ArR4MtroRiA16s3GAiay7T6kFI6MECyL-CXVlfZvX-QaJo8I1qQCqDFdDbWySS80dZQ6cPnHf3ykJTy6VOd-RkiyIAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1JRbDbzDSg0wbRTPhFADXZiUhpmg%26client%3Dca-pub-4328742155432872%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

914798ab5d2f06c9e09341a9769df1848c7618587e3aa657e3a2ccc4620c0dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=6QDKiCpizIIcvB-IDXwYQM80E_LjHrd0LhShGBttbjrRWwXsUw-Xf2zcWN_Mh0_7nVC4w7P3fiOMtxCxRHMeMXErD0xhvTT0XmulaQYfTN-njcnGoisanpmzxWYuGWznDxcDjuIQ0XVBvVN9EmJdzyztrWSZ2cubF-xX3Qe_aHQ0Y3UyejIOIOtyQTAyAubV5DOrNmL8eAs8lZCss68XiX7yRrL88VM5M5XVDA7vsjSMvYG9144T6XK2QtqI-yYN09RERA"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 149381439
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C0E4 1 KB
752 B 39ms
38ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Tue, 15 Mar 2022 13:26:12 GMT
expires: Wed, 16 Mar 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 62482
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 051C 16 B
232 B 79ms
78ms Fetch
application/json 52.30.107.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-107-253.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 34ms
29ms Preflight 52.30.107.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 05DE 43 B
215 B 116ms
116ms Image
image/gif 34.237.61.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949432&asId=4b00390f-7086-fac9-28a0-5e3b9da871d4&tv=%7Bc:70lvfG,pingTime:1,time:2468,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:764%7D,%7Bpiv:64,vs:pp,r:,t:1403%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1403,n:0,pp:1066,pm:0%7D,slEvents:%5B%7Bsl:o,t:764,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B666~0%5D,as:%5B666~300.600%5D%7D%7D,%7Bsl:pp,t:1403,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.1204,piv:64,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1066~50%5D,as:%5B1066~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:113,fm:t0dY7o0+11%7C12%7C13%7C141%7C15%7C16%7C171%7C1721%7C173%7C181%7C1821%7C183%7C184%7C185%7C186%7C187%7C191%7C1921%7C193%7C194%7C195%7C196%7C197%7C1a*.949432-60827839%7C1a1%7C1a2%7C1a3%7C1a4%7C1b11%7C1b2%7C1c1%7C1d%7C1e%7C1f,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by: Host: tinhte.vn
URL: https://tinhte.vn/thread/microsoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.61.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-61-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:34 GMT
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 7F5E 16 B
232 B 87ms
85ms Fetch
application/json 52.30.107.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-107-253.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 28ms
28ms Preflight 52.30.107.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
DATA 200
OK truncated
/ Frame F8DD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86455544b1d046c7723c7b0c19fddf959e2e1903fba3908c11e5d97758030bc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 466606.gif
id.rlcdn.com/ Frame C0E4 42 B
308 B 25ms
23ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJWwjehezTLpkYjQv-wAyAfD2sfVNtIQpNDOLoO5ILFf-Y2AH6uZI1QXAk8_5T7HIg5srICCcQsKjDni-npa81JYRV5Tdnp&google_gid=CAESEOP-Mfm8mFbX6dJNXhfGgrQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4328742155432872&output=html&h=280&slotname=1959476942&adk=861964628&adf=694063878&pi=t.ma~as.1959476942&w=1104&fwrn=4&fwrnh=100&lmt=1647413253&rafmt=1&psa=1&format=1104x280&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647413253677&bpp=3&bdt=6750&idt=3&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D505bfcd1677e4221%3AT%3D1647413248%3AS%3DALNI_MaCNzVJX2BkxC3L7xdKC5ux7aWduw&prev_fmts=0x0%2C310x1066&nras=1&correlator=7002574165498&frm=20&pv=1&ga_vid=1323063238.1647413248&ga_sid=1647413248&ga_hid=371717794&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=248&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065531&oid=2&psts=AGkb-H8b_0ewmnN_hnqKt8mKtC7CHFoJvgcoSMtI9KUawtsCR86sKH-CPSIkMHaQ3fdQANavT_D6tORHsCIALw&pvsid=365009433287654&pem=129&tmod=1540678822&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=rRgBu5cOOf&p=https%3A//tinhte.vn&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 06:47:34 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame C0E4 43 B
106 B 22ms
20ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEGqGw3klM8sy_Nmlf08QYjU&google_push=AYg5qPJm3BEk_0pGIgwsSgMf9PsrCczv6m7mja1cKA8gDKQXiT7TBKj1MkQzQsjjQ7rvkVgc2ypNgrIfAdgOtI2MRGnuWyWsYXeu&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4328742155432872&output=html&h=280&slotname=1959476942&adk=861964628&adf=694063878&pi=t.ma~as.1959476942&w=1104&fwrn=4&fwrnh=100&lmt=1647413253&rafmt=1&psa=1&format=1104x280&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647413253677&bpp=3&bdt=6750&idt=3&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D505bfcd1677e4221%3AT%3D1647413248%3AS%3DALNI_MaCNzVJX2BkxC3L7xdKC5ux7aWduw&prev_fmts=0x0%2C310x1066&nras=1&correlator=7002574165498&frm=20&pv=1&ga_vid=1323063238.1647413248&ga_sid=1647413248&ga_hid=371717794&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=248&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065531&oid=2&psts=AGkb-H8b_0ewmnN_hnqKt8mKtC7CHFoJvgcoSMtI9KUawtsCR86sKH-CPSIkMHaQ3fdQANavT_D6tORHsCIALw&pvsid=365009433287654&pem=129&tmod=1540678822&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=rRgBu5cOOf&p=https%3A//tinhte.vn&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:34 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame C0E4 43 B
64 B 23ms
22ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEF14d40uxADgBJTWbbOPBSs&google_cver=1&google_push=AYg5qPLr753Pb4AqWMNXCRndMKKikqThEhUF96zc4hU8385BU3YYmjsipL2iE-z2KQlfpUEgAITO_Y75vBqwCV2Ci0xPFYP8uUyc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4328742155432872&output=html&h=280&slotname=1959476942&adk=861964628&adf=694063878&pi=t.ma~as.1959476942&w=1104&fwrn=4&fwrnh=100&lmt=1647413253&rafmt=1&psa=1&format=1104x280&url=https%3A%2F%2Ftinhte.vn%2Fthread%2Fmicrosoft-lai-quang-cao-trong-file-explorer-anh-em-co-kho-chiu.3489180%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647413253677&bpp=3&bdt=6750&idt=3&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D505bfcd1677e4221%3AT%3D1647413248%3AS%3DALNI_MaCNzVJX2BkxC3L7xdKC5ux7aWduw&prev_fmts=0x0%2C310x1066&nras=1&correlator=7002574165498&frm=20&pv=1&ga_vid=1323063238.1647413248&ga_sid=1647413248&ga_hid=371717794&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=248&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065531&oid=2&psts=AGkb-H8b_0ewmnN_hnqKt8mKtC7CHFoJvgcoSMtI9KUawtsCR86sKH-CPSIkMHaQ3fdQANavT_D6tORHsCIALw&pvsid=365009433287654&pem=129&tmod=1540678822&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=rRgBu5cOOf&p=https%3A//tinhte.vn&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:34 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 0lm2q7rnhlh5q3dg6vmbjf53st6kstrf

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C0E4
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKU_96eIhx1GtigGNyE3JHvZmZSA1IaO3qsguWqfuSxI6aFye_9GuacspulkH79K7GpvbaOvLaOVvG-ZoVwutuVE0mMbdY

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZt7VdWIRXavqyo_83MFTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKU_96eIhx1GtigGNyE3JHvZmZSA1IaO3qsguWqfuSxI6aFye_9GuacspulkH79K7GpvbaOvLaOVvG-ZoVwutuVE0mMbdY
date: Wed, 16 Mar 2022 06:47:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C0E4 0
12 B 47ms
46ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LpHbHwNUbwDFsFx9J1xPRsem4myD_oLg6XEI9NdSXWhxTHpU3r

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame CC79 2 KB
1 KB 50ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjGIBQAMfAcK7fBMAADLJ7oaGKC8wQr979AXkQ&u=%7C4lDBT3cx1%2Bcv%2FduExhR%2B2VH1k1RzeSHraY0xIY36mcQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy4EqircJuk9zwvv9cN56hfNNLyJ4OIQvhsr4rJOtEtHm3eWXUgda5Mdu9P8oYG2TkEpEiZaGuwADaUwzSRcLuKAb9RM2VA0EIJHMkR2fVWl7LB_gJKqa8WklVQ3gYd2zT6osM0bX4spBRHYnzqhmpO_PFND3jiMfE6Q4b6NUe7QXyueBwAxNBK2NOjzi2rF4sms9vSduX7KS4rsJQbh2iAZq_7D6n-M4gmLn2y8Uh7wr1kJmYsecVA0syxxBKyOyzXXjrmzpSuYxNCuOC8azfjTumZGj4WGa5YHrTKYwTOF-nZ4GCagQ-zbbdrTwNUShkqUrkloZKkHrCEEgF6YPviVXQJWByk2qpqk-m39DEIr-XDUCccsX8rtLEoLKHhOlZ8j_bxMgI5-b&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzKrGBYgxYof4MczgtwenloP4CMme0rFc1fbi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAdW20uoDyAEJqQLPqCIQ6WWyPqgDAaoEhwJP0ObqbxDh__Twjs2Epsn5mnjWNL_Q5QGLxY6IBivrTsDKlAOyP23S90bUShamSC3JM7_jzUul2E1tMPqFuxbhA2rBlre5yD6mYJhZILl4MHCyNCTYafYKNLK0eUQQpoe1u0CiuxdMQss9z0b01b3dDVwmFzSwZlH6uvlAU9f_QvLE3LG1X-eDf2JoE16DIcWKpzj0wIChPIGUuJGyVwQjou4CzOq4gXAjptYR2WSo9vqSexq9jYbVUP3dB3bi_-Y-yiiB3ArR4MtroRiA16s3GAiay7T6kFI6MECyL-CXVlfZvX-QaJo8I1qQCqDFdDbWySS80dZQ6cPnHf3ykJTy6VOd-RkiyIAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1JRbDbzDSg0wbRTPhFADXZiUhpmg%26client%3Dca-pub-4328742155432872%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:35 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 06:47:35 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame CC79 2 KB
1 KB 50ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:35 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 06:47:35 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame CC79 308 B
636 B 52ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:35 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 11 Mar 2023 06:47:35 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame CC79 507 B
835 B 47ms
14ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:35 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sat, 11 Mar 2023 06:47:35 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame CC79 0
460 B 173ms
104ms Image
text/plain 2600:9000:224a:4800:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1647413254
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjGIBQAMfAcK7fBMAADLJ7oaGKC8wQr979AXkQ&u=%7C4lDBT3cx1%2Bcv%2FduExhR%2B2VH1k1RzeSHraY0xIY36mcQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy4EqircJuk9zwvv9cN56hfNNLyJ4OIQvhsr4rJOtEtHm3eWXUgda5Mdu9P8oYG2TkEpEiZaGuwADaUwzSRcLuKAb9RM2VA0EIJHMkR2fVWl7LB_gJKqa8WklVQ3gYd2zT6osM0bX4spBRHYnzqhmpO_PFND3jiMfE6Q4b6NUe7QXyueBwAxNBK2NOjzi2rF4sms9vSduX7KS4rsJQbh2iAZq_7D6n-M4gmLn2y8Uh7wr1kJmYsecVA0syxxBKyOyzXXjrmzpSuYxNCuOC8azfjTumZGj4WGa5YHrTKYwTOF-nZ4GCagQ-zbbdrTwNUShkqUrkloZKkHrCEEgF6YPviVXQJWByk2qpqk-m39DEIr-XDUCccsX8rtLEoLKHhOlZ8j_bxMgI5-b&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzKrGBYgxYof4MczgtwenloP4CMme0rFc1fbi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMjg3NDIxNTU0MzI4NzKgAdW20uoDyAEJqQLPqCIQ6WWyPqgDAaoEhwJP0ObqbxDh__Twjs2Epsn5mnjWNL_Q5QGLxY6IBivrTsDKlAOyP23S90bUShamSC3JM7_jzUul2E1tMPqFuxbhA2rBlre5yD6mYJhZILl4MHCyNCTYafYKNLK0eUQQpoe1u0CiuxdMQss9z0b01b3dDVwmFzSwZlH6uvlAU9f_QvLE3LG1X-eDf2JoE16DIcWKpzj0wIChPIGUuJGyVwQjou4CzOq4gXAjptYR2WSo9vqSexq9jYbVUP3dB3bi_-Y-yiiB3ArR4MtroRiA16s3GAiay7T6kFI6MECyL-CXVlfZvX-QaJo8I1qQCqDFdDbWySS80dZQ6cPnHf3ykJTy6VOd-RkiyIAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1JRbDbzDSg0wbRTPhFADXZiUhpmg%26client%3Dca-pub-4328742155432872%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:4800:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:35 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: AumMhr-mEMgkoYM0s6Xi_6RE5KFo4ggHRd08Q8KOGo67_hXkoOusSw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame CC79 43 B
347 B 20ms
19ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=WcleP6Igar3PdS5R9BM-mVDRxQXmSrfDGZd9E3oxvNckkeCPinJLU2kQzWTkv9tLM-I57cNS24NLOgDN2RS9WdwUkgkvdPnsjzRTnWA2oAK0jZbgsgM6dA_R0Ce5ZfJTDIEQ-Q4FNUbmMPSHBK7ZfVainI3mpzOxn-ULnEg_HE0un5FwWcoJshziegO7lMi3iiios2d8gv37NmLeHsEG-CbTFrttNroDHhSplTomWllSvlQUVI126M6b_RQWXmJP5KF7qWsCGzHFk4GsPX1E7fP2hUsx1u4FwdWSQQThAAGkJ6Q6NhR8uH8YzJgvepUdsK6oOOi2He6pz6oPeNPGDJCP2gU7R7MnVg27mKIEVsccS_KrHiijR_VUsV7BCNo9WMObkL-zCkRD4_emXIdE9BXL3ccDoIlZ36TW3vjgqVdhbm8sUVkfOwymZSdgW6gQ8FWs9w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:34 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2988473
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame CC79 12 KB
6 KB 22ms
20ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:35 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 06:47:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CC79 7 KB
7 KB 16ms
14ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=nkm37OBN4xyh5x9UPHeLVYZl

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29484465
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6722
expires: Mon, 20 Feb 2023 12:55:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CC79 2 KB
2 KB 34ms
32ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F2%2FlogoXella-Gruppe-220543DE-2010201418.gif%3Feb%3D1&v=3&w=800&s=D2oEcpXpGvUs-UMKBJ4ko8cA&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

96a531f5434b8ddd141b92cabf3d69d37374bd0b9ba0305547e3e014fb5b9dee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1315103
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1858
expires: Thu, 31 Mar 2022 12:05:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CC79 2 KB
2 KB 17ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FS%2FlogoSOPREMA-GmbH-181311DE.gif%3Feb%3D1&v=3&w=800&s=qXBlwoMuhG9qQPSouQndVRwL&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

fe8c6388e6b63c783351a1368f1aace1503be068747af86e818209f2aeecc96f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2340941
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1666
expires: Tue, 12 Apr 2022 09:03:16 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CC79 5 KB
5 KB 17ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoDr-Heimeier-Partner-3816DE-2103101358.gif%3Feb%3D1&v=3&w=800&s=KYd4J4aTLVx7KTiw7jS73HDA&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5d760aad03bc4ac8a4fd9068883549af9c1dc154081f62b98f0e493748ba91f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=383286
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4816
expires: Sun, 20 Mar 2022 17:15:41 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CC79 1 KB
2 KB 21ms
19ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FS%2FlogoSano-Moderne-Tierernaehrung-GmbH-63060DE.gif%3Feb%3D1&v=3&w=800&s=Qgt35HQ53m4frtfnpiEIEwlj&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

68e703bcfbbf22e30015001718e92ff5940cc79bb31316750ff76e7d5cf61ba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1496
expires: Sat, 11 Mar 2023 06:47:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CC79 2 KB
3 KB 17ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDr._Oetker_Tiefk%25C3%25BChlprodukte_KG_Wittlich_69120DE.gif%3Feb%3D1&v=3&w=800&s=hcYRWVpjrOyQXMh_rsE6h1iS&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

edde818ca482b250fccc4de7d39fdcb1ef84160168fbb746861b18510b7d06a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2324
expires: Sat, 11 Mar 2023 06:47:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CC79 2 KB
2 KB 31ms
29ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoStepStone-GmbH-148733DE.gif%3Feb%3D1&v=3&w=800&s=3Z7pKamwHk51W_XnQuTU03dr&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9b8ae796f30c05937ec5e849cea83f724110455de28d7619809a2b10ea5d803f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=14803
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1770
expires: Wed, 16 Mar 2022 10:54:18 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CC79 2 KB
3 KB 20ms
18ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoRheinmetall-Group-1262DE-2101221907.gif%3Feb%3D1&v=3&w=800&s=p8qnXBvGKrDeqAMuxaFVZDnR&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=174
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2446
expires: Wed, 16 Mar 2022 06:50:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CC79 6 KB
6 KB 28ms
26ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F2%2FlogoCoroplast-Fritz-Muller-GmbH-Co-KG-30584DE-2007220954.gif%3Feb%3D1&v=3&w=800&s=IZgjtpj6D-NSl4ZAr4vUBwIZ&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

38fae82219b536c5750f7d9df69c2fe43bcc231b0d2ae3444704e095108f0c46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1137104
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6352
expires: Tue, 29 Mar 2022 10:39:19 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CC79 1 KB
1 KB 29ms
27ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FJ%2FlogoJS_Deutschland_GmbH_24984DE.gif%3Feb%3D1&v=3&w=800&s=kazlmmYaf1I4CAPjpV7VMXGz&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

639665b9e97aad7d30114d5b9b4d4b391d1ee6e870fd4515ec28e5a24c22863a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=13315
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1100
expires: Wed, 16 Mar 2022 10:29:30 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CC79 350 B
613 B 30ms
28ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2Flogo4flow-2033DE-2011100949.gif%3Feb%3D1&v=3&w=800&s=-A_yiLO09e5VyKDw6Qw3gUPn&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a09892391e0c0a4a3143fa9d358036eebb7949af6641bce45f51ac833b609149

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=1744027
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 350
expires: Tue, 05 Apr 2022 11:14:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CC79 3 KB
3 KB 31ms
29ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FA%2FlogoInterSearch-Executive-Consultants-GmbH-Co-KG-114497DE-2002271656.gif%3Feb%3D1&v=3&w=800&s=dQLn2gpMQyfkv7fxtXKxfoaj&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

33ed292020df6ab75f33a2ac4835482b40029f36dccea2b025f5d40838715538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:34 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=209
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 3240
expires: Wed, 16 Mar 2022 06:51:04 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame CC79 0
127 B 49ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=6QDKiCpizIIcvB-IDXwYQM80E_LjHrd0LhShGBttbjrRWwXsUw-Xf2zcWN_Mh0_7nVC4w7P3fiOMtxCxRHMeMXErD0xhvTT0XmulaQYfTN-njcnGoisanpmzxWYuGWznDxcDjuIQ0XVBvVN9EmJdzyztrWSZ2cubF-xX3Qe_aHQ0Y3UyejIOIOtyQTAyAubV5DOrNmL8eAs8lZCss68XiX7yRrL88VM5M5XVDA7vsjSMvYG9144T6XK2QtqI-yYN09RERA&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 16 Mar 2022 06:47:35 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CC79 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:35 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 06:47:35 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame CC79 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:35 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 06:47:35 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F8DD 42 B
64 B 61ms
60ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSkI1sVNx-GY-NmX_O_ll0FVvSpePmt06RZuCrlFFE-MaK6mhrs0-m21oWv5AHgctLXBoRLKEv4OC1M3bpoOv90g&sig=Cg0ArKJSzEVgX0iO4poYEAE&cid=CAASF-RoAUJJCTKS6ab4_6-AUz7NSFa9nhRq&id=lidar2&mcvt=1000&p=0,0,280,1104&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220314&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=861964628&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647413253690&rpt=1221&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame CC79 0
127 B 16ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 16 Mar 2022 06:47:35 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 55ms
54ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220314&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712cc0dce8f2ff4f28dee6a611ae13a6845966bcac7926bf9c5f67a0eef44421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 06:47:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10525
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
28ms Script
text/javascript 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 06:47:36 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CBBA 13 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 05:39:55 GMT
expires: Thu, 16 Mar 2023 05:39:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 4061
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 02D0 783 B
536 B 48ms
48ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

be26b356d902d2e2183d921f5869cb107d1b02907edb78e3620e13e5775e71a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SqXU5MWvSJVLl6lQnwgXAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 16 Mar 2022 06:47:36 GMT
date: Wed, 16 Mar 2022 06:47:36 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-SqXU5MWvSJVLl6lQnwgXAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 TjpYlOcWKM7YNRcoDyE6vgMo6zJPBqbQyyiG91AfIxw.js Show response
pagead2.googlesyndication.com/bg/ Frame CBBA 35 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TjpYlOcWKM7YNRcoDyE6vgMo6zJPBqbQyyiG91AfIxw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e3a5894e71628ced83517280f213abe0328eb324f06a6d0cb2886f7501f231c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 20:53:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13855
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 20:53:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 02D0 0
0 91ms
91ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220314&jk=365009433287654&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CBBA 0
9 B 14ms
14ms Image
text/plain 2a00:1450:400e:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5AFe0A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400e:80d::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
22 B 64ms
63ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220314&jk=365009433287654&bg=!ISKlImbNAAZgliNcYJY7ACkAdvg8WrvjUDY5TZyfKYEHIfqkvUfkF-NTJHeOP2FzJ-R--RkdlU0GHAIAAACNUgAAAANoAQcKAAtsj5JEyEExJ3lE0JkC2vDShAKVfCyHkPUWHmk2lY-7F9QnGswD14aESxW66eBNHyzZMMHXE2kIRcI3lsqfCJ4v0jU4IlMABxLO90ej9i_8_dYlXnb26fYWsy1AmiH5TVz_hHXL717uxFNkVnaNgY6IgFyH3vzcipgymjc2LMowliLMPxNyqBU1fTrN-ZxA5Wcf5RmE56ZwaXGkKFs7eOxkxo8GDiGNessdmgyTI8WabGu_D7QO-AHc3iPIMM78FWLZTJuqnuAxrzSzCveJcuQIvGDDWzr3aiDPgmf-8JnT-urJXaOLr2F9Czh_6iNu-Yyo8WW5dj2OBeY_gU1Jg100TwGz5dIGsxo14x3DbEIkLrLBM2TGi-mu6JASFiYMXga7ncKAJ9-PNaYsnWECNiLMcnzsAY_TCIqa2myvPzsnt9e6uPuwoDQX8_cRp-jUZ2cqfsyIJvpv73RAl1J_wCLJjHHi1Tc6sgUoras-44_BL7jyEZ2LVjvRadPzjzs-zk5Oq_5gy33W95aLQtYvJ5O-2cu8PJWbTos7n4pKS1_WEo3fojzmwpaOelGYBCD9eisjRGd4uTVQWe5SvoWAKt7fJ-8qzEGsN99Ebi1nJm7y5b8IT4d50LKgCJTekyDcCvVRDsi-kN3f1bmGoRfOhZE2kqyx7UOoULh72zskGATClDideET8A_H4OgobPfNmGvgSN6BWXLv-nkgIfRP9SyJDQ-n0fdBXcGbn5lqeqOXty75AaAq3St4oSEo9Jg3m4hXfJMnvZPDP6BKtZ64iUl5Q5SpHq0s0HX-unIBbo4RFcp7j6pm445fb194i94rKR1ZAlnjLPRqi_LmGIZgNaD3WuuujL0ltJfXnFEb45jHOsdPVjOcgNR4SuN8A0nPqE3L49nFXMZV3WFpK5a_HrbRSUnu4yKl1wLL1_6uQLjky45wIztvIFMMYKRzeKh1_48Z-wUnaWuReLzYwvUdS09cztSogIX387Zo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tinhte.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CC79 2 KB
2 KB 15ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

96a531f5434b8ddd141b92cabf3d69d37374bd0b9ba0305547e3e014fb5b9dee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:37 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1315100
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1858
expires: Thu, 31 Mar 2022 12:05:58 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 05DE 43 B
215 B 100ms
100ms Image
image/gif 34.237.61.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949432&asId=4b00390f-7086-fac9-28a0-5e3b9da871d4&tv=%7Bc:70lwha,pingTime:5,time:6404,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:764%7D,%7Bpiv:64,vs:pp,r:,t:1403%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1403,n:0,pp:5001,pm:0%7D,slEvents:%5B%7Bsl:o,t:764,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B666~0%5D,as:%5B666~300.600%5D%7D%7D,%7Bsl:pp,t:1403,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.1204,piv:64,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~50%5D,as:%5B5001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:119,fm:t0dY7o0+11%7C12%7C13%7C141%7C15%7C16%7C171%7C1721%7C173%7C181%7C1821%7C183%7C184%7C185%7C186%7C187%7C191%7C1921%7C193%7C194%7C195%7C196%7C197%7C1a*.949432-60827839%7C1a1%7C1a2%7C1a3%7C1a4%7C1b11%7C1b2%7C1c1%7C1d%7C1e%7C1f,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.61.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-61-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 06:47:38 GMT
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGFMxI17p6fGb7G9FS3Iqsl5vDYMsBP99imRgf6ewOc5Ig8IhWt9R7euxKU1ypjaD_

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GIjlGZ8ppu0J&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhRP4xSuczVoWItvXVN9n_AMEFnliLUeIwciAb9tkRm-e8E8hneNLzgl7TMmo49pvJ

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX1MPa_9nbM&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1

Verdicts & Comments Add Verdict or Comment

462 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

77 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tinhte.vn/	1970-01-20 03:46:29	Name: _fbp Value: fb.1.1647413247863.315350077
.tinhte.vn/	1970-01-20 01:38:19	Name: _gid Value: GA1.2.165681531.1647413248
.tinhte.vn/	1970-01-20 01:36:53	Name: _gat Value: 1
.tinhte.vn/	1970-01-20 19:08:05	Name: _ga_L2J9ZH0B0E Value: GS1.1.1647413247.1.0.1647413247.0
.tinhte.vn/	1970-01-20 19:08:05	Name: _ga Value: GA1.1.1323063238.1647413248
.amcdn.vn/	1970-01-21 21:24:53	Name: __uid Value: 36474132480
.amcdn.vn/	1970-01-21 21:24:53	Name: __create Value: 1647413248
.tinhte.vn/	1970-01-22 03:36:53	Name: _uidcms Value: 1647413249084434761
.logging.admicro.vn/	1970-01-21 21:24:53	Name: __create Value: 1647413249
.logging.admicro.vn/	1970-01-20 01:38:19	Name: uinfo Value: -1
.logging.admicro.vn/	1970-01-20 01:38:19	Name: __tb Value: 0
.logging.admicro.vn/	1970-01-21 21:24:53	Name: __uid Value: 2574132493117783970
.logging.admicro.vn/	1970-01-20 01:36:53	Name: __OS Value: 10_Windows+10_+_+_14_99.0.4844.51__0
.doubleclick.net/	1970-01-20 10:58:29	Name: IDE Value: AHWqTUmiglVWatFbrkRhExbxbC1wKCuXkozSwiBoFYwwYqfv0m0EOBsrwyb-Rgc0hDA
.logging.admicro.vn/	1970-01-20 01:36:55	Name: linfo Value: 115_1647413250
.logging.admicro.vn/	1970-01-20 01:36:55	Name: __C Value: 115_1647413250
.quantserve.com/	1970-01-20 03:46:29	Name: d Value: EGsBCQHWJYEA
.quantserve.com/	1970-01-20 11:07:07	Name: mc Value: 62318803-183c2-18697-02bc5
.agkn.com/	1970-01-20 10:22:29	Name: ab Value: 0001%3AmpKT%2F5qEIRPpmDPg9egE%2F%2Fytd9ZEjcQd
.agkn.com/	1970-01-20 10:22:29	Name: u Value: C\|0CEApxESDKcREgwAAAAAAAQ13AQCAAQpAAAAAAA
.rlcdn.com/	1970-01-20 03:03:17	Name: pxrc Value: CIOQxpEGEgUI6AcQABIGCOndKhAA
tinhte.vn/	1970-01-27 08:48:53	Name: __RC Value: 115
tinhte.vn/	1970-01-27 08:48:53	Name: __R Value: 0
.e.dlx.addthis.com/	1970-01-20 11:07:07	Name: na_tc Value: Y
.pubmatic.com/	1970-01-20 01:38:19	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 03:46:29	Name: KADUSERCOOKIE Value: B59B7B55-D588-4576-AFAB-2A3FF373054F
.innovid.com/	1970-01-20 03:46:29	Name: uuid Value: 5d287f61-f038-4469-af3e-f78b4a27622f-20220316 02:47:31
.addthis.com/	1970-01-20 11:07:07	Name: na_id Value: 2022031606473100013327662663
.addthis.com/	1970-01-20 11:07:07	Name: na_tc Value: Y
.addthis.com/	1970-01-20 11:07:07	Name: uid Value: 6231880363224fa2
.addthis.com/	1970-01-20 11:07:07	Name: ouid Value: 62318803000110d8afc7c8dec4125ab2263f617c832073189ab3
.dlx.addthis.com/	1970-01-20 02:20:05	Name: na_sr Value: 20220316
.dlx.addthis.com/	1970-01-20 01:36:53	Name: na_srp Value: 3614
.tinhte.vn/	1970-01-20 10:58:29	Name: __gads Value: ID=505bfcd1677e4221:T=1647413248:S=ALNI_MaCNzVJX2BkxC3L7xdKC5ux7aWduw
tinhte.vn/	1970-01-20 01:38:53	Name: __uidac Value: 167fb43a198e7820074acf8acdfbd6be
tinhte.vn/	1970-01-20 01:38:19	Name: wurfljs_cache Value: %7B%22advertised_browser%22%3A%22Mobile%20Safari%22%2C%22advertised_browser_version%22%3A%2215.2%22%2C%22advertised_device_os%22%3A%22iOS%22%2C%22advertised_device_os_version%22%3A%2215.2.1%22%2C%22brand_name%22%3A%22Apple%22%2C%22complete_device_name%22%3A%22Unknow%22%2C%22device_os%22%3A%22iOS%22%2C%22form_factor%22%3A%22Smartphone%22%2C%22is_app_webview%22%3Afalse%2C%22is_full_desktop%22%3Afalse%2C%22is_mobile%22%3Atrue%2C%22is_robot%22%3Afalse%2C%22is_smartphone%22%3Atrue%2C%22is_smarttv%22%3Afalse%2C%22is_tablet%22%3Afalse%2C%22manufacturer_name%22%3A%22%22%2C%22marketing_name%22%3A%22%22%2C%22max_image_height%22%3A568%2C%22max_image_width%22%3A320%2C%22model_name%22%3A%22iPhone%22%2C%22physical_screen_height%22%3A89%2C%22physical_screen_width%22%3A50%2C%22pointing_method%22%3A%22touchscreen%22%2C%22release_date%22%3A%222017_june%22%2C%22release_msrp%22%3A1150%2C%22resolution_height%22%3A1136%2C%22resolution_width%22%3A640%2C%22webp_lossless_support%22%3Atrue%2C%22webp_lossy_support%22%3Atrue%2C%22version%22%3A%22f8bb8b8%22%7D
.adnxs.com/	1970-01-20 03:46:29	Name: uuid2 Value: 6209125656314679946
.casalemedia.com/	1970-01-20 10:22:29	Name: CMID Value: YjGIAwatHlVODEZs3tnuaQAA
.casalemedia.com/	1970-01-20 03:46:29	Name: CMPS Value: 3267
.coccoc.com/	1970-02-17 11:35:30	Name: vid Value: Q9uSQTTSToySyCC6
.adnxs.com/	1970-01-20 03:46:29	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb=XT%!C!1yIE`fS1ueD1W-044)d+]Ufb@HoeIqNcxsEqR8?Eq:z^ovr@Q2cU[AkP1Z*P(hw9P-HC_#u##X)Ti`O
.casalemedia.com/	1970-01-20 03:46:29	Name: CMPRO Value: 1202
.advertising.com/	1970-01-20 10:23:55	Name: APID Value: UPf45d8e56-a4f4-11ec-93af-021f01e9bc5a
.spotxchange.com/	1970-01-20 10:22:33	Name: audience Value: f45f667c-a4f4-11ec-8161-10ffbde80306
.logging.admicro.vn/	1970-01-20 01:36:55	Name: __NM Value: -1
.casalemedia.com/	1970-01-20 10:22:29	Name: CMRUM3 Value: 2d623188042760CAESEFuVeeZBC-8aXGcsRE8J-Dg
.yahoo.com/	1970-01-20 10:22:50	Name: A3 Value: d=AQABBASIMWICEFu4qACyLoRYCJTV6TVhDtUFEgEBAQHZMmI7YgAAAAAA_eMAAA&S=AQAAAsHpCqikTnE2MLbHlR4nESU
.redintelligence.net/	1970-01-20 03:46:29	Name: 8lcfmzhxc8d6_uid Value: 09243132d6fbd0ce
.logging.admicro.vn/	1970-01-21 21:24:53	Name: uuid2 Value: 1647413252090616896-60001014-b76aa6f5-9a86-469a-ba0c-7ebb2119c975
.analytics.yahoo.com/	1970-01-20 10:22:29	Name: IDSYNC Value: "18yl~23s6:1762~23s6"
tinhte.vn/	1970-01-20 10:22:29	Name: __M Value: 10_Windows+10_+_+_14_99.0.4844.51__0
tinhte.vn/	1970-01-20 02:20:05	Name: __NM Value: -1
tinhte.vn/	1970-01-20 01:38:19	Name: __uid Value: 2574132493117783970
tinhte.vn/	1970-01-20 01:36:53	Name: __IP Value: 3117783970
tinhte.vn/	1970-01-20 01:38:19	Name: __create Value: 1647413249
tinhte.vn/	1970-01-20 01:51:17	Name: __uif Value: __ui%3A-1%7C__uid%3A2574132493117783970%7C__create%3A1647413249
tinhte.vn/	1970-01-27 08:48:53	Name: __tb Value: 0
.lg.nanda.vn/	1970-01-21 21:24:53	Name: __uid Value: 2774132525584370287
.lg.nanda.vn/	1970-01-21 21:24:53	Name: __create Value: 1647413252
.adsrvr.org/	1970-01-20 10:22:29	Name: TDID Value: 674df52f-73e4-45b2-9905-bfb64b7ee98d
.adsrvr.org/	1970-01-20 10:22:29	Name: TDCPM Value: CAEYBSABKAIyCwjIwLDE8sjDOhAFOAE.
pb.media01.eu/	1970-01-20 19:09:31	Name: DTU Value: 22D8083A42C7C92B7032B89CC787D8D6
.casalemedia.com/	1970-01-20 01:38:19	Name: CMST Value: YjGIA2IxiAUA
.dlx.addthis.com/	1970-01-20 02:20:05	Name: na_rn Value: 1
.dlx.addthis.com/	1970-01-20 02:20:05	Name: na_sc_e Value: 1
.office-partner.de/	1970-01-21 01:36:53	Name: source Value: {"webgains_webgains":{"timestamp":1647413253602,"clickCookie":false}}
tinhte.vn/	1970-01-20 02:20:05	Name: fg_version Value: 3
tinhte.vn/	1970-01-20 02:20:05	Name: fg_uuid Value: 8294256532a9432be8ce5cd77e5a2328
tinhte.vn/	1970-01-20 02:20:05	Name: fg_lastModify Value: 1647413253914
tinhte.vn/	1969-12-31 23:59:59	Name: fg_guid Value: 2574132493117783970
.o2online.de/	1970-01-20 01:46:58	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTcwMDAwMDAwMDA2MTY0NzQxMzI1M3ZsZWExZGUyMDIyMDMxNjA3NDczMzY1Njk3NzI4Nzk1WDEyMDIxMVYxMjI2MTMyNzAyTVNvbmVpZFlYMUhyZjE1c3BCcEhWSDlIZXRRdFJSOGNBVDFUNm1Icm9uZWlkX19hc3VpZDNSajR6RGttOGE0djI0NHNYRnBRSXA4dk9ZN1M1TmNpYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDEzX0JsYWNrRnJpZGF5UHVzaDEyMDIxMQ
.o2online.de/	1970-01-20 01:46:58	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 01:46:58	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022031607473365697728795X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuid3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nciasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTcwMDAwMDAwMDA2MTY0NzQxMzI1M3ZsZWExZGUyMDIyMDMxNjA3NDczMzY1Njk3NzI4Nzk1WDEyMDIxMVYxMjI2MTMyNzAyT
.blau.de/	1970-01-20 01:46:58	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTcwMDAwMDAwMDA2MTY0NzQxMzI1M3ZsZWExZGUyMDIyMDMxNjA3NDczMzY1Njk3NzI4NzkzWDExMzc1MlYxMjI1MTMxMTA2TVNvbmVpZDlNMVNNZktNdHhFcFNLSEJIMnQ3dHJycXN3VG1UeFZjZG9uZWlkX19hc3VpZDNSajR6RGttOGE0djI0NHNYRnBRSXA4dk9ZN1M1TmNpYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDEzX0JsYWNrRnJpZGF5UHVzaDExMzc1Mg
.blau.de/	1970-01-20 01:46:58	Name: nscQ486 Value: V
.blau.de/	1970-01-20 01:46:58	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022031607473365697728793X113752V1225131106MSoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuid3Rj4zDkm8a4v244sXFpQIp8vOY7S5Nciasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=113752
.rlcdn.com/	1970-01-20 10:22:29	Name: rlas3 Value: vxHsFuLxOGGVK3qvqqJu6pKsgKrBB8WgnZsopVjpAvw=

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://media1.admicro.vn/cms/arf-NTU3OjE1NjE1.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL3Y1GUair75StFaVHozacN47mcQJjGFMxI17p6fGb7G9FS3Iqsl5vDYMsBP99imRgf6ewOc5Ig8IhWt9R7euxKU1ypjaD_ Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPJgXDO-hrLYcWjtkqmUx_fWv1okXYdGGadC-BjqDwR8zDgbdCZVN3lYEIRJjUaoF67QrYyKIKIIGQ6J6j94GIjlGZ8ppu0J&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_cver=1&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_push=AYg5qPL_mWpBicIxKp7YzKEtiiBRFBgLNJxhRP4xSuczVoWItvXVN9n_AMEFnliLUeIwciAb9tkRm-e8E8hneNLzgl7TMmo49pvJ Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjGIAwatHlVODEZs3tnuaQAABLIAAAIB&google_push=AYg5qPIgX5qRKvMi2kA9CYExZNyrkQ7uKYSPIFkKvAgrj21Dld3AEcjEPqmHyYsPWlvsyjhV62MtFKQ-RHxmsQh8DX1MPa_9nbM&google_gid=CAESELUhSeTDvH9zS4LdZl90UpE&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
6485b91e87f04b8ea4a7fe7a8f10c081.safeframe.googlesyndication.com
ad-server.eu
ad4m.at
adi.admicro.vn
adminplayer.sohatv.vn
ads.eu.criteo.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adv.office-partner.de
ag.innovid.com
ajax.googleapis.com
amcdn.vn
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
cat.fr.eu.criteo.com
cdn2.cache.vn
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
connect.facebook.net
csm.eu.criteo.net
d.agkn.com
display.qc.coccoc.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
fgp.philacct.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
hal9000.redintelligence.net
hal900012.redintelligence.net
hal900025.redintelligence.net
i.ytimg.com
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
imgproxy.k7.tinhte.vn
js.rfp.fout.jp
lg.nanda.vn
lg1.logging.admicro.vn
match.adsrvr.org
media1.admicro.vn
medialead.de
odr.mookie1.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pb.media01.eu
photo2.tinhte.vn
pix.eu.criteo.net
pixel.advertising.com
pixel.everesttech.net
pixel.rubiconproject.com
prod-rtb.ad4mat.net
pv.medialead.de
qc-static.coccoc.com
qccoccocmedia.vn
rtb.fr.eu.criteo.com
rtb.openx.net
s0.2mdn.net
secure-gg.imrworldwide.com
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
ssp.qc.coccoc.com
sspapi.admicro.vn
static-de.ad4mat.net
static.adsafeprotected.com
static.amcdn.vn
static.criteo.net
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.teads.tv
tinhte.vn
tpc.googlesyndication.com
track.webgains.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
cm.g.doubleclick.net
104.90.104.248
104.92.72.137
123.30.151.76
123.30.151.81
123.30.151.88
123.30.168.3
123.30.175.112
123.30.175.43
123.30.175.51
123.30.177.116
123.30.242.13
123.31.39.137
125.212.247.214
125.212.247.8
138.201.63.150
138.201.84.245
142.250.179.130
142.250.185.130
142.250.186.130
142.250.186.134
145.239.193.130
146.59.70.99
178.250.0.160
178.250.0.162
178.250.2.135
18.156.47.94
18.66.97.9
185.64.190.78
185.94.180.126
2.21.141.232
2405:f980::1:10
2405:f980::1:13
2600:1901:0:76b9::
2600:9000:224a:4800:1e:a43d:b640:93a1
2600:9000:225f:5e00:8:48e:53c0:93a1
2606:4700:20::681a:61b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700::6810:125e
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:80:807::2
2a00:1450:4001:802::2016
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:809::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c08::9b
2a00:1450:400e:80d::2001
2a02:2638::18
2a02:2638::2
2a02:2638::3
2a02:26f0:f7::5c7b:e051
2a02:26f0:fb:5a3::7ca
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d01c:1d8:8101:6a54:37cb:fd61:b021
2a0b:4d07:102::1
3.126.56.137
3.33.220.150
3.67.115.82
34.237.61.1
34.246.197.130
34.98.67.61
35.186.253.211
35.244.159.8
35.244.174.68
37.252.173.22
46.236.13.147
46.4.62.19
52.213.111.123
52.215.248.120
52.30.107.253
54.76.176.197
69.173.144.139
78.46.85.162
84.200.5.215
88.198.250.30
94.130.102.164
94.23.99.218
00e911afb03ae0b0fee67182394d6198c0650fd0de9824f1ead25d2fd9a4870e
01b8f0af105e0ada2d3c18d779e290524ca4a325d20c5039236528ada5e80ea9
02627657cc895345b5af20ed513f8206431bd798c1897826c75d90eb42f132f8
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
044d852b21bc3bc8fe606adc9abfedf0254e01b9e0b384c8c21c14ff13e94bfc
046936109dc39d4f3bc4db8ef2a0346727ad405a30f6d78c807d46153ded680a
050104f4133404fdc6fedbaf4f93329faa2bec4ae2a72fc03a802158ee81c074
086ecb10f2969462c0a9f99291cc51a2b8eee42dbfadaed98dbfefadd94a59ea
090aeb5e05376a08d11f636d5c602f1bb8cf61d7db2a2ecdbdb53eb02d646e36
091ba54ab7ec0bd54d45635fc4d137c00d58d2ed91c55b104467a95d3a02955f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
095ed2990bb56460546996a4d6cb7f1ac78a77a4aa838580d1b5f4a4f8b10d6d
0aaff843d07f3d074dd6dc797a05226cccff351ee6ce849b316070b54a6e8701
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0be888ac8900465617f589d4248b98a9e0a16665813070a975bebc51a8990be2
0c5572c936903c9d755f7d3e3f5bc96f84843f82c1ed24bb3d54ed068c4142ee
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0e91b8b28259773e31768c7432fc9aa55efa11b57900a7085a754e80329c82b3
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ec09a1950b0dd4489389e16dba633b49a000322539cf61340e06b28f5462e27
0f0fb4b01ebe72db6ad4251b31d6849c51c5423ec62042a77923c876b0341d54
0f1e24d28920644dc123be8b65f95e7ec512149e1434c8da33bcaefca5993237
100e523c5485c1e215d34e9e25e20d0050c0f37ded3349491d5f7647f9b2f28d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
124a16c1b22547c7c9d773529921ec539780c9119da28e705502fd51b80b8696
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14b126d34a8400aea952c0492d66f2c1b13b2a6bac3b38245bdbc0b437838254
17527ef4ac81e67813b3299e5a221f1dc6dff9c1bb268289f2b735d425259f30
17beb724d6442cefce729fbb45d21875f3394176eda9b0380edd1fc59c013879
192873853d478c9c58b6ea5154619e1a16398ba8d18e107cde2b214de16eb2a3
1a700bbc3eba7686b59511a6fba2ca86361f0147f540aa68372ac2519d460f6b
1ae24aa1cddde31430e323dcd8376e202aa0e1b3090345656ae63a488565a40d
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
24d223d0197b4bb35fd2457d335cd840d00ecbb7746d3464dfee4a9ca141616b
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
27b239a420ae7fa374d0f9c8909df92e5244562241a00b5c3f2927dbe145f8d1
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2c57c65c9713b2970f126912abfeed682d8fa9c7b081c9c0275b4548a12d21c6
2c8c4577d766f4752a68652eaead07ac404c2c1da1c97d446645e7a37bd6936c
2c94d7f479e66a2ae853b8b05f186f1cd35e2c77868dc5627eee04d01f985725
2cffcfaacd57b1261f9528bf5cf177907f5dbfc64d5f39796a8bb329e8d1a430
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2dc5d31e2cf1e29f3430eb2dfa1ba9911e08ee401b61dd12f40e0acb047a17a3
2ea929e34bae3e6e23a4cb11f33f500d91426bce9e5877ca36932fea0ba3740f
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f5017c2cad0e876dcb066b8ffd61f2e93ce20c5876f2057c075fb30fc9208c0
30aa3e8a9ce94fdf91bcda4d86c5787ea51e19745e6ccd92d579376714746a06
3153c27085802eefb01b348d02b285449539b7b2217dfe15bc38713cc143b166
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
32d093159756c9c2270cef89318f1e0f77e97ebd48e38156df4c28bbc2aa91e5
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33ed292020df6ab75f33a2ac4835482b40029f36dccea2b025f5d40838715538
35ba2d60fc5980a5938abedd0b132d464e5d6858d0c09c17f6fde36502b25e51
3724543e0e8a60152a42a8c091c2e37e8a3412a8d6c606d1b79d6f30759943da
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38fae82219b536c5750f7d9df69c2fe43bcc231b0d2ae3444704e095108f0c46
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
3a0f971765cfd5b5e07a86cec8ae4f80a1f8b61f707a70c9201f386c42975e8d
3a5326713f2400af387d59d61486e25730a0ea78d036cfa3a748ac263a422a7b
3cc8de9565f70673f6ac39fafe569feb02a07ff8ae9125bd22d51ea1b6e59462
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
3ec7197444dfb5b963a95a856694e736775b22725b5641a0f9d645e5e626cd44
3ecad2f79ebd41ceb45a05928997f84f0aed2b584b6236b223238aac78ae6163
3ed1d10628f647897cd87e6711af68302c2039e157e8002d660d91119ad3d17a
3f69f34394b8917eb6a6fb4e903d597a0248e06e11e01a760009df39c7fe8314
4088a57f5a85cb20abcefe95e002d9080e33d87c7a1a2bb54f176e19c1b8e184
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e
45938bf50a75bc2a012afbd642eea832c2b933114d546ceb4a505c8d062fc551
479a5a8ba049dc0c16a8aea0b2e3480dde08fdaec9510d6b00290eec26641e1f
494fb40acd465b9972857bf45b1a26d60dc20e3b522f94432381b0773151c2e8
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
4a588ad14a32de067c8e586e763d5fbff778824c62be5b4bfa8c94b36b149662
4a9311ed0f0c4ed97f84a4d4dea6b7009148d78cbe5c7f693be362f5c7b080e9
4b543a57d544d01c76879e1d9051f388ec08b01a85312119c3f92a4037f3d9e6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c1d5cf816a4f12151b15e1ae423892aa7dcdb76272cf7a2dcc1c3bb507ab8f0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3a5894e71628ced83517280f213abe0328eb324f06a6d0cb2886f7501f231c
4e9db017155248715a973e4ef9de72901acc22d30d50f8a7f9ce7cd29ea9965d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50ef77c247263fdc6e0308a69334a3064176a1f4803e90eb0b45370231044fb2
5167af471ae9d0e6397195522946e9fc14e3fc6c8ef349a8e497a079dba81632
527518673a83e9145dfcf4aeb954dd457d70ce41b89a54a2469edc2890f48a98
535b7acb6e5a1569a76fa15f88a4c37d9e09d30593a13729a502d4038d391b88
55858d6d28844c52ec228f8c960861e41ffea3f61e684eae908ca7a1cd946785
5591b3daad6af265de20f4a9ad57a5e672d367fad48d4e8e659bc2b5fe6a13b4
5595787a462d7a21960327c560310d687c149bd8e7722645d0395eb29eddb44c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5804a4893b9e900006e1efd5a0c070eb82ce27a023aec65f78b44767a9efb256
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
5b542fa63865c7855e651a48910a341dfdd0508ec6f293e1253537b2778e2742
5c000fc3c895b7b703ddde26da0f477a9c0d8375d4cb0b4b32cb796a3a3e16c0
5d760aad03bc4ac8a4fd9068883549af9c1dc154081f62b98f0e493748ba91f8
5e1c3f33497aa6d4634f97ef899766badf413e3600c94db6dce7bf13224c0cfc
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
6041a8e047c178797edf1799c9ee9bd31b8ed148c64d8ea306f22e523f85c5da
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ce3d5efe216b655b63229b3452871c342e210b8da04e02a32638518e4acbb6
62ae9e5ab6b145b3adba8507c88e2fdee9fbb3f44c945b5dcb5af4dd3f335f96
62b31325228b88985eaa861118d77efac9de9216a1486cae9a22665d6e37ddd0
639665b9e97aad7d30114d5b9b4d4b391d1ee6e870fd4515ec28e5a24c22863a
641c466f4ae65627c9e6f0b74e49be0f8b49decc483f0e65a5e6c4093515c23b
646cb84d81dfc94326d09484b9b4a57e822f2173117a1fcea2acbc6c2bde3287
64d1c0b5581fbf6cc7c78a79352903fcdf903b4ce5070d4106469b15c7ffd7d0
658b6e82561efba7dc3816608f2ccd5022bbb7ba15b81a4bd50a3a783da7b020
6599d17a2ad8811cbc94f22260f064283c021199ac4169087f32d17d16902585
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
68e703bcfbbf22e30015001718e92ff5940cc79bb31316750ff76e7d5cf61ba3
6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6f6940be0835c3ddec9199e5fc42be4cbc61ebcfd58c623fdf719366253f1780
7020b1a5e5545b28092a6791ffe0b05544aedf190211e14b2c2db5c92298140f
70283d549fee6151ce5fd76fa0fdd4c5ae1741b25f41930e1d1245717b55ef39
712cc0dce8f2ff4f28dee6a611ae13a6845966bcac7926bf9c5f67a0eef44421
72dbae5ea7cf4802f48cbc7576b59bbc166f0ffd12bfb67c8d962d89a7f0af21
7322666005dfdb2c9705a8520adc45caf228b202f70a8768d0841e522a8631fc
73efd8e57c3426b6fea6d17363a4d3a6c38bf063b747b009b54e34b2db79689c
745f43e1ad703e1a3284fca5f58914fb1c635ba746b8e2714dc042c08298f719
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7ddcdb425051dbc349b91079fe450031f1c28e182aa24974ddfa20a92b4facbd
7eddb2259dd579a777d00e79511e7f265ddeddd3aadd2dd48a03bcec7498cf22
802b5ce73592b47ab3a7450cbcd86407490be93eea2285e110def0083b82eadd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83813d865845a4426195e707ca6776160285f5e380388bcced04e1fb1cb98a64
8409ddadb3657d33491bbcbd222b83c6d2b7941bb956be9ba148ed4bc12172c9
8418d845d445279e24530524409e38642eb15acb4f46087fd46bb352486ebcaa
84336382b409b34c47e802a0ee62875d632123f9138052109f22ec5caafb874e
843f199c8fc26348619c1030edc1af8961b24fd229e40b5750422d8ece730a66
84c2ea0497b2eff8e1380858935d4bc1ce22d10310fd556ca2ffbcc2526f708d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86455544b1d046c7723c7b0c19fddf959e2e1903fba3908c11e5d97758030bc7
86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a
890e64ed2dca8c993342aab183adbb518fcd8f6c9825efc63522587244ab0caf
894179a40fe5bfcaa822c7ed86c2b140b528c9d4f7f0059669b34111ead36ba1
8cf7dda882e3ecbb1148f8f27e1ec7c8852579bc8479a0f086415f5ae8099b58
8d07ecbee52d1424bf8f1fefb3fba71a976cbbd7f6a4513e7b72bc09f6193765
8e07b3198d3b3023f005b24913cc6f02e820873b7e21e1d9520bf2f89e64b329
8e503fe67eef6d53b7297abd5062e4db7a6b381eaa7d4ac4f8c53a9bb08e248c
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
8fa4007ae24286402a70ec7e1383c2346e6b9f49aa7307abfbf9d957d8253e63
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
910f32e1d6020fe77642d6e814158eb5a7274a465c090126b4c9706eabc0f798
914798ab5d2f06c9e09341a9769df1848c7618587e3aa657e3a2ccc4620c0dbb
91908bea2f90521f73741cb769af1e3f96455e4f92a5a053bfba21c697269bf6
92cdf2a69e890fbcbdf1affdea54190e098e21f97fa007db7244655a0d9ee5a5
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
96708356f09dd15891b3b4564ae0b4d70a1439c66b46bc58c4f15c4b8f566dc6
96a531f5434b8ddd141b92cabf3d69d37374bd0b9ba0305547e3e014fb5b9dee
98952174f97731cf91afb6093fea664a2ce5939797f192d1ae4ee003bd21988f
98d199db60e8345aff777954a118cb8a2952043a6208dece67f848c73390a5ef
9913f4d49e82dbdc71fb83e0fb6d3bb9a9488ce7b8ccc0256806c5cc2dc7ddbf
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac869e1f9637979419b90a86f7ac246d9672f153b28be9b20d624bbcb6baa36
9b7c7bf5c4e6f680db7a443955079d0624679c918a96a95626a7bfeb79ae27e6
9b8ae796f30c05937ec5e849cea83f724110455de28d7619809a2b10ea5d803f
9d67aa5b7c9ba83630611e222db37d296bea8bf2d28db047e69bed1c01ef6acb
9e64a159c0ffe87b8a2d15ee3891c49c2705a0f898d9adcd865ffbc57163ba46
9e9efcb83c65b19c1e5beda26cfd017576e8ed57bd67876ca87f7634ffc8bf8e
9ea21905a7edfa4ceda705f977891d5e100f9709318836cfacbab47ad3321ff1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09892391e0c0a4a3143fa9d358036eebb7949af6641bce45f51ac833b609149
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a10a30fe77c1783f28469cc79ebf3ed5ec719650e3cb5674967e3ea419107547
a170573fbe5efc3f98ee6cc7a10e68540fc6829ab8d9f5df424b1c86dbe6d2ae
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3a48adebcf2e9a4324902fa52d4b3c4ddb47f4a7d57af8736f659b568fc7d92
a3f9e8f83d73bd3da9cd0e98d1d3be4ec421fc8573c95bd277854a4d4eea9ca4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5e43c5d015131fec23100c79c1a133aa97ffb208681400ea395dbbcf0452e13
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a79fbeaa5ac66e22c54579f807d787f4bc5dfe9bf9eda4f278e5549f8c8d80af
a7fe040c480d063fe0748cb10eebe8ff1042da8f1fefd2e77bc66fb5a50f7805
a904dca64adbcb280ebf7e9aedff71569538ddcdd2966fc5c887ac49d845a7f1
a906aaa77946be7250435250a64afb95ddb7e97e161b44e5772fa71c264b73a9
a95ca1b12e9363f9ae590bb8a767cccd45174364b44833624691822ec63c55b5
a9c34e41f55683584c7576b8de7b7f956ed726a8751d5f011e19812195d50cfe
aa1cebcafab2a2b388422e9014d4dfaa7019de12ac4e08e0e9d3b9f984a28239
aa2b7ad8235fa3238c0dffed231a804d1a32914c57c23711b4488f92a9514846
aa757229dd475b6eb8d464b1dde010ec23b4ff478da2124daabb10b80f5fcbc9
ab5654bf1a5ee5c9f0f3922b96de788fe41cb2f87e0e1cf58569f39303e75edd
abe98267d83b989d8b48884bcb29c2d58538eb70de942e5ffad5a6971d19a433
ac28e1764efb4889fb49cc6a23fe7ec2f0ae38159c77fbbc09464f3733feb6cc
adcbeefdde784372fa40e998783b84fd277678130f8495dc76613696ed1d87b3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04459c2b27ea0aadbe9c2b6eee0a58c02f46b860ca3a7ca6142e0aedb013a62
b0cb89a45d4cf607296f2e44ece00e316d5ff0916072d513a06d83cdf7680dae
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b46c40bce39aa9fad8d5b873877b321d723fec9a9b0e685d5bbc2e3320a5a5a7
b6cd300e5defab2ac91d8d4fe7569db7a241b64f1d410c6d24dbf2b3d4438d04
b7c6c98c959cfa75a37af0886b1c71f9ab43fe7576939377defeacfeb7719da1
b83eee3486cfac26c290d0d41ce54ddb872725faefcaa238583d66d74dbb16b0
b8c623429c5e07dac6c0cd5edf40ff25496628f870384807d6bb31714cef8b2d
ba155ce79a760d3b2c9b07e1df693506e249854895efd9c0b0eb34bd02c7c82a
bb37fbe4c60f6077fc93505ad01b0c59ee1f0aa258555d83248197c6f15efa1d
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
be26b356d902d2e2183d921f5869cb107d1b02907edb78e3620e13e5775e71a6
be3f9a55ec645fd5a42c8dbda5a5b3c3b43d4a0e2983f6329b1014ada876bdbf
bf1b8130069b44b9148eeece35e5423bedac49777ba746615b826b8276574a7b
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
c29e1752bc9b3a7313894034f6c3a197e8fbe28a6f9fb5a858d25f655742b540
c2c03b5e11f66a2a03aa75b24b9028130bd14cd912df196468a9c0743fff5cea
c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c51fd477f6b38663ed383a9ffd479cd5a900c7f678fd9b44c551bf88e9d73bc0
c55e5dc3172565d49900e73c04786827ba15c1826425cf6fc0db98ed1d8c0b77
c5aea8ef6e1dc16c18f2bdca876f57e556a1585435a064f6aae08e1b8a0f6232
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c7501bf41030689919d7ccb678292715fcc08dd4c6e80fcdc63e4d686d787236
c7b314bede193e724fbaddea45d80bdd780ce70251905b7c5fb3f745567c4d87
c7ea03a707f9fbfeb7260fc7306233d3b8dbb9fc9ac8603a54b8c89cea276a2a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851
cd82643b91689e4ef488478d382170fc4951d251e1b45b35527ef634fc0655fb
ce252b5f9b60739252a1b2613d1854ff770398b3363f80c83f6e2bd5f16132cf
ceb6019241751dffe336346c5c4540634a286aa657911b6766b77e6ee4da3620
cf2648dede7a4e974bd3caa8dd38443450e7a1a29b764e1b9cefb0b6ad288bb9
cf974a517ca9443c28f017a0e6867943a14ccc4484329d9c296861981fbaf9ff
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d0c120214f1286dfb611184b8645e8e700e978f9d9d7b947cb39dff74871b898
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d0ec2f94d09bce29d4c929862866e00386eea7a06b8f7467520310ea98d6b95c
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d1aeafadb84a84267f0b84a32f67b5016956413958f008a034d25e9e62f55a40
d2e14407f44af9dadb4b23e721a357fcfc4a861e6bd850f6bfdde44f5d91d017
d4abe0ab3ebdcc83eccd33a616828aef540e3eb1392169c9cd97ea71ac6dff2e
d533e01ec646c78eb6723ec5df7ac706d07d956321dc2b851c6294cb8a6afadd
d5d36ad03606818294e3d6c65000cda432697ea567bb86b72c98cd6928b3b7ce
d60213f6262d93ffd58e9e140c1179e07a1ef0f7fc1329b61479d3031ab4b82b
d7115cf06d4df2dac1341740391401d708853a555b5b5bbfdf135491e9e58446
d7c04fd7b81458f45e01ef6874ffe15fa95226d7ba3eb1bc6ed2b67596c17319
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
d9b8a32e1c8ddf74e7269b9b334e774b45119c87252cdcaf9e34917eef7c2fb1
dc126e2a9c8a6711ae603203ba1e009a32614a0344b168273100e9458e5528fa
dc1d01deec9eacf15c44dd2aa1f5b5547ac0438ec1fc23ee12abe91e6cbc8088
df6d923e4ef94af0593fa6fc67c3f269945c259dae8ad1a9843de972aff9a2d7
e056f74a1af444d057bf3f1e09dcfc5d2529307fefbc0f66ecad9509c9f5a4e6
e0c85fda20d3f75555f7d182072b04d5952f4e7f906c501a27abfa55ab67ada5
e11bb0fb09a4e42f3ce7d5911a1903de3f0cfcc08301edce333f851d54bce94d
e2085f33d66560ce39d7031da60131bff40d1fbf1a841bdf4c5c2909c53d7738
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1
e48227ab002b73c5b1a01b2e6fa51b614a3447736c1f06d19164af64dd8f7ee9
e4990d3e0028e6fbbb2a40f6413bd248421fad4d0f9542e49ebaf9e6da2e5583
e4a3bc6e4ac3190d81b7dbaa239f372bf997fbd43b7fb1979b9a20ced137ac46
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e591cabb8b6ba2d08a80edfe4b94789d08165ed38a4717630600ab8e717d3038
e5ed580c45b5c17722c0333fc6efc7c76d8284c8b673c22ba2c45343afdf78a2
e61fd45407ec94fcaf4f11a2a4cb98fc514a45a56d73be14ed0cbe8d896a4f4f
e6dfd122ec776f1401518366b7a3aa996ee8dc5c4ceba7d1340ecec12d1e6114
e77a090527ac97d11f27313c82684fa09009c201f10fb45705c3016f6477e1a7
e7e275e05d4f6591161b937a81a4e8b16d253bc3745f66dc1e6833848efe08d2
e83704c2259e615317b6505c1d82e582448d79b7975215fb823ca64920fc19e4
e8370dd5cad832657dc3f7ca968e56a88aa3d3924c37be3a392fa5562b91d0ce
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
ea9e39ef7d6483f5a11431604a477f32c303d9b6c11248ac82122137db0c1ed0
eb03d282c302450c7e92745a5a610243900e1912ed1e728746c0752940478202
eb0bcc749b956d8d503f0656ee073c30c950bebf54e9bfb438fff3592b6eaf05
eb524fd329d62647b3a41babbcd6983328026ef05521558a23a4040a2f07f14b
eba13edec073c7020325e996918b34cc9beeba1641fefdd88a1f00262baa2dfc
ebca386a3da7b767a27b3510eeaa687a2cf9dbe288432f40246890f4bfa46437
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ecfa156e6137f15beab57ab65c3067ca8640d7b76cef07210618ac88d5274f1b
edde818ca482b250fccc4de7d39fdcb1ef84160168fbb746861b18510b7d06a8
eed093ba9b853ddfd0595e19f46c18b3794ca75be2ed9be249d38e0b3695a832
eef12d2d2f180da68329cbe901d36b2bd6b349b015c373b1f972b47f8daa2410
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04b0e22c0498aecd4cbb86df9153c78f98b1735ee693423d19f4f02d0d429a1
f129a644d5e38e00d46dc1b23c5b05efee3a01bae02a491211b1c7e796f4ea96
f3378fe46260af6db69f15ecf07deddc08fdae31ba4b56a33be3bf395448d016
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f79a04353155744d66c819b48177c519ad891e7c11c1be87b6db41c70389b0c2
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
fb0de6575a8aea2366c7b48c6ef3a336883873951bc9d0d7c449ced208d7265d
fb811b2d43afd60ad897498b2fda66b7e11fb46c4bec9fecaf82a6957f5fda0a
fe3ab67edad59cd989c5d84574b0f9fe2614664cc55b803d808cabfe6cc4050c
fe8c6388e6b63c783351a1368f1aace1503be068747af86e818209f2aeecc96f

tinhte.vn Open in urlscan Pro 125.212.247.8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

493 Requests

89 %HTTPS

43 %IPv6

61 Domains

97 Subdomains

81 IPs

9 Countries

7540 kBTransfer

15523 kBSize

77 Cookies

24 Outgoing links

Redirected requests

493 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tinhte.vn Open in urlscan Pro
125.212.247.8 Public Scan

Screenshot
Live screenshot

Full Image

493
Requests

89 %
HTTPS

43 %
IPv6

61
Domains

97
Subdomains

81
IPs

9
Countries

7540 kB
Transfer

15523 kB
Size

77
Cookies

493 HTTP transactions
8 data transactions