tin8.tinxahoivn.com Open in urlscan Pro
2606:4700:3031::ac43:88e4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Submission: On November 22 via api (November 22nd 2023, 2:51:50 am UTC) from US — Scanned from DE

Summary HTTP 338 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 50 IPs in 9 countries across 43 domains to perform 338 HTTP transactions. The main IP is 2606:4700:3031::ac43:88e4, located in United States and belongs to CLOUDFLARENET, US. The main domain is tin8.tinxahoivn.com. The Cisco Umbrella rank of the primary domain is 552479.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 6th 2023. Valid for: a year.

This is the only time tin8.tinxahoivn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
41	2606:4700:303... 2606:4700:3031::ac43:88e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
12	212.124.124.115 212.124.124.115	47328 (TRI-AS Di...) (TRI-AS DigitalOne AG)
4	2606:4700:1::... 2606:4700:1::6813:824c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	123.30.177.102 123.30.177.102	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
19	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
3 3	52.28.254.225 52.28.254.225	16509 (AMAZON-02) (AMAZON-02)
20	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 5	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
3 3	213.155.156.165 213.155.156.165	1299 (TWELVE99 ...) (TWELVE99 Arelion)
47	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:fa8:8806... 2a02:fa8:8806:21::1690	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:be7c:8786:5b47:1e53	16509 (AMAZON-02) (AMAZON-02)
4	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	104.19.128.72 104.19.128.72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	104.19.129.72 104.19.129.72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9281	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.30.16.195 184.30.16.195	16625 (AKAMAI-AS) (AKAMAI-AS)
2	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
2	2606:4700:10:... 2606:4700:10::6816:30fd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:e6:... 2606:4700:e6::ac40:c81f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
4 4	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
5	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
8	35.227.207.122 35.227.207.122	() ()
4	2a00:1450:400... 2a00:1450:4001:828::200a	() ()
1 1	35.204.158.49 35.204.158.49	() ()
1	18.157.154.195 18.157.154.195	() ()
1	173.231.16.77 173.231.16.77	() ()
2	2a00:1450:400... 2a00:1450:4001:801::200a	() ()
2	2a00:1450:400... 2a00:1450:4001:803::2002	() ()
1	2a00:1450:400... 2a00:1450:4001:81c::2014	() ()
2	2a00:1450:400... 2a00:1450:4001:80e::2003	() ()
1	2606:4700::68... 2606:4700::6810:5614	() ()
1	2a00:1450:400... 2a00:1450:4001:812::2006	() ()
2	2606:4700:21:... 2606:4700:21::681b:c358	() ()
1	2a02:6ea0:c70... 2a02:6ea0:c700::19	() ()
1	2001:4860:480... 2001:4860:4802:32::3	() ()
338	50

41 2606:4700:3031::ac43:88e4 (United States)

ASN13335 (CLOUDFLARENET, US)

tin8.tinxahoivn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 212.124.124.115 (Reston, United States)

ASN47328 (TRI-AS DigitalOne AG, CH)

aj1559.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:1::6813:824c (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 123.30.177.102 (Hanoi, Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

server.zmedia.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:e365:4988:e8a7:3270 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.254.225 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-254-225.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Loerrach, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.165 (Sweden) 3 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:21::1690 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:be7c:8786:5b47:1e53 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.19.128.72 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.19.129.72 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9281 (United States)

ASN13335 (CLOUDFLARENET, US)

cl.imghosts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:30fd (United States)

ASN13335 (CLOUDFLARENET, US)

tag.adbro.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e6::ac40:c81f (United States)

ASN13335 (CLOUDFLARENET, US)

player.gliacloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.70 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.254 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.227.207.122 (None, )

ASN- ()

pixel.gliacloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200a (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (None, ) 1 redirects

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.154.195 (None, )

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.16.77 (None, )

ASN- ()

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (None, )

ASN- ()

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (None, )

ASN- ()

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2014 (None, )

ASN- ()

0-3-216a28-dot-living-bio.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (None, )

ASN- ()

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:21::681b:c358 (None, )

ASN- ()

cdn.plyr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::19 (None, )

ASN- ()

cdn-gliacloud.urekamedia.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::3 (None, )

ASN- ()

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	criteo.net static.criteo.net — Cisco Umbrella Rank: 668 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986 csm.eu.criteo.net — Cisco Umbrella Rank: 10557	914 KB
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	1 MB
42	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154 securepubads.g.doubleclick.net pubads.g.doubleclick.net	273 KB
41	tinxahoivn.com tin8.tinxahoivn.com — Cisco Umbrella Rank: 552479	883 KB
19	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 10450 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552 dis.criteo.com — Cisco Umbrella Rank: 597 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16925 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17732	184 KB
18	steepto.com cdn.steepto.com — Cisco Umbrella Rank: 91574 s-img.steepto.com — Cisco Umbrella Rank: 70323 cm.steepto.com — Cisco Umbrella Rank: 61811	225 KB
13	gliacloud.com player.gliacloud.com — Cisco Umbrella Rank: 35329 pixel.gliacloud.com	200 KB
12	aj1559.online aj1559.online — Cisco Umbrella Rank: 60218	86 KB
8	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462 www.google-analytics.com — Cisco Umbrella Rank: 27	22 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2	2 KB
6	googleapis.com fonts.googleapis.com imasdk.googleapis.com	402 KB
5	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 860 s.tribalfusion.com — Cisco Umbrella Rank: 2311	3 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	319 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	440 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 599	3 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	106 KB
4	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8705 c.mgid.com — Cisco Umbrella Rank: 6710 servicer.mgid.com — Cisco Umbrella Rank: 8714	103 KB
3	gstatic.com fonts.gstatic.com csi.gstatic.com	159 KB
3	de17a.com 3 redirects d5p.de17a.com — Cisco Umbrella Rank: 4905	926 B
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 912	3 KB
3	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 764	1 KB
3	zmedia.vn server.zmedia.vn — Cisco Umbrella Rank: 71361	38 KB
2	plyr.io cdn.plyr.io Failed	5 KB
2	adbro.me tag.adbro.me — Cisco Umbrella Rank: 23603	11 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440	35 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3451	207 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533	1 KB
1	urekamedia.co cdn-gliacloud.urekamedia.co	2 MB
1	2mdn.net s0.2mdn.net	17 KB
1	jsdelivr.net cdn.jsdelivr.net
1	appspot.com 0-3-216a28-dot-living-bio.appspot.com	1 KB
1	ipify.org api.ipify.org	222 B
1	bidswitch.net x.bidswitch.net	146 B
1	simpli.fi 1 redirects um.simpli.fi	715 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928	279 B
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 534	63 KB
1	imghosts.com cl.imghosts.com — Cisco Umbrella Rank: 11295	145 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	714 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1824	174 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 54581	609 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5683	551 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	149 B
0	spotxchange.com Failed sync.search.spotxchange.com Failed
338	43

	Domain	Requested by
47	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
41	tin8.tinxahoivn.com	tin8.tinxahoivn.com
33	pagead2.googlesyndication.com	tin8.tinxahoivn.com pagead2.googlesyndication.com googleads.g.doubleclick.net aj1559.online www.googletagservices.com server.zmedia.vn tpc.googlesyndication.com imasdk.googleapis.com
20	cm.g.doubleclick.net	googleads.g.doubleclick.net tin8.tinxahoivn.com
19	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com tin8.tinxahoivn.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
14	s-img.steepto.com	tin8.tinxahoivn.com
12	aj1559.online	tin8.tinxahoivn.com aj1559.online
10	imageproxy.eu.criteo.net	ads.eu.criteo.com
8	pixel.gliacloud.com	tin8.tinxahoivn.com
8	csm.eu.criteo.net	ads.eu.criteo.com
7	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.google-analytics.com	server.zmedia.vn www.google-analytics.com tin8.tinxahoivn.com
5	player.gliacloud.com	aj1559.online player.gliacloud.com
5	cat.nl3.eu.criteo.com	ads.eu.criteo.com
5	ads.eu.criteo.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
5	www.googletagmanager.com	tin8.tinxahoivn.com www.googletagmanager.com player.gliacloud.com
4	fonts.googleapis.com	player.gliacloud.com
4	c1.adform.net	4 redirects
4	ad.doubleclick.net	2 redirects ads.eu.criteo.com
4	dis.criteo.com	googleads.g.doubleclick.net
4	cdnjs.cloudflare.com	ads.eu.criteo.com player.gliacloud.com
4	a.tribalfusion.com	1 redirects googleads.g.doubleclick.net
3	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
3	d5p.de17a.com	3 redirects
3	pm.w55c.net	3 redirects
3	cms.quantserve.com	2 redirects googleads.g.doubleclick.net
3	server.zmedia.vn	aj1559.online
3	region1.google-analytics.com	www.googletagmanager.com
2	cdn.plyr.io	player.gliacloud.com tin8.tinxahoivn.com
2	fonts.gstatic.com	fonts.googleapis.com
2	securepubads.g.doubleclick.net	player.gliacloud.com securepubads.g.doubleclick.net
2	imasdk.googleapis.com	player.gliacloud.com imasdk.googleapis.com
2	tag.adbro.me	tin8.tinxahoivn.com
2	cm.steepto.com	jsc.mgid.com
2	cdn.steepto.com	tin8.tinxahoivn.com
2	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	dsp.adfarm1.adition.com	2 redirects
2	jsc.mgid.com	tin8.tinxahoivn.com jsc.mgid.com
1	csi.gstatic.com	imasdk.googleapis.com
1	pubads.g.doubleclick.net	imasdk.googleapis.com
1	cdn-gliacloud.urekamedia.co	tin8.tinxahoivn.com
1	s0.2mdn.net	imasdk.googleapis.com
1	cdn.jsdelivr.net	player.gliacloud.com
1	0-3-216a28-dot-living-bio.appspot.com	tin8.tinxahoivn.com
1	api.ipify.org	player.gliacloud.com
1	x.bidswitch.net	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	id5-sync.com	cdn.id5-sync.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	ads.pubmatic.com	jsc.mgid.com
1	cdn.id5-sync.com	jsc.mgid.com
1	cl.imghosts.com	tin8.tinxahoivn.com
1	servicer.mgid.com	jsc.mgid.com
1	c.mgid.com	tin8.tinxahoivn.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	s.tribalfusion.com	googleads.g.doubleclick.net
0	sync.search.spotxchange.com Failed	tin8.tinxahoivn.com
338	64

This site contains links to these domains. Also see Links.

Domain
ascendoor.com
wordpress.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-06` - `2024-03-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
aj1559.online R3	`2023-10-20` - `2024-01-18`	3 months	crt.sh
server.zmedia.vn R3	`2023-09-25` - `2023-12-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
cl.imghosts.com Cloudflare Inc ECC CA-3	`2023-10-03` - `2024-10-02`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
adbro.me GTS CA 1P5	`2023-10-12` - `2024-01-10`	3 months	crt.sh
gliacloud.com Cloudflare Inc ECC CA-3	`2023-06-04` - `2024-06-02`	a year	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-07` - `2023-12-30`	3 months	crt.sh
pixel.gliacloud.com GTS CA 1D4	`2023-10-08` - `2024-01-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
*.appspot.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
cdn.plyr.io Cloudflare Inc ECC CA-3	`2023-04-12` - `2024-04-10`	a year	crt.sh
1065237104.rsc.contentproxy9.cz R3	`2023-09-14` - `2023-12-13`	3 months	crt.sh

This page contains 35 frames:

Primary Page: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Frame ID: 19FC0384CB80F60B4BFD61EA6D863D1C
Requests: 146 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: 41E58BE3A12F66865C53F224250D7033
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&adk=1812271804&adf=3025194257&lmt=1700621501&plaf=1%3A2&plat=1%3A128%2C2%3A128%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621501487&bpp=4&bdt=410&idt=163&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8491574885203&frm=20&pv=2&ga_vid=1730419367.1700621501&ga_sid=1700621502&ga_hid=1401417511&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809004%2C31078297%2C44806140%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3592919157422686&tmod=908218760&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=190
Frame ID: 517106D91FD84E71DCF5D6D903D397DD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7158217283&adk=3375755801&adf=3353007588&pi=t.ma~as.7158217283&w=930&fwrn=4&fwrnh=100&lmt=1700621502&rafmt=1&format=930x280&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621502000&bpp=4&bdt=923&idt=4&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=20&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621502&ga_hid=1401417511&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809004%2C31078297%2C44806140%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3592919157422686&tmod=141995989&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=20
Frame ID: 155B55FC6EFC15C323A2071BA4A14533
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=8419707306&adk=350297942&adf=2243191896&pi=t.ma~as.8419707306&w=930&fwrn=4&fwrnh=100&lmt=1700621502&rafmt=1&format=930x280&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621502107&bpp=1&bdt=1030&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280&nras=1&correlator=8491574885203&frm=20&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621502&ga_hid=1401417511&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=2960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809004%2C31078297%2C44806140%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3592919157422686&tmod=299929489&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Frame ID: B17B7991BB5334E1CFFA48440133A84A
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1svgAA2FwCO9dUAAMEQu5H4KvyHqIm_CiBqA&u=%7CHH2ib0ITAgqwRlGNIckEOw9SSbSyyl9dNn%2B2cbyMyog%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe-gsqx7QcQj0ByoNabXMVyrX50foR229MVi2eMqAfJHTd2LbvHnxXFYLLvcQZTUre8p2o4LUP8uqeMlxJs2_-cOZgUOGN4PhDAKgeonBn5qmMq1TdJsuqnXOP2T7i8Ksw-TrMUedYB83EA2F2byNbGbb8LThsNQx82e14gv-hJhxVg5Pr-aHaLuoY4GIpOwCtLHg7943OKiCP3oBWtPpvRvlRd2qEDC2YklPdt0tPYXvUpcBgixjG5l-wAWFz77kkaX-EWWGWNC0QOdQWwfe80ZoEvdVQDBJ24v9wzTFMBGZgGYkfjE1eZl3VdAcEwX1dCHTRjWL9ROFeTDHmZaEJc9-MLbV6y_09uecIJhOF2EeqcZisSWvwwlS-sGEa3E_2vIKNNE7qcXb7CrNlcmpNJP3g61IJBdwMko2oBbJfJgeDkwbO2uxs50OVAWXWR8FKE87djOjw17wQywdv6QZBT00hl_XJ378eiSp_DklhSxnDUrBp6pR4L0wmi9hodj9GaVawymYlUPZU4ieZvQ7AU8Yal090IE3Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWB40vmxdZdywA9Su78EPwoiMmAXJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MTkxMzMwMzE1MDgyNjTIAQmpAlNuIrwJT7I-qAMByAMCqgSEAk_QlbNVUacNi6GZG1FKxFV6fPAcXZZGOXsKGCwxp_rpKXa-byt5oOM0qgmDAjBkOrSl8Ox_81ZVtG4xM_Q6qJ5Cz-YD7BsODh-q4iuO7tmmqO0yUAPMpF2755uBYhovJR5Nts_Eti4wBQYdhiw2jmBCSLKjYpwIIXkOsm4rt1KK1JfQrTGM74mdN--KmIbP1zy8Uqs30jANLZLrUGtMmOo3owEAWW_Q90zZdhPpcCkEdf4VEAQ7JTbVYtDWEZk1QJloTq5VmspzPxw7ZXHHNolo4jMeCPrfkKOmLagoRrERryGLEueScSCNPeN2TUsmXQ2hchL5-FBcMLz_0iNJ2zP3cM6pgAbs6KWm5_L3uY0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2S71E049cvxZ0XcoPd1zYLppZkTw%26client%3Dca-pub-3619133031508264%26adurl%3D
Frame ID: 7F1F5D4CCF6D87CB219786400D948D66
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4FBBCDE2C5062BD66CB17FE41C5B0F97
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1svgACW4UCO8-NAA-N5aLV9QKsIKpQd3tPPQ&u=%7CHH2ib0ITAgojBenMga5Kdxvmb1q8h%2Fh4xlvVQNGUL1M%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe-gsqx7QcQj0ByoNabXMVzLsk1cS1XTEAbKkXTYoZWgB9xCP3UVrc77I7cNvhlUs1N8O5DAT1DlQBD4yxpgnfrY-j3JBTOS7aVmYVxGiILLYFe64nbDIfUY5jN5mYErKFzc7IdWSWowv48YAfmBNZK3z9jC42wxQ_rRXEghCbAp_zzdOZ7cWZB0JfLVp2w5xxRC2MtemjwEMT7nO3CgDgnPg0b91q8jMJLxj7_CFDKIb2Qj5hItnaLPjW5qiiUvbEd5ZvvbFTmKUSV1tpobiw4T1-VFvsoAWJj0k2quDyjXMl4sC9HvZnqgte7ggmy1hRXVleUYzfCoF1wL--UjSL8L34Fe5dIlOlUou9T8nN1XEG-msJP8r8xUpZQeabikOSyMMrCvm-AKzbWDAWQ1au0AxKoRI2fJuoloYntLKesVFQUj_TuJYNVBkjRcdSOysqSPVe9wRy69f6fSGvqBgepvT-iFA3QJyQ9uY2Eq2FDv_ELT3PpQhjmRVZOcwaxgeGRV7CW6f12uDm_Bnt1Zk_KbNKAm0qMEBWVvPt8GVfs3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC5ySvmxdZYW3CY2f78EP5Zu-qA_JntKxXL2Ol_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MTkxMzMwMzE1MDgyNjTIAQmpAs6uyc6GTrI-qAMByAMCqgSJAk_Q6yYHGSmzE4_EntKLkYxmdQw-V1B84Pxo15sTFeyFaMcCjaFMWdCKR9JONt4W7iHky8nU-fTSnFmTUCm7GOtC4oDm0um8z9wbVjSHhNDqYi-I7gmX6ASyfYHcD-cQWeaZXCcWkLZd5qyZzHBIWlQpaXBrj_2PCGSaRdsiUcYers-YMVqbMggyYKegS2NozgSfV45JVM2Oor8FJmdu3QmM7hXzE6gqtqXJjBHgy8au3k_lMdl3bOUVF5un8ZQFcfxv5A2eZ1uEmir_dYWP4ovBM_bOjAexTyZCrFX2R829WPsYJ8A6linIBhUchYvfmDgKkVCGyQzrElxPhhca9CaRkXnt4dkYIB2ABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0MTTu2wk1s-IC305sy2kpsxmuqug%26client%3Dca-pub-3619133031508264%26adurl%3D
Frame ID: 0C953B7F76D1A0895606D59F4B0303B2
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 454E7645330BB411E885930F0F340A01
Requests: 9 HTTP requests in this frame

Frame: https://cm.steepto.com/i-noref.js?cbuster=1700621503145998588219
Frame ID: 58E8FBB14573F1FF9EAF32B7381EB28E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264
Frame ID: E53FC0792048119CA3BD79766789D4E6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&adk=1812271804&adf=2373185790&lmt=1700621505&plaf=1%3A2&plat=1%3A128%2C2%3A128%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621505619&bpp=4&bdt=67&idt=79&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&nras=1&correlator=8491574885203&frm=23&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621506&ga_hid=1001760996&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1855113125&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=588912739335768&tmod=513809925&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.fv2ac081ig98&fsb=1&dtd=105
Frame ID: 4B9775041022BB4C65F8E0DBE34D15C4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=700&slotname=7796836873&adk=4253876812&adf=3279755400&pi=t.ma~as.7796836873&w=400&lmt=1700621505&format=400x700&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621505623&bpp=1&bdt=72&idt=118&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=21&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621506&ga_hid=1001760996&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=270&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1855113125&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=588912739335768&tmod=513809925&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.l63iodch9xxg&fsb=1&dtd=123
Frame ID: 5E8D3E64691498FB377C5D683E4D367B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264
Frame ID: B6B65B095681816F8F0C36FEF9D09848
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B93BB8621BD724615F316F2FA038EB81
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9D2B8D2A0BA8FD79878FBB331A7E3E44
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&adk=1812271804&adf=2373185791&lmt=1700621505&plaf=1%3A2&plat=1%3A128%2C2%3A128%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621505849&bpp=4&bdt=78&idt=95&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&nras=1&correlator=8491574885203&frm=23&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621506&ga_hid=1046684914&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=100&ifk=2284155398&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C44798934%2C31078297%2C31079699%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3752036220882487&tmod=1255810988&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C100&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iqcjf49rzlez&fsb=1&dtd=112
Frame ID: 1F6C53A5E53A73E2C2363CEC95E8742A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=100&slotname=5127037000&adk=1698990200&adf=3279755403&pi=t.ma~as.5127037000&w=400&lmt=1700621505&format=400x100&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621505853&bpp=1&bdt=82&idt=117&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=21&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621506&ga_hid=1046684914&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=1100&biw=1600&bih=1200&isw=1600&ish=100&ifk=2284155398&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C44798934%2C31078297%2C31079699%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3752036220882487&tmod=1255810988&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.zfishtrbytjc&fsb=1&dtd=125
Frame ID: D744F5B0C24110AEFC3DA9DA669A30E7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 87DB15A2DD5B02BAC15030B4FD0BB5EE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1AF08AC42AC8947D39AC2422E9EBB10B
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1swQAL578CO9dUAAMEQinai0CCD9xV5P7nSg&u=%7CpJ3WQi6EmEdiwTPlB%2FFFnPbewXAkInM5e%2F5rJmgcXfE%3D%7C&c1=VEd5MTeK-DXZ_xpexaO2-6frMMVgtFyD9UEnP5zsHUdtRkd5vOLWBwF71FhG0uSmJXaBoAvoAonhebQaPtw_tcumgLl9mbFDrylQIqHxfPRUtk5ab8XU4BUP19yE7wCqEXWdEi_ayvNdXVsuxS4P4_FBvdhNtijMA8HVRCONQs8-QPp2gfKjHzORak7D-4l_j5BhSalyCqokb90zzu063Q3ZHL14yQL2xufsOb_pOwrjOLaSTigtOx7K2WlYob-ZC6VWl8rdY4B33CUNoMTHMJVsZ8HoFuctt-aJSIHrS9msWb-FU8Cz8qbn5Z43copClhgwiTjsfqqp920aRFpgLXZMHuQsRbpQwCtMYLulHw5IVAccYYYNhKgAnT84ssRw9bGduRSujj5swDL186xef_fBHLhiFwyGc1qcWEBM7wIsRxycChPmC-nbBflq8NWqaCqXLNIVa14ekOVxkby21WJweISZGz2bmprqOOmo-IDWLbtA90_Kc3Th5PXn0FZcyLzSLiJoc3krJPnQC3M13-xWxsFMazsmPgQlpn0QqD7JDj9VSKy2_qJVoiZj1DZtAflHjHh6eEgQo4npse0xDLM0GORgm6KNSDStAaBQaFCrRLsYAmobog&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO8lywWxdZb_PL9Su78EPwoiMmAXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MTkxMzMwMzE1MDgyNjTIAQmpAlNuIrwJT7I-qAMByAMCqgSDAk_QJ_5eBNnm0Bej_21p_XmcODQPQtQZ0-0TeoVorGVMuM9IsbaDthvO__JCe1RL9I8Idrq-NVP4aIkvLLJVNgDm2gnBkIAXkOunP5UAPXzF-vz6zY2i_HXzgzOIRFmMwS5M6bUJL3wGogeOi1r82xN-gnJU0kx3G-GtjWwBpnlXa1Y99CsCe7ymmTXGWtI34DyXc-HW4SdUXG8LE4Jx0ochOEoZxzj_TJOk44SRiEyJcAh087n7YlScv8ik4FVQ32sqWU-V8C6PbQEJMk5fEfrAsdIAH15S9LdrkfnxSJ1M2mrFLzvNYMjT9EzzdLP04fsxKRpq7FbuBY77E6idVhn4U6mABonJq-iC9qLpDKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0iBcCvjoTX3pRROZ-iFAiPhqwmNA%26client%3Dca-pub-3619133031508264%26adurl%3D
Frame ID: 33DB52586C186380CA9999138E3E21B1
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Frame ID: BE467BC4A6038D987A7183302AD63C98
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3EE1BCD7E897CEBA0840CED11A4EF5FC
Requests: 6 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1swgAANhYCO9RAAAdyQ7t2LzkEJ5wwQm8z4g&u=%7C6Sb4jh4xxyFgxZZ2BQ%2F7UF7RjwnoFBj5I0hRsebIDgU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZ72leTwqgY6guWqjNQgREAb3nIYp8tsl44QXofZlvf7cZsXaO4_3bD6klSWmjl6LogidWxxow6fs_CMKuzKNsAkFck--u5tvqlvcidS-BQMnxfwg3zik-S8EvBO26Otuki_fVo37GL16pjp9em4TFHU6d51Y4q7EO3H2AFzdTPZGIyoMhymnZ6NNLmifytjvRlrvVm8YK2u9A6LGuFesjZDE9Agd6eFDFkAzc4n341ZDLMifWpVlpVwyyNuxc6fo7jhCu1PkoyJ9ooyVXKjdHfnq88Vv6m70JAvZedJyLzsQRXUdS-Y9aN5UnHHW-yxSxTaCUh3z7ntgG-tcEYLwihyQvGVo8whETnof2tbo05DGY7Rgf14Ktmh2Fwx2qkDA1_mISpUmzQvdzO7ndFkkDJombXf9ZVhw2BvXXw6Tck0IxU3xL_VL12PHhOuYCY7bvWFT8ifqRsgblTV5-DJCfARGGIH8WMCYukz7hh5cCi5Xl_dRPEH7eClBYlejbxIWc42ea2lJglH3Y_1XlD3lHO9kDJ_PPhs9bANqKc0h30a&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7uIwmxdZZZswKjvwQ_D5J3QD8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzYxOTEzMzAzMTUwODI2NMgBCakCU24ivAlPsj6oAwHIAwKqBIMCT9CzxQ75Z7hg0_OFli514WDgviBZou1Lk1iJ0i1sC-KhDgj22gAlTKNCulkfGSypEDJOhmgFnpIOA83-UVZ7gW9M-Qe4auM7JtI-TcfmFGZUmG36X8HfzB3Tk_hT6LoBkbD7uTKLj7IWFXlsQhfFqllWRYB2eyY0xGKXN4fAlEetZnlEFRQiKo_NpuQOS20x9FvYchs_399usxCIgl4pECssCya9-Scmh1Ref3whjB7kfvPCwlWVwMAftzXtejuIJSkxsQS407pyhqXImsdsHzCK6dSfnrEHxdFEqWIk4jdawarF--3yjwbn3lbRokfKrXEM_spP-bIniQe6OSqU-Ru_j4AG7Oilpufy97mNAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0-Iw0bvhEtPZ_UHrVdr5SrmV98cw%26client%3Dca-pub-3619133031508264%26adurl%3D
Frame ID: ACF6F36A8019F61FBAA9614BA117E490
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5552B84898A8AEA7205F4198210F9168
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264
Frame ID: BD2FD041E375105FB29DA4E377032452
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&adk=1812271804&adf=2373185784&lmt=1700621506&plat=1%3A16777344%2C2%3A16777344%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621506729&bpp=11&bdt=159&idt=242&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&nras=1&correlator=8491574885203&frm=23&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621507&ga_hid=804666361&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1855113125&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44809315%2C31078301%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=996070109846676&tmod=1398611479&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.5tocj0h34652&fsb=1&dtd=268
Frame ID: F508B43E039DE4FE7A8F05280FDE2061
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=700&slotname=6248546980&adk=1463420899&adf=3279755402&pi=t.ma~as.6248546980&w=400&lmt=1700621507&format=400x700&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621506740&bpp=1&bdt=170&idt=287&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=21&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621507&ga_hid=804666361&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=250&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1855113125&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44809315%2C31078301%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=996070109846676&tmod=1398611479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.4ie5uk4fm06h&fsb=1&dtd=315
Frame ID: 034896E92A69C0F6F7783013CD0839F2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 497FD14F78A90E78F9F5BC9A6D817AE4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C556CBF8B065DE3B24312270FB736E73
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1swwABMTwIEfw5AAIL-2Frw0imyMwGB5DIvg&u=%7CSyMk6TfZ9uo8oYK5Z9bWpn7QcQJQP10FguEmbWoy9TA%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUanE-_GzvxoKEzH8N192rW-tx5p-M0a32ermgnAGNyi4BkVHBmW1Tmo4SEVCFPdHiissUOtG9fahrAKNuYrPIEnRvi6qmVBp6bY-13nFcwn5H5ab2CjdSa9A8TbKA5c1CqU9Wq_dAabfWL6WtiSezxNU01ZmpGSKSV93fKvBUwO4gjYfHVPptyILm-QWdlwcJfytBTwCaHBqNSzzFIiq6I97GACcJ1IhetFcNq6p5yfTDY2thalkzhkxSSAdkK-g4Vc99eQ5v0MpaLOtOB-BuczsAouTUOJBYCpvDxyn-9PxXeSD0iWLXjmEu9FrH3-skIAkeuL2E4k-lZhrSzJuAJYjznIq9FQJknjiH5uz9sYRPd-EnhUh7zkJ8RByIXI7uyZPEsOGlcy867UJV6x_ngEo-JhnwakVkBP4gwWhF8IWoOI8Cay4zb5capZ8oNRkJy5v_w-39NBQG0QTE7tz4NuPRhi6i2UhiVjkWAdcV5xi6bTjHQXBTDcrB4Oqa-kmUCpzZScO0qItg6E90_i9qCQioX-_xIhkGFCsTi18l99JbQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1-Hfw2xdZbziBLn4x_AP-5eIwAvJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MTkxMzMwMzE1MDgyNjTIAQmpAhjxi0TITrI-qAMByAMCqgSDAk_QrWupukdMsswy9AhDkGiMYENUE2AQZ-l9C0ENWT4E8WEuGDqp5KfefxadJ9x6p8h7z8zMDahU5efDzazvErQE3bFmt4id7C2wElRLg1nN5maaYu4jbXLDsoHzLFlJHNuRE3sUz6pOQ0hGiYn6XKRAPC36w_dPmqEjK4miQ3gnqmGn3NqbjNLNVv_M6LYvhODrlyFGHX4iJ1TN-tPbHcWl85RMibJ7zN-pnbjMSoldm1of-4Sewx19i3DCIey3byyO4VRha6xB-75iaZ-wg7ZbZDm-X8XirVL2CCchAKKfWRFyF8qIdnMbqhxtXbE-eTuOkEgLgBTCkCCWvp2REFNhRAOABonJq-iC9qLpDKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_21Lah4gOUBsvknlenpiEpgqzn16A%26client%3Dca-pub-3619133031508264%26adurl%3D
Frame ID: 7A62E76BAB77AEC3FB8004D25C218B41
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Frame ID: 367506D32026A3B90FC189C986904F19
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E8D54D7716840CBC530098AD72CC2D53
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: 0800496E53FF6567D7F8A3A79068DDAE
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4144D23D92E8D4AF79550F8ED9576B58
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Xuất hiện video Bà trùm Hoa hậu dì Dung chính thức mệt mỏi với Ý Nhi: "Cái gì không dính tới cái chữ Ý Nhi là ok" - Tin Tức

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

338
Requests

92 %
HTTPS

61 %
IPv6

43
Domains

64
Subdomains

50
IPs

9
Countries

7896 kB
Transfer

17188 kB
Size

28
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://ascendoor.com/
Title: Ascendoor

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEqjK5vuV0YwyGnZ7tOSHGU&google_cver=1&google_push=AXcoOmSE7NWuSlZvxvBJttWD766oD3B4L_sZhUFb7jT_UQDifOn8GX8039CldHB0eJ0Hw8rjpO4Cycc7JaC_SG2Su4b-Wrs7KuaJogz2 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEqjK5vuV0YwyGnZ7tOSHGU&google_cver=1&google_push=AXcoOmSE7NWuSlZvxvBJttWD766oD3B4L_sZhUFb7jT_UQDifOn8GX8039CldHB0eJ0Hw8rjpO4Cycc7JaC_SG2Su4b-Wrs7KuaJogz2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MHpXYmpzZVAxUjVEbDQ1&google_gid=CAESEEqjK5vuV0YwyGnZ7tOSHGU&google_cver=1&google_push=AXcoOmSE7NWuSlZvxvBJttWD766oD3B4L_sZhUFb7jT_UQDifOn8GX8039CldHB0eJ0Hw8rjpO4Cycc7JaC_SG2Su4b-Wrs7KuaJogz2

Request Chain 84

https://a.tribalfusion.com/i.match?p=b6&u=CAESEN1FC_ZacDFEDfheJ9GUEmU&google_cver=1&google_push=AXcoOmQR4VXeacw8dWr9pZtCe1mbyWp97dX8ojHh-e6lBmPdsdbuOKtAOLSy-Z0gkzonR8tt-3Tv1c5oxKLhOiiUmNsru4xdMfoHXV2G&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQR4VXeacw8dWr9pZtCe1mbyWp97dX8ojHh-e6lBmPdsdbuOKtAOLSy-Z0gkzonR8tt-3Tv1c5oxKLhOiiUmNsru4xdMfoHXV2G%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEN1FC_ZacDFEDfheJ9GUEmU&google_cver=1&google_push=AXcoOmQR4VXeacw8dWr9pZtCe1mbyWp97dX8ojHh-e6lBmPdsdbuOKtAOLSy-Z0gkzonR8tt-3Tv1c5oxKLhOiiUmNsru4xdMfoHXV2G&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQR4VXeacw8dWr9pZtCe1mbyWp97dX8ojHh-e6lBmPdsdbuOKtAOLSy-Z0gkzonR8tt-3Tv1c5oxKLhOiiUmNsru4xdMfoHXV2G%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 86

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJlXKqzDGMZJ42v7kSStl14&google_cver=1&google_push=AXcoOmQCexEdPFXnJzC3UdxtV7oEV937V2DkLF8blOkKfd8wm8gCgiH9cSKrKrT66elh3NdakWy8aShET4TnoZP1nIISSrIpDiy7R9W1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDExMzczMzk2ODY1NjUyMw%3D%3D&google_push=AXcoOmQCexEdPFXnJzC3UdxtV7oEV937V2DkLF8blOkKfd8wm8gCgiH9cSKrKrT66elh3NdakWy8aShET4TnoZP1nIISSrIpDiy7R9W1

Request Chain 87

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFXBYDp2Ky6_zySVjLBkcDA&google_cver=1&google_push=AXcoOmRs-5_b_1GsuEtpMKmv6eZR1Yr4Hq7p8vYaVw4gDFHBGmoU7vAA2LzVjac6qscQ9mh5LE_blzYjq79EhB3h6tgnoxCtejdEYQXz HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=FA10xhfKSacuAk0TfiFEpw&google_push=AXcoOmRs-5_b_1GsuEtpMKmv6eZR1Yr4Hq7p8vYaVw4gDFHBGmoU7vAA2LzVjac6qscQ9mh5LE_blzYjq79EhB3h6tgnoxCtejdEYQXz

Request Chain 88

https://d5p.de17a.com/cookies/google?google_gid=CAESEFR6Z2rwbBod75PZbyWWVpA&google_cver=1&google_push=AXcoOmQ3vDtw_Uuf4bnacP1Mqx_9mz-SpkB2aVEfxIvGROXg0RRe1vFI6s7ysMZTp1pz69ChwSOHyB8Ys2gAEyfIaeKy7gNdSVhFAgw HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFR6Z2rwbBod75PZbyWWVpA&google_cver=1&google_push=AXcoOmQ3vDtw_Uuf4bnacP1Mqx_9mz-SpkB2aVEfxIvGROXg0RRe1vFI6s7ysMZTp1pz69ChwSOHyB8Ys2gAEyfIaeKy7gNdSVhFAgw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ3vDtw_Uuf4bnacP1Mqx_9mz-SpkB2aVEfxIvGROXg0RRe1vFI6s7ysMZTp1pz69ChwSOHyB8Ys2gAEyfIaeKy7gNdSVhFAgw

Request Chain 120

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPn4weSIQS3Zz8ddQMX0PVE&google_cver=1&google_push=AXcoOmT0SrUCZ_0Pje--FD70Ok7NPb_Dwe5R0JwCS97fLltcBXtQoy4BryIhddNZSfkEdLatnAx-8mTbOuk8tYgR_Du3xL1IWRocmGo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MHpXYmpzZVAxUjVEbDQ1&google_gid=CAESEPn4weSIQS3Zz8ddQMX0PVE&google_cver=1&google_push=AXcoOmT0SrUCZ_0Pje--FD70Ok7NPb_Dwe5R0JwCS97fLltcBXtQoy4BryIhddNZSfkEdLatnAx-8mTbOuk8tYgR_Du3xL1IWRocmGo

Request Chain 121

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAFBREyXBnMFXAjMB1QJJu0&google_cver=1&google_push=AXcoOmRHbw29BzaUSiraD1mFSwQhApFL-5iyPFdI16tVj19sGQoNzT92-50s0k8tUEcct1jw35bi1uI3vfFZnEzux6EJ_HKu_Ic-kA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRHbw29BzaUSiraD1mFSwQhApFL-5iyPFdI16tVj19sGQoNzT92-50s0k8tUEcct1jw35bi1uI3vfFZnEzux6EJ_HKu_Ic-kA&google_hm=tlJDXbO0TqyNKiOBkmsWdEs

Request Chain 123

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHG-NxmsVJHvzsfjUwNmbRQ&google_cver=1&google_push=AXcoOmS1U-Wo_X1QDlh0drR4qi7erH5IiK3nll7JX2xEi5uUHuTU_5IQRP09Rcc-vVBJFffl5Xm7vYioqADO5XPEManiwzGpYBEnKEo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS1U-Wo_X1QDlh0drR4qi7erH5IiK3nll7JX2xEi5uUHuTU_5IQRP09Rcc-vVBJFffl5Xm7vYioqADO5XPEManiwzGpYBEnKEo&google_hm=eS1xX0d5d0I1RTJwRThiU3hRMl84NUN1eEptcGxGS0NfTn5B

Request Chain 124

https://d5p.de17a.com/cookies/google?google_gid=CAESEJ3b3cOCv6TCFdEVNb0URRg&google_cver=1&google_push=AXcoOmT0i2nR6GiHJn732TUJLt5-3lgn86tAk2rubMwtyV-RIqwF3dZIWKJx8AnpniZ3NiVckn6UoDyNETa24O0gfPCRpqGhJeWl69o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmT0i2nR6GiHJn732TUJLt5-3lgn86tAk2rubMwtyV-RIqwF3dZIWKJx8AnpniZ3NiVckn6UoDyNETa24O0gfPCRpqGhJeWl69o

Request Chain 218

https://ad.doubleclick.net/ddm/trackimp/N743351.154378CRITEO/B31030449.381333670;dc_trk_aid=572205582;dc_trk_cid=204628760;dcopt=anid;ord=655d6cc1dbd3462f4d8ad7405947528c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd=;dc_tdv=1 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N743351.154378CRITEO/B31030449.381333670;dc_pre=CJSeoebM1oIDFRsVVQgdqS8ASg;dc_trk_aid=572205582;dc_trk_cid=204628760;dcopt=anid;ord=655d6cc1dbd3462f4d8ad7405947528c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd=;dc_tdv=1

Request Chain 224

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDGpJHs-WQNKERRbOqQbm5E&google_cver=1&google_push=AXcoOmRa5GygjQvhEk4-uJX1XC-T97azAPdFPv0COQwvpQFL-oPOKJ-iK1rN0jNQBxyMkCBf5z4mu3_c3J3Wlt5aotYMw8gseKQdnXA HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRa5GygjQvhEk4-uJX1XC-T97azAPdFPv0COQwvpQFL-oPOKJ-iK1rN0jNQBxyMkCBf5z4mu3_c3J3Wlt5aotYMw8gseKQdnXA&google_hm=BelqEaaKzc9zpbxl49j70A

Request Chain 227

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK3N5ZBXGKXoJTOC0piRCIg&google_cver=1&google_push=AXcoOmQ3d0J3tHd757ONcyhtnSRO1VlgAPJIXVIaXT5BXaZNrnkwZFQI-6F6njc1G7sNex1_EEf74ujO1UsV_gJLxnwiRLvDlasHGg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEK3N5ZBXGKXoJTOC0piRCIg&google_cver=1&google_push=AXcoOmQ3d0J3tHd757ONcyhtnSRO1VlgAPJIXVIaXT5BXaZNrnkwZFQI-6F6njc1G7sNex1_EEf74ujO1UsV_gJLxnwiRLvDlasHGg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAyNTYyNjM0Mjc4MjgzOTQwOQ&google_push=AXcoOmQ3d0J3tHd757ONcyhtnSRO1VlgAPJIXVIaXT5BXaZNrnkwZFQI-6F6njc1G7sNex1_EEf74ujO1UsV_gJLxnwiRLvDlasHGg

Request Chain 242

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDGpJHs-WQNKERRbOqQbm5E&google_cver=1&google_push=AXcoOmQf5OL41kMyEmnusOP1pKpiPmTM5bqeCpIKrOBavlZ1P0e6QrEr8UWqo5RyDTbdpwG_ejVuo_Q5ocMIvPlkQ8T2qpsR1XF4 HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQf5OL41kMyEmnusOP1pKpiPmTM5bqeCpIKrOBavlZ1P0e6QrEr8UWqo5RyDTbdpwG_ejVuo_Q5ocMIvPlkQ8T2qpsR1XF4&google_hm=BelqEaaKzc9zpbxl49j70A

Request Chain 245

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK3N5ZBXGKXoJTOC0piRCIg&google_cver=1&google_push=AXcoOmRRzQ1f7bBqRynrFaIcse5BWRtgVUiPDgiJohCE5MYfGvGgIBdDw6ehlHHXtASACOInazxPWP9S9DRuqMXsk7hRIngkowpPHw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwOTQ2NDIzNjcyMjgzNTQ5Nw&google_push=AXcoOmRRzQ1f7bBqRynrFaIcse5BWRtgVUiPDgiJohCE5MYfGvGgIBdDw6ehlHHXtASACOInazxPWP9S9DRuqMXsk7hRIngkowpPHw

Request Chain 301

https://ad.doubleclick.net/ddm/trackimp/N743351.154378CRITEO/B31030449.381333670;dc_trk_aid=572205582;dc_trk_cid=204628760;dcopt=anid;ord=655d6cc2981d7abf3730b47972cc853b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd=;dc_tdv=1 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N743351.154378CRITEO/B31030449.381333670;dc_pre=CN6F3-bM1oIDFQ_OEQgd8hwG3A;dc_trk_aid=572205582;dc_trk_cid=204628760;dcopt=anid;ord=655d6cc2981d7abf3730b47972cc853b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd=;dc_tdv=1

Request Chain 308

https://um.simpli.fi/gp_match?google_gid=CAESEC7IzO8Ks-TF3AmwPSRut8I&google_cver=1&google_push=AXcoOmTEGkf_m8yf8TAp4fijX-qj8Ixewb2UcBBBR5f2hg3RARnVYnsWCEW8pGLitqfUzKaWdxhb6hQe5WLIB0i-xINDXl65mEVN4xlZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=51D40E7B7F23407B862065D55B70C32F&google_push=AXcoOmTEGkf_m8yf8TAp4fijX-qj8Ixewb2UcBBBR5f2hg3RARnVYnsWCEW8pGLitqfUzKaWdxhb6hQe5WLIB0i-xINDXl65mEVN4xlZ

Request Chain 309

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPq4lQ62tZ_RRHWGC39XPv4&google_cver=1&google_push=AXcoOmRgVufl6F56jzyhA2KciThuRNlccp549PQNsel8R5uc1UJzOAKDrxyxpFbGoxVEXL-TGj69ZFgfX0Y9ZAal7T8W_oyZY3b8QIw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDExMzczMzk2ODY1NjUyMw%3D%3D&google_push=AXcoOmRgVufl6F56jzyhA2KciThuRNlccp549PQNsel8R5uc1UJzOAKDrxyxpFbGoxVEXL-TGj69ZFgfX0Y9ZAal7T8W_oyZY3b8QIw

Request Chain 312

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK3N5ZBXGKXoJTOC0piRCIg&google_cver=1&google_push=AXcoOmSf01QN8C-uoECJABJiTStU3SvNYBArMokVxTlsCNFTJ8-yrnilE_bSnWCDryWaE5aFbHZPz3hSMRC7TceJh6EjS_hSRqWkBV1m HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwOTQ2NDIzNjcyMjgzNTQ5Nw&google_push=AXcoOmSf01QN8C-uoECJABJiTStU3SvNYBArMokVxTlsCNFTJ8-yrnilE_bSnWCDryWaE5aFbHZPz3hSMRC7TceJh6EjS_hSRqWkBV1m

338 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tin8.tinxahoivn.com/xuat-hien-video-ba-trum/ 133 KB
43 KB 5553ms
5505ms Document
text/html 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2ac425514fee3ae22901b49f4e5f640b325c647d6ebd4426558566deaea0e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 829ddf1b5a881983-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 02:51:41 GMT
link: <https://tin8.tinxahoivn.com/wp-json/>; rel="https://api.w.org/" <https://tin8.tinxahoivn.com/wp-json/wp/v2/posts/5742>; rel="alternate"; type="application/json" <https://tin8.tinxahoivn.com/?p=5742>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2F0PyHi3QDEf0oibkpCfjjRmTJdLYuLtMEtobH2tpLtVSAdipTWMxIZwjKwNhw16lUXxy%2FQmC8fdserj8nvVe8A0StHzf8gcOWiCp8BblSYJT3T1zws2jTOP74aoh7MqjhEXc4VHoNV%2FljLxfwm%2BiozM"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-cache-status: MISS
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 style.min.css
tin8.tinxahoivn.com/wp-includes/css/dist/block-library/ 107 KB
15 KB 65ms
62ms Stylesheet
text/css 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 18:47:37 GMT
server: cloudflare
etag: W/"654bd7c9-1add3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6knNLCh5FvfUjDQfWO4KfqFNd7Ipy3KiKVE3PrJ9Uz2ki1EgYM%2FJ7MvAOr2Y0In0rcceqK%2F8L2DdwxgBsyhY%2BqB9%2FR5tPQ7sbTLtBn3uqYRuIMJ%2Ftco%2FaC9idcWXpwqwdzI8%2FSmBQQ7h6eCgMJAfo9tI"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 829ddf3dcd351983-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slick.min.css
tin8.tinxahoivn.com/wp-content/themes/ascendoor-news/assets/css/ 1 KB
771 B 56ms
54ms Stylesheet
text/css 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/themes/ascendoor-news/assets/css/slick.min.css?ver=1.8.1

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb3ed351cd5c0f1f30f88778ee1f9b056598e6d25ac4fdcab1eebcd8be521cd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 19 Nov 2023 03:07:30 GMT
server: cloudflare
etag: W/"65597bf2-52f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWnjp1tDtF12GupVT%2BvZpN9SsM8etxedTz8CzthfpBilHA%2BhvPccNSn0tV%2FiGp6ZrjWWD2sSyg4D%2B%2B%2FUrA%2FsqyzgErPMmmabOrMT5ukzWQ2iCVKB8KjFngw%2BkPofKVunQmVgh5q6YbBoqMhvtwYH%2BAbt"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 829ddf3dcd361983-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontawesome.min.css
tin8.tinxahoivn.com/wp-content/themes/ascendoor-news/assets/css/ 82 KB
19 KB 67ms
64ms Stylesheet
text/css 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/themes/ascendoor-news/assets/css/fontawesome.min.css?ver=6.4.2

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d50f3f2c0011179b49ea047bef6aaea317ab534e723b55d06a46087085736e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 19 Nov 2023 03:07:30 GMT
server: cloudflare
etag: W/"65597bf2-14786"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2XE%2FU%2BquvygXujg1w6%2FYj12opvfbonGhhbO5wsX3CBCZKDqh2bu2cduvzaUgCqNHFA1afALlZHly6MhVQrnofNMhJ0EM9dQk6NzwlR5QHcG4TYfTH%2BZL%2FmlkcITbgQulqsnZzveyI5oVGD3d1WPR2hN"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 829ddf3dcd381983-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 8e3d24832633e494fb7e5b0744e8e1b3.css
tin8.tinxahoivn.com/wp-content/fonts/ 45 KB
2 KB 56ms
55ms Stylesheet
text/css 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f27172df09a4481d0b9b8704f1d4142aa432bee9c46a22097e0e45a744d1aa28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 19 Nov 2023 03:16:13 GMT
server: cloudflare
etag: W/"65597dfd-b563"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJiqz9YxbE9uiF%2Bv0iz7fvo2CiDL1%2BF6V3fjyAGz2fcCEhO2wRSfp0iPnqaVpNRKv55uA55MxuSk6Gz3U2IPivEZRrYM1WCxlpHduEod410%2FuQwcPHl6NrGpd7QxLwXmx%2BGg8WzVdy9%2B1kSStl7SkbRk"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 829ddf3dcd391983-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
tin8.tinxahoivn.com/wp-content/themes/ascendoor-news/ 153 KB
23 KB 71ms
69ms Stylesheet
text/css 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/themes/ascendoor-news/style.css?ver=1.0.1

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2899d216addc665197190e5055529b141c96a1b28ae02938a286fc0db35251e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 19 Nov 2023 03:07:30 GMT
server: cloudflare
etag: W/"65597bf2-262ae"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=diauSyZBU%2BG8gR6G00ECrXDA75OaLvDTBXfCNm55TQsPG4sc2gKUgE8BD6M24MOMgaqf3PtCbvM04Gd9bljMv7kB85aPP%2Bw8fIdjcs2sLj%2FfvllWJA8GG%2ByhI7GrE6z0j2lUI8ZdeYWns0mlbWbaNIk9"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 829ddf3dcd3a1983-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
tin8.tinxahoivn.com/wp-includes/js/jquery/ 86 KB
31 KB 72ms
70ms Script
application/javascript 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 18:47:37 GMT
server: cloudflare
etag: W/"654bd7c9-15601"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8rAX5cVRb8ywqhoXuuaR3Jje6mEzJH8u%2BAMPYHzGqwpLaR%2FwNgC2uMimgslSgISrEjtNL3JW4H2P%2BJHF282u4O%2FVgQhgx85v%2B0QLRfv0TRJIEWgZSWWIOCQj%2FvC02X1UM%2BwAB0%2BjTwOe%2FkYUyC2m633"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 829ddf3dcd3b1983-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
tin8.tinxahoivn.com/wp-includes/js/jquery/ 13 KB
5 KB 18ms
17ms Script
application/javascript 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36788
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 09 Aug 2023 05:41:53 GMT
server: cloudflare
etag: W/"64d32721-3509"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZORNRjWQg%2F5NrcLKzNl9a2r5BGhoZ7Yqf9Pm7M6t68bgC2eFtWRUfDk47z%2F1%2BC5XZMkkxf%2BFAwIq7v1jEOSZ67YbuI2oV2S789CMdL2bj53CyBFVLcOZIVJUBe9pWSwb9oSZ7Vf6Xwrct0RYTlamtQE"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 829ddf3dcd3c1983-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 49ms
24ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

014a797d310432535ec5ff99aa138a98d5ba0113028154406085e5bb8dcd5f50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52725
x-xss-protection: 0
server: cafe
etag: 12946116625175593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 02:51:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 56ms
28ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SHGKFYC5EF

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

991fd4a4d81847aba58c0795a43492dbe1e67d336a843553d9af5c12471055ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92948
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 02:51:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 47ms
20ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-128MY772SD

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9630f3cef2868c644e403f51bf092dd7ed88af5ecc372562dfb638e037dac81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92944
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 02:51:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 64ms
37ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KQLGDK28W5

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f50a8430f181ee644e80604682ecbd5a8684ed9e0dfa455c95bbbded61f58c7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92948
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 02:51:41 GMT

GET
H/1.1 200 ba298f04.js Show response
aj1559.online/ 36 KB
36 KB 642ms
198ms Script
text/javascript 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/ba298f04.js
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: e1b7562b902a3027eafd0d0200b9769ae0acc4a7c9bd6d7bbdd26efa7aa737e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
accept-ranges: bytes
etag: "00e28db1bda333a273b4259e63fa3752b"
content-length: 37154
content-type: text/javascript

GET
H2 200 1-62-300x300.jpg
tin8.tinxahoivn.com/wp-content/uploads/2023/08/ 19 KB
20 KB 69ms
68ms Image
image/jpeg 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tin8.tinxahoivn.com/wp-content/uploads/2023/08/1-62-300x300.jpg

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43dbe17308f0ee0d632562d9b45ba47e42f6ac2e228990de3934deca99c7e547

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 19751
last-modified: Wed, 02 Aug 2023 03:52:55 GMT
server: cloudflare
etag: "64c9d317-4d27"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HARdMVF3Yj8%2FJiL5JEYQ97Zsg6Pi6HahbYt2fu%2F4FPu6CKfDpDoQkATZK1HB7BDYKyKykYyE9i22yy66Oc74vlBF8Z37AaxUpGUFqUmVmy859LShDor5p8ut7uFZkOXzjpWQIroCgV%2B0qfVVnqmink0Q"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 829ddf3dcd3d1983-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1-61.jpg
tin8.tinxahoivn.com/wp-content/uploads/2023/08/ 154 KB
155 KB 85ms
84ms Image
image/jpeg 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tin8.tinxahoivn.com/wp-content/uploads/2023/08/1-61.jpg

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea4af374c2573e661d0cefccaf91a5798dcfefd528ff072960cfe9e7ad7610f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 158057
last-modified: Wed, 02 Aug 2023 03:52:18 GMT
server: cloudflare
etag: "64c9d2f2-26969"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFFVgOiH7hdgwMZStkw2j%2FuwWfX13CHvFvhjOIUtIouUsg1XSR81KATIb8ycO2SbTHpbbfA8vM2PW1xT13irMgocee2v1UHG9vW46PkNbvdCQKBML3MsZ1MBKFSMLwQ%2F%2B4CwiMfJb7xgY9CvhqHc5Hg4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 829ddf3dcd3e1983-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1-62.jpg
tin8.tinxahoivn.com/wp-content/uploads/2023/08/ 150 KB
150 KB 81ms
80ms Image
image/jpeg 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tin8.tinxahoivn.com/wp-content/uploads/2023/08/1-62.jpg

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bf9f0181200ce23cd6f1c67e85511922ceb56bb30631bd6623450d9a7909566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 153200
last-modified: Wed, 02 Aug 2023 03:52:55 GMT
server: cloudflare
etag: "64c9d317-25670"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lfh0D0hEnzergPX7wjuGXtG2BEw%2BKDx9HbmxwxD4sLg6MxqakK4Sd3cfXD8UDlvuC3hVmMW7I3BuIoLYoXJVUN5Q0eMaiWShTSc93W%2Fs7UYDPMHG4i8Wo%2FD7J4JrJTri02%2FYk%2F6okr0N7ei3zfaVyMjU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 829ddf3dcd401983-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 congdong24.com.1477392.js Show response
jsc.mgid.com/c/o/ 4 KB
2 KB 532ms
494ms Script
text/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/c/o/congdong24.com.1477392.js

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6cc96ee36df1dd833315cd406eff3c02ec03c330808824a60d69b5b90cfb4a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
x-amz-version-id: Smsg3YsFfPGmKpFbGvTUqSLHB5J1ryps
content-encoding: br
cf-cache-status: REVALIDATED
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: YK2QYHA7156VPNK3
cf-polished: origSize=3929
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Sy0sC4uh9rP8hLzxibiQHgHAP1NZCLF54mLqR/giIgkyssCeYaRVj8hCZ7mVVxbmEIgYdYPb+CxaaH1h27x/h5aYIq0e20ofFXKOjuTA+VU=
cf-bgj: minify
last-modified: Fri, 03 Nov 2023 14:53:01 GMT
server: cloudflare
etag: W/"b639be8a04c4808b28a94e70e9cca847"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 829ddf3ea9f765bd-FRA
expires: Wed, 22 Nov 2023 05:51:41 GMT

GET
H3 200 mediaelementplayer-legacy.min.css
tin8.tinxahoivn.com/wp-includes/js/mediaelement/ 11 KB
3 KB 55ms
54ms Stylesheet
text/css 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Jun 2023 06:49:52 GMT
server: cloudflare
etag: W/"64881190-2bf8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3FehFZYO4PN8p9lBXIkt0IcqDjDTTuxaBMOpj%2FXR3LzaItPhqWg704i%2Flb%2FJ3wLFeC%2FdYUTMbNp4erMj%2B8gmp8hwGpd%2B8IQ%2FXhneK4oxaFh0WYsbnU6J3ry5Wq%2B1bEcZBnVlvQettggtJhsilMW7knF"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 829ddf3e6f9e0bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wp-mediaelement.min.css
tin8.tinxahoivn.com/wp-includes/js/mediaelement/ 4 KB
2 KB 57ms
54ms Stylesheet
text/css 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.4.1

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Jun 2023 06:49:52 GMT
server: cloudflare
etag: W/"64881190-105a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEbd3gd5fvVdmoz49XW4ldSoQZ1B9Qk2sccUIsZVk7QiSywS%2FtN2LxWCJ9DiWwaVySFizMRYyrV3euTY1wspKrm2mmp0dHEt6CyL6x6Y41xbhIuAGv0Sot6lSX2YXKSrnKrWoD%2FwNRcnP6kD%2FiRwC14B"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 829ddf3e6fa80bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 navigation.min.js Show response
tin8.tinxahoivn.com/wp-content/themes/ascendoor-news/assets/js/ 1 KB
1 KB 58ms
55ms Script
application/javascript 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/themes/ascendoor-news/assets/js/navigation.min.js?ver=1.0.1

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd7e9705573e01d301efe30f1dc3c4a488da6e7f65f23940e80bb819f029bfd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 19 Nov 2023 03:07:30 GMT
server: cloudflare
etag: W/"65597bf2-5c6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YXhiAlRas1aZdgJdSYg5TEN%2B1OXYFRARXb3COXk6S%2BceMmk4a1XR7CEh1JY9eNZqAt%2FdovW0IxIm8Z7XD5rN4nDJ94qZlo6MT4l3IXnMMqtydDIGoHpnb18ypRJKZyify60wkv1ppQE%2BJa%2BhjkZWXEW"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 829ddf3e6fae0bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 slick.min.js Show response
tin8.tinxahoivn.com/wp-content/themes/ascendoor-news/assets/js/ 42 KB
11 KB 80ms
77ms Script
application/javascript 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/themes/ascendoor-news/assets/js/slick.min.js?ver=1.8.1

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e55b451621a060d376f1b31af3b370ea3d65ab7532ca82e875e52882deefbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 19 Nov 2023 03:07:30 GMT
server: cloudflare
etag: W/"65597bf2-a88a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cD1egS4BJ8RoFlfoSUES44uyjndoGtmy4Lh%2F2guosAQjRMZpVaoTnsPDYvkEhUE8ryBojywc5mlC5SahNWfAMk24sI8TCeeocso%2B4M%2FTOPhKtaDzpHJA0x2J%2FNVRykGkzsvGYpSNzKtdjiJh8oxJeYdv"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 829ddf3e6fb30bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.marquee.min.js Show response
tin8.tinxahoivn.com/wp-content/themes/ascendoor-news/assets/js/ 9 KB
3 KB 53ms
50ms Script
application/javascript 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/themes/ascendoor-news/assets/js/jquery.marquee.min.js?ver=1.6.0

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

feade23a47f6041e6d1008885642dd7ab7cc4f12d94b0c7191c9cf8ca55df97d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 19 Nov 2023 03:07:30 GMT
server: cloudflare
etag: W/"65597bf2-2345"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uE3osW0UIV7fmlxg4sZBogehHvlXzuYtan%2B22SBtGAdipMrEfa46UNbQqAtOFk7nIMVm7RkhBcfciJ73s%2FOPtCFkrunUgcOKUeQSbE8ZHP1lVNxd1R8eVkWlAe7iWmD%2Bww8w3EU2zvi6hYqAoY05ZAD7"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 829ddf3e6fb60bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 custom.min.js Show response
tin8.tinxahoivn.com/wp-content/themes/ascendoor-news/assets/js/ 4 KB
2 KB 53ms
50ms Script
application/javascript 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/themes/ascendoor-news/assets/js/custom.min.js?ver=1.0.1

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc1d92866be59f30d87af03ca650208889f844a6059f435f796eb5fcb9bf766d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 19 Nov 2023 03:07:30 GMT
server: cloudflare
etag: W/"65597bf2-ff7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mbKFDNo2Or8%2BLtOTfGtmw3HeUpuCov2eu7wy0o%2FozxCyItARP8Fif9t6J13EqF5dcEefd%2BebkxeR%2FD5z7tMThDzQIIxXxuHi%2F5FHdxCjK8LdwprZlVjQiRN1J6vRPk8EKn7%2BbrK82B8Q27P6DSY6F0f%2F"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 829ddf3e6fb70bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 mediaelement-and-player.min.js Show response
tin8.tinxahoivn.com/wp-includes/js/mediaelement/ 154 KB
38 KB 83ms
80ms Script
application/javascript 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Jun 2023 06:49:52 GMT
server: cloudflare
etag: W/"64881190-26935"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKpgHX%2BCtSh6%2B%2BTDI0IUS5qUKnFxR8k5jcbevz9CWubgK9HWhMBL6Z%2FnIkfwapxkf%2BaDh15tv3irRgkAe2xS%2FL3fPxMN67NWb%2BRVCf1BQdQN9HvSXM6nATG1RptbdHAwN0J0RkdQTDK9MmdLX0oZkpey"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 829ddf3e6fb80bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 mediaelement-migrate.min.js Show response
tin8.tinxahoivn.com/wp-includes/js/mediaelement/ 1 KB
1 KB 96ms
94ms Script
application/javascript 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.4.1

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Jun 2023 06:49:52 GMT
server: cloudflare
etag: W/"64881190-4a7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhMXWX9D2nBXjlmCjaIvcHc9DSGLXSy5%2FKDfYZ0lz3cu4%2BHDnSmmuhKroeY30FMz0GEeZB8Sn6p4irWT5lnyt%2FfjbJHmPf6AYP5vNMfWNeo%2FqCJXFtOMWI2jJAlmC%2Fpq5mG2nSXTvmsBgg0YFakhNVOs"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 829ddf3e6fb90bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wp-mediaelement.min.js Show response
tin8.tinxahoivn.com/wp-includes/js/mediaelement/ 1 KB
1 KB 50ms
48ms Script
application/javascript 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.4.1

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Jun 2023 06:49:52 GMT
server: cloudflare
etag: W/"64881190-453"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhVr3iiZNxswM4E3oLkHI%2BcdFlADfpRDtRvkk0NRambrp0pzpDyH%2F1gYvtcf5mMFl%2B0DtNBXFOyRKnAsmsAlL0myVpzJ2vyFo7%2FohqbOb%2BqmM321BSiGpktLJ8odHNz2M26kbyro6Ojx5UB8oC%2FnTG25"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 829ddf3e6fba0bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 vimeo.min.js Show response
tin8.tinxahoivn.com/wp-includes/js/mediaelement/renderers/ 6 KB
3 KB 68ms
65ms Script
application/javascript 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.17

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

722a90d42ef2bd0ea38f0fdac6b4c0523aa4a027e9ffe889972100746e165582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Jun 2023 06:49:52 GMT
server: cloudflare
etag: W/"64881190-1940"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NiLhQT84Yi4AfSI4gyQTesPvhAABQ3isLwqCknhCwfznnSZu83lAHhB1zz6z5yu1%2FEw8ebWJ9siqq%2Bbrg5pybs7uQ2g80ykE%2BUwrenL9idsPSJQDePE%2FhOxG8LJ6PpwcE3JWENYPh1MlOtL4DFkYCwz"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 829ddf3e6fbb0bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
BLOB 200
OK 419d627c-9481-4413-898f-ca9dbec1cb4d
https://tin8.tinxahoivn.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tin8.tinxahoivn.com/419d627c-9481-4413-898f-ca9dbec1cb4d
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
tin8.tinxahoivn.com/wp-content/fonts/poppins/ 8 KB
8 KB 79ms
78ms Font
font/woff2 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/fonts/poppins/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 7884
last-modified: Sun, 19 Nov 2023 03:16:04 GMT
server: cloudflare
etag: "65597df4-1ecc"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=esnnt8BL%2FHTaeAN%2BUbyaJ8%2BVZ21gDECIhN2Yc8r55T2s06AC5v0ooGNPMWM%2F%2BOBXjKnh0jetf%2Bs6YGCFuqT%2BGyDYUl1L2pysnKfEjsD517Pa1CbWuQbwiHsZ45kOXaIYCgQRcu4ZcNb%2Bmv1a8eEw71Ui"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 829ddf3e8fbd0bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
tin8.tinxahoivn.com/wp-content/fonts/roboto/ 15 KB
16 KB 80ms
78ms Font
font/woff2 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/fonts/roboto/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 15860
last-modified: Sun, 19 Nov 2023 03:16:13 GMT
server: cloudflare
etag: "65597dfd-3df4"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJkZ4hDSP4r2zeB5R5lEc8riSe2ZXOpLs1iUypvWP%2FV%2BuOsy8k8hzMEJO40ponZSCkKKUMg5z17N7x1dtGPtwSQwxtysqCaAA9bEQ6PS%2Fk%2Fe8wAAaFncb7uKvfKgg%2B4bQ%2FtW0ECB4r0suqeABgu4bZKJ"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 829ddf3e8fbe0bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fa-solid-900.woff2
tin8.tinxahoivn.com/wp-content/themes/ascendoor-news/assets/webfonts/ 147 KB
147 KB 91ms
90ms Font
font/woff2 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/themes/ascendoor-news/assets/webfonts/fa-solid-900.woff2

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/wp-content/themes/ascendoor-news/assets/css/fontawesome.min.css?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://tin8.tinxahoivn.com/wp-content/themes/ascendoor-news/assets/css/fontawesome.min.css?ver=6.4.2
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 150020
last-modified: Sun, 19 Nov 2023 03:07:30 GMT
server: cloudflare
etag: "65597bf2-24a04"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJ1rFFPUqg3T9dApu0UpHfISfkqeMdg7NbUzOPUNHuK%2B7rzxEDC%2B2nCk1Ck4F2EYZ%2FhVfnj4FYzKSBFiMR1%2F3gXRF25GXpTLSx9oeueuTESApiSnP2P7g9yaXbgQ9OYVdgEICeovBvV%2BhSf14rJtQc%2BV"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 829ddf3e8fbf0bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
tin8.tinxahoivn.com/wp-content/fonts/poppins/ 8 KB
8 KB 56ms
55ms Font
font/woff2 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 8000
last-modified: Sun, 19 Nov 2023 03:16:05 GMT
server: cloudflare
etag: "65597df5-1f40"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5if11r9Lg6KpF3zGmnbIVwFziOi0g%2Fkpd%2B%2F0PYPNQXA%2BOsUNCO9JcW83Bvv0glYpP6VWTERK6UDjoPWdYK2i%2Blq9iJSNy9QTJue7fw%2FicYYmlujZN4g39kejOTqqsJ9YTNF3kmEhWZBf3p3hEuLKoyF"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 829ddf3e8fc00bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fa-regular-400.woff2
tin8.tinxahoivn.com/wp-content/themes/ascendoor-news/assets/webfonts/ 24 KB
24 KB 112ms
111ms Font
font/woff2 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/themes/ascendoor-news/assets/webfonts/fa-regular-400.woff2

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/wp-content/themes/ascendoor-news/assets/css/fontawesome.min.css?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9169d8be7a8177e5a92a4d04b6de7f6504b938573bf4da5889871c4f376d3849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://tin8.tinxahoivn.com/wp-content/themes/ascendoor-news/assets/css/fontawesome.min.css?ver=6.4.2
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 24488
last-modified: Sun, 19 Nov 2023 03:07:30 GMT
server: cloudflare
etag: "65597bf2-5fa8"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ia7tpr%2BRHm5uVcKhRXZz6toIlpnyTp%2BVNDwCZq7hrM%2F5oOYxEF03LjD0QVpvmcf%2FoNuPZ98TmJar73yjUob7CQqhTxBdRfb%2Ftb7Mev%2BresDaezTVwxzsJcnV8TlCORAHs5V6kS%2FrYMME9uGXQKwoJt%2BL"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 829ddf3e8fc10bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
tin8.tinxahoivn.com/wp-content/fonts/roboto/ 15 KB
16 KB 114ms
113ms Font
font/woff2 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/fonts/roboto/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 15752
last-modified: Sun, 19 Nov 2023 03:16:13 GMT
server: cloudflare
etag: "65597dfd-3d88"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJ%2FY7ndwafinlz7Fls%2F1sBTgjKo%2BzHslXpGlnd1Ih27apAspiX%2B1JR3WB4Ss3Gyd2vW0Uz6J%2BshpAiPhggLtdIgyLi2udOdQn%2BAVwopzxV3R3QOtnrrRDyXNCye9DSwInei189bvnphv83v5lxapzD%2F6"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 829ddf3e8fc20bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
tin8.tinxahoivn.com/wp-content/fonts/roboto/ 5 KB
6 KB 107ms
107ms Font
font/woff2 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/fonts/roboto/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 5548
last-modified: Sun, 19 Nov 2023 03:16:13 GMT
server: cloudflare
etag: "65597dfd-15ac"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IJkIw8%2Fim8Tb4w8VweDFlRIKboA9NIszOZyn3yAVWuW96P2HF6AR2aAoNMjlU64tE%2BFmcVRnCitn6JQRusDF7ggTa2qmkNudaa8VpPJfKD8aYkRmKgF01Y46mBS8DP6f7blLi4%2BGzJkP6jSj%2FB0IMh7m"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 829ddf3e9fc30bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
tin8.tinxahoivn.com/wp-content/fonts/poppins/ 8 KB
8 KB 108ms
107ms Font
font/woff2 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 7816
last-modified: Sun, 19 Nov 2023 03:16:05 GMT
server: cloudflare
etag: "65597df5-1e88"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOG0kHi72kCsKYJbYs3p%2FFRYxaHiUIoXY0iPHELFkzlTOEFVrvGz00Zoz43ZnnfjimDr8O%2FyjdYu0l%2Fo7nmyed5tcAgr%2B85%2FV4ntSr9Q0vuifRV9tF5KzZ00AZZdk5TgHQbwJf%2FDP60t734npNq5VAiN"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 829ddf3e9fc40bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2
tin8.tinxahoivn.com/wp-content/fonts/poppins/ 5 KB
6 KB 102ms
102ms Font
font/woff2 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c15f7b06458075c69b40e79f03e62d43017ecf4c618487add407ee47e438684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 5512
last-modified: Sun, 19 Nov 2023 03:16:05 GMT
server: cloudflare
etag: "65597df5-1588"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHdsqYieDeg9YEWEB9FPWxGnjPH%2FizzDTnUj2z3Jj2o%2FF18LC2v7%2BftGXaTsqTRKo%2FDgRK0VWgMRPE1jFudKeL4bgah%2F3TtQhPVYUs4myLJm3gtVYSWOh2vDsx%2F%2B5Y0UM5PcQTM7znavUNRWPf5Bqv1x"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 829ddf3e9fc70bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2
tin8.tinxahoivn.com/wp-content/fonts/roboto/ 11 KB
12 KB 93ms
93ms Font
font/woff2 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/fonts/roboto/KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2781e9e7c3f369b8fc7965e679b17b60b5b11eaae5da1e5045107bbdd9d568f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 11756
last-modified: Sun, 19 Nov 2023 03:16:13 GMT
server: cloudflare
etag: "65597dfd-2dec"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QnaapLrEV%2FdEqCPLyCOeMTeWpG8xgoIxuHYKiP41lTNjsJSnlHCrFRbUkvAOV0Pz1DoLxAyDTKYwU5ZxA2qYsIhTIozlnXpeEfisps0W5VQyxKk8ad8DZ7m4An0BmOLWVbOq2pGrxsLvecVvcflbJQ4u"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 829ddf3eafdb0bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfCxc4EsA.woff2
tin8.tinxahoivn.com/wp-content/fonts/roboto/ 5 KB
6 KB 96ms
96ms Font
font/woff2 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/fonts/roboto/KFOlCnqEu92Fr1MmYUtfCxc4EsA.woff2

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a38c967413f7bce36d3baefc321aade81edf369e6a99dc32d911550148f636f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 5468
last-modified: Sun, 19 Nov 2023 03:16:13 GMT
server: cloudflare
etag: "65597dfd-155c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Jw%2BOlma97%2FNRNP9untJwsr4cJJzZHlU14gB9Sj0bVu0vtcNwZ15W3wM2rvNfltJY8vjIZgRAJG64lo2dYSBywTu3Wj2rOSLPJ5Y9n6B2zapGUh%2B7GQ3qbv0MqEu6kjMVBSm6bbdjIPvrikm9nrO2Y5O"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 829ddf3eafdf0bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 pxiEyp8kv8JHgFVrJJnecmNE.woff2
tin8.tinxahoivn.com/wp-content/fonts/poppins/ 5 KB
6 KB 96ms
95ms Font
font/woff2 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/fonts/poppins/pxiEyp8kv8JHgFVrJJnecmNE.woff2

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 5544
last-modified: Sun, 19 Nov 2023 03:16:04 GMT
server: cloudflare
etag: "65597df4-15a8"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5GaC1gmP1mx37hpsz9SVFGFqE2qTSDEp7Nj0EUBBtyHbvu8AEftvJgj8WILmq1eWA%2F9baaLdh5kVpCuk2LiKLmvB%2BbduNaQl7lXEyNbzT861e7PID4QYiK6RMpJvXCIYfPNaw0LJqXeMczsgej5hPL9"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 829ddf3eafe20bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
tin8.tinxahoivn.com/wp-content/fonts/roboto/ 12 KB
12 KB 87ms
81ms Font
font/woff2 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/fonts/roboto/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 11824
last-modified: Sun, 19 Nov 2023 03:16:13 GMT
server: cloudflare
etag: "65597dfd-2e30"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLWPtoXeG8clIKuTD6C6q1tSMCAShs%2BorvdItxM%2FmheP3jqNQY0Ggt%2BHJQmmLFPzSYJBkFTdzyySOSue9b%2B7NaK2cY%2FQpFJWask6ERxKtZ1N3DMtfCsu9RbCGlJdE%2FBT9KatIAR912pamxXG1XV1Ufwb"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 829ddf3ec80e0bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1-63.jpg
tin8.tinxahoivn.com/wp-content/uploads/2023/08/ 13 KB
13 KB 80ms
80ms Image
image/jpeg 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tin8.tinxahoivn.com/wp-content/uploads/2023/08/1-63.jpg

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b6e5d2b8f6eb82db5d2fb74d08dc7f21b87eebc07c81c8ef86fb3baab1c0c57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 13252
last-modified: Wed, 02 Aug 2023 03:53:15 GMT
server: cloudflare
etag: "64c9d32b-33c4"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1YMFJ4FAXMvB9ZMJV4ceORNTQD%2BYZEEASOuVzrovG4w99bpF3VamrGmgqRGp5RiGAz%2FCOyj%2BVIBrqcSPBXBABr81KT20FsQ4fgo%2FSLexhTpSFY4ljPtQbQq9LoNir91PrluM4p7758sZAQUBumgqeeke"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 829ddf3ec8100bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 206 Binh-luan-1-1.mp4
tin8.tinxahoivn.com/wp-content/uploads/2023/08/ 1 MB
0 68ms
65ms Media
video/mp4 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/uploads/2023/08/Binh-luan-1-1.mp4?_=1

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 0-1091343/1091344
alt-svc: h3=":443"; ma=86400
Content-Length: 1091344
last-modified: Wed, 02 Aug 2023 03:47:56 GMT
server: cloudflare
etag: "64c9d1ec-10a710"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvMXOEUgJ5bIexCvN%2Fp1Nn4vcyaYXT3ABHWCII483WxOAIC5UfR6jknAEGpN7V8Qkn0o%2FSjCdv267tNVd%2F7GbmKfQlEuf4RF2JO3KkH8dtfdqqfRSbljoXMfRHgUZpoS%2BeOY16ToPw3DTf2y%2FMG%2BVA5F"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding
cf-ray: 829ddf3ee8150bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
tin8.tinxahoivn.com/wp-content/fonts/roboto/ 15 KB
16 KB 98ms
96ms Font
font/woff2 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/fonts/roboto/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://tin8.tinxahoivn.com/wp-content/fonts/8e3d24832633e494fb7e5b0744e8e1b3.css
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 15744
last-modified: Sun, 19 Nov 2023 03:16:11 GMT
server: cloudflare
etag: "65597dfb-3d80"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rujX2u6jRvQKyp3LtrmcDy%2BfMqU12kSvp8xGaGRyOhHfKwoLYrb%2FZKg8Z1juC%2FaI8fNZL%2B65ZpVcC5%2BWWlxelUzYsurH2xIDbkDH02Qxl4WiVUYap0UYa5Tb8YtwopZcvJdPoqQFNOazMs%2FGvYhj2oZe"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 829ddf3f081d0bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SHGKFYC5EF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-128MY772SD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a5d29a5a393dd7537c839a0ba0090aa7ba21cef29293ab6c647e36c98065644

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92854
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 02:51:41 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 45ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-128MY772SD&gtm=45je3b81v9133456930&_p=1700621501178&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1730419367.1700621501&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700621501&sct=1&seg=0&dl=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&dt=Xu%E1%BA%A5t%20hi%E1%BB%87n%20video%20B%C3%A0%20tr%C3%B9m%20Hoa%20h%E1%BA%ADu%20d%C3%AC%20Dung%20ch%C3%ADnh%20th%E1%BB%A9c%20m%E1%BB%87t%20m%E1%BB%8Fi%20v%E1%BB%9Bi%20%C3%9D%20Nhi%3A%20%22C%C3%A1i%20g%C3%AC%20kh%C3%B4ng%20d%C3%ADnh%20t%E1%BB%9Bi%20c%C3%A1i%20ch%E1%BB%AF%20%C3%9D%20Nhi%20l%C3%A0%20ok%22%20-%20Tin%20T%E1%BB%A9c&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5907
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-128MY772SD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tin8.tinxahoivn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KQLGDK28W5&gtm=45je3b81v9122616857&_p=1700621501178&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1730419367.1700621501&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700621501&sct=1&seg=0&dl=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&dt=Xu%E1%BA%A5t%20hi%E1%BB%87n%20video%20B%C3%A0%20tr%C3%B9m%20Hoa%20h%E1%BA%ADu%20d%C3%AC%20Dung%20ch%C3%ADnh%20th%E1%BB%A9c%20m%E1%BB%87t%20m%E1%BB%8Fi%20v%E1%BB%9Bi%20%C3%9D%20Nhi%3A%20%22C%C3%A1i%20g%C3%AC%20kh%C3%B4ng%20d%C3%ADnh%20t%E1%BB%9Bi%20c%C3%A1i%20ch%E1%BB%AF%20%C3%9D%20Nhi%20l%C3%A0%20ok%22%20-%20Tin%20T%E1%BB%A9c&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5950
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KQLGDK28W5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tin8.tinxahoivn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
135 KB 64ms
47ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=tin8.tinxahoivn.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f46b013e7151fecfe7d1112aaccdbcbc4941e61b0aee8606dba1b2d8883d565f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138527
x-xss-protection: 0
server: cafe
etag: 719293050344480893
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 02:51:41 GMT

GET
H2 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 41E5 9 KB
4 KB 37ms
7ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_inhead_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a06aa84f08b4d57747e5eba867aa061deaadb4e657ca532d10e73b5a36fd73c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62084
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 09:36:57 GMT
etag: 13268084621564590274
expires: Tue, 05 Dec 2023 09:36:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 wp-emoji-release.min.js Show response
tin8.tinxahoivn.com/wp-includes/js/ 18 KB
5 KB 53ms
52ms Script
application/javascript 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Jun 2023 06:49:52 GMT
server: cloudflare
etag: W/"64881190-4904"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzHMqJP6cluOqFBWHG5UGXRphcdnBMSJa9KpQ4a4ZSJ5HEWK8R9DjuaSYjJkcxXV61pVMIiJAO9tqhHKziICPnilN0PK84dQQURZ%2Bw%2Bw3yG1AaMNvteik8n87umEzcRV9bMn3UVu7RRGJHiGD6y8SKuq"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 829ddf40988a0bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 15ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SHGKFYC5EF&gtm=45je3b81v9133167590&_p=1700621501178&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1730419367.1700621501&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700621501&sct=1&seg=0&dl=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&dt=Xu%E1%BA%A5t%20hi%E1%BB%87n%20video%20B%C3%A0%20tr%C3%B9m%20Hoa%20h%E1%BA%ADu%20d%C3%AC%20Dung%20ch%C3%ADnh%20th%E1%BB%A9c%20m%E1%BB%87t%20m%E1%BB%8Fi%20v%E1%BB%9Bi%20%C3%9D%20Nhi%3A%20%22C%C3%A1i%20g%C3%AC%20kh%C3%B4ng%20d%C3%ADnh%20t%E1%BB%9Bi%20c%C3%A1i%20ch%E1%BB%AF%20%C3%9D%20Nhi%20l%C3%A0%20ok%22%20-%20Tin%20T%E1%BB%A9c&en=page_view&_fv=1&_ss=1&_ee=1&tfd=6059
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SHGKFYC5EF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tin8.tinxahoivn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 mejs-controls.svg
tin8.tinxahoivn.com/wp-includes/js/mediaelement/ 4 KB
2 KB 59ms
58ms Image
image/svg+xml 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tin8.tinxahoivn.com/wp-includes/js/mediaelement/mejs-controls.svg

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad55816ac6c62f214e60a1913ff4f0215ab329034cbc7436a5514941449ca7b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Jun 2023 06:49:52 GMT
server: cloudflare
etag: W/"64881190-11f6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUs7q4a0SC4S%2B%2BsXYdeBZclZl%2BrY06PDXVKjTRzj%2Bg%2F%2BqdXhq1P09fy9SlHMHOQG3%2BIdnbjYqEd9qO7iPQm8iRSuEk038QMW6YvaIvYufHMiwD4Z2D4c9zrjzkowG0%2Bf18k7htEKgpS%2Be64DIJ9Ebf71"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 829ddf40f8a80bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 206 Binh-luan-1-1.mp4
tin8.tinxahoivn.com/wp-content/uploads/2023/08/ 1011 KB
0 28ms
27ms Media
video/mp4 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/uploads/2023/08/Binh-luan-1-1.mp4?_=1

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
Content-Range: bytes 0-1091343/1091344
alt-svc: h3=":443"; ma=86400
Content-Length: 1091344
last-modified: Wed, 02 Aug 2023 03:47:56 GMT
server: cloudflare
etag: "64c9d1ec-10a710"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DewtKyZFdwDLj1uG%2Fd86YgVB8sURk4wuxNGpqEqM7TR2bBV7W9IVJ8rRdW2hMXOAz9JJsi7xxQZ8YyvksAE4RhQTABdXoYt07XpqlfDKLMcKGHGBVEA9yRP%2FJ4uOhK4Iro7AISf5WnmknQiBfzT0J3nT"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding
cf-ray: 829ddf4128ac0bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5171 10 KB
5 KB 174ms
172ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&adk=1812271804&adf=3025194257&lmt=1700621501&plaf=1%3A2&plat=1%3A128%2C2%3A128%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621501487&bpp=4&bdt=410&idt=163&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8491574885203&frm=20&pv=2&ga_vid=1730419367.1700621501&ga_sid=1700621502&ga_hid=1401417511&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809004%2C31078297%2C44806140%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3592919157422686&tmod=908218760&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=190

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=tin8.tinxahoivn.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4035a43c6984acac6e1d7bce62d2390c8fc0ca4843e64278d2e5878c0856a4f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4737
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 02:51:41 GMT
expires: Wed, 22 Nov 2023 02:51:41 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 206 Binh-luan-1-1.mp4
tin8.tinxahoivn.com/wp-content/uploads/2023/08/ 42 KB
42 KB 22ms
21ms Media
video/mp4 2606:4700:3031::ac43:88e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tin8.tinxahoivn.com/wp-content/uploads/2023/08/Binh-luan-1-1.mp4?_=1

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:88e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94df8d78c3297051e5d5dfa138dc1519dca9975b9ba5d7cf47f5023bf378f26f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=1048576-

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
Content-Range: bytes 1048576-1091343/1091344
alt-svc: h3=":443"; ma=86400
Content-Length: 42768
last-modified: Wed, 02 Aug 2023 03:47:56 GMT
server: cloudflare
etag: "64c9d1ec-10a710"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CPWtb4lAEmkfKmmbtVFiNAa2B3mGMSERSHn2MMRMjZ3MhSxzuYpEyWO21R%2Bt3iZniBS8npvYN7hHZmvhMqlQDJO5tp7T3DiYNd6zcqXCa%2BtxuB1OFioaTawP26gC5IU68o%2FnAFZFh5yDFZmxal996sza"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding
cf-ray: 829ddf41a8c50bfd-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 congdong24.com.1477392.es6.js Show response
jsc.mgid.com/c/o/ 320 KB
97 KB 483ms
482ms Script
text/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/c/o/congdong24.com.1477392.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/o/congdong24.com.1477392.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89a4d48176ed66983aee1e9b874d852f7225c37f4d23041439c6ffada36f3d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
x-amz-version-id: U.JlNMexIuXBrhVPRmt9MUaobwhlWRqW
content-encoding: br
cf-cache-status: REVALIDATED
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: A34EW59TVCYQRZVW
cf-polished: origSize=327623
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: d46HOhvT/bGuwJl8DvvBO8JhDKOI2A6gaQnctAu97VE/IUSA7Ne2nPXzgejecZ4s0zbos3u12D0=
cf-bgj: minify
last-modified: Wed, 15 Nov 2023 11:41:54 GMT
server: cloudflare
etag: W/"46ca0b41a1958514ab7a2810a85da2ae"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 829ddf41bb7165bd-FRA
expires: Wed, 22 Nov 2023 05:51:42 GMT

POST
H/1.1 200 zqAK7Jjkv8kMM96avz5WgtlZbwtvlrmjr6hGZ-rQPIKGQvoh_iJnXCLUZLwq-oOAYdTg4HN-piSGBnWGVg9T_EjtnAK4gBmy4dFJKATE9LX8eR2x-GQF-utsbgST-P8fbBECJ04_dvCo0BnbE4TnGfPGtC1AZ9RkQqnl0OSJb-g3lzrgl4JSnj_oUuzhPa_FqdlGc... Show response
aj1559.online/ 1 KB
2 KB 104ms
103ms XHR
application/json 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/zqAK7Jjkv8kMM96avz5WgtlZbwtvlrmjr6hGZ-rQPIKGQvoh_iJnXCLUZLwq-oOAYdTg4HN-piSGBnWGVg9T_EjtnAK4gBmy4dFJKATE9LX8eR2x-GQF-utsbgST-P8fbBECJ04_dvCo0BnbE4TnGfPGtC1AZ9RkQqnl0OSJb-g3lzrgl4JSnj_oUuzhPa_FqdlGcm_4VN7lmQ9SW1l4XwEudnyk_hNnhpcqA7hrWtKZiaBLAdNBuUozxWd73KHmE-Ahd3zWaEI9jyHv0uN-E9HEUOvfD7YQb4Uz45zDMUSg-Z5BOnp4OqbUBI8q-Jae9hqpkNeiwy_ujlRD5U_YsEwu1Anh4ZsA0tVvAo919Vt8Hx4Y76VPYwYSLtPvptJWu2pbaFJeWJirp_nW91Gn8uQ9QH_E5pmbmPa55wHEahq7HQ7xbYb6fWpq57w4yG6NsY3nC3ksH57-tF7P9opOPkMF-1PF8b_shBpLFaptCsnS7sL0dRSVDGzPz?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 93e30c19cf73c304a0d5eb17cec336546e84b42839b5d0696fb76d99da883ce1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:40 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://tin8.tinxahoivn.com
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 1119
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 zPoBwLpBtzzQ_RCZ0vRRStKmZoWIayuCpv94U-ufO5c9Kh_EomXzYP6SR2xAB7hjjsqEwDUpTkyZSFDQnKiKckURE7W764y7T2r1CKeZqBiIa-87jSBQs0UPGiPK43U5cq85za_dMrWIAdWtDpCkBf3APqyqLClPA4HV7GnVr9nEviJ4brMK0Eep535yI8954N21F... Show response
aj1559.online/ 1 KB
2 KB 202ms
100ms XHR
application/json 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/zPoBwLpBtzzQ_RCZ0vRRStKmZoWIayuCpv94U-ufO5c9Kh_EomXzYP6SR2xAB7hjjsqEwDUpTkyZSFDQnKiKckURE7W764y7T2r1CKeZqBiIa-87jSBQs0UPGiPK43U5cq85za_dMrWIAdWtDpCkBf3APqyqLClPA4HV7GnVr9nEviJ4brMK0Eep535yI8954N21Ft3K3hCP6wKwUcQVw8AjKcfV11L013VeJib8ygwHSdH_iqiIpjaQ3aweHyf31Yh-vVITlmC_q2pSwMepBc38pMIfuTvNb4br4TvDSZ9xoMvBe_jP5tUcCO0HzypTPQW0KrKRkkTGbw_uEOf1hpMWL9PJeRmw1a6bKfuemhPM5CQSViVoV1J_IsBgpcSiitCIsVn6NujAGM3iPGlm7toQWph_IgcgBbpVNuJqzZkgC5om6MRTfF5FUuBmD-2tKndJyEHa0wgq0PGjYETX2WEBxBQSBPuOECNUJ3g0y6kD__OxITCYVHTf0?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 195003aa099b6b30dd9e5831468fefd6e002aaa565f1b3aad442c3cdae7cb0e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:41 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://tin8.tinxahoivn.com
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 1116
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 z5NtDx2n4MuIGZg5IfX8dsWphH1qyK_kU0knkAfikST8IXPk2zyrt0EgXHuuzh0jKZkvEW79G3_FYiwaUcuCaRT9ISzRsors24kFO30ajpY0zEWA5lF1PltEdVLeI79tcqaPzLpDl57QeaPpeYPfzOjqeGqvqS2TYD0upUsYz32aAlazpeWs28royxgkG-m_7TChK... Show response
aj1559.online/ 1 KB
2 KB 297ms
106ms XHR
application/json 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/z5NtDx2n4MuIGZg5IfX8dsWphH1qyK_kU0knkAfikST8IXPk2zyrt0EgXHuuzh0jKZkvEW79G3_FYiwaUcuCaRT9ISzRsors24kFO30ajpY0zEWA5lF1PltEdVLeI79tcqaPzLpDl57QeaPpeYPfzOjqeGqvqS2TYD0upUsYz32aAlazpeWs28royxgkG-m_7TChKz_rc70SlMg6V-YMtJsAOV3VjtxCcBWoyZ9qTlYhCojBdUHhq9T029qaSJHDmDyQeyckLD1toDAtMEja30XjVHNC_aZKD6DwRHqSoxF4DW7Gq-l9C5ayd9b6Frg-APNvSgbEyT-b7J_odf_xjK3o2Xf8j1DwRq57UkEzSpS2WdAyLEe8Qw4PcIvos_eJDxVRgzHXcwYMDuM1vH5uIHUUbpHUv7me55YnZGx2rKQlVFip1W8DpAGDKxW7mwM_AjiDs-rSjUadwFKY4yUF66U86W6ZPs3rG4NmgalaIgZdH70kfcxBOYvc?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 9371423dc62dc2b3db0178dbbc31837a82a13aca9cbcbf6354a4cf278e2dd24f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:41 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://tin8.tinxahoivn.com
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 1187
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 zPUvgK8JoefvPuTxLdFyKLdNRERz94wI3692WGHotfvrOAzgU10Pp8SmTfqM9jnyd-8YkOTlgZSZ-z1RaBPR8-n7Gi-TMg_evNZbHQ5tMdV4rrY8WILa9f2sX6pw9d-xtQuCPuRhQihyR5IWS10WfEPcIrmb9PGXVQp74TcplKWvSG78rQO6TrA7GVgNqP7vzo3E4... Show response
aj1559.online/ 2 KB
2 KB 288ms
100ms XHR
application/json 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/zPUvgK8JoefvPuTxLdFyKLdNRERz94wI3692WGHotfvrOAzgU10Pp8SmTfqM9jnyd-8YkOTlgZSZ-z1RaBPR8-n7Gi-TMg_evNZbHQ5tMdV4rrY8WILa9f2sX6pw9d-xtQuCPuRhQihyR5IWS10WfEPcIrmb9PGXVQp74TcplKWvSG78rQO6TrA7GVgNqP7vzo3E4wzZqj6JsSq0-lBfvOapw08fc260GgoRo5p286jVlKgN4vqe8HTLVZG1M0d8kifzfZtgx8ly-GQnehZmV-n_W85CfKYr3mhXplX-5u4HZNJ94owEVEHz6JSPevn2Wa-JXTrvD3OBG8Cjs7Xh0HTq3WhHlH5nnQJE7jbMs3piq9bRwN-_Z5BFnDIZXKPYXFN6SM9bJJT6cOIKOaGFSX90w8ibdxEK2eG9oI8wQyqn2ioBWpBdUfJ6AJiwrgziydQyr2BKFdJEnVdbCaNTvs_0SAL0028fmAyDqdYL993-Wzr1OSiEXSmfz?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 6abbaf6abc734ad766d3bc80c90fa6efb439195a871c37fe6e6883fc348dbc85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:41 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://tin8.tinxahoivn.com
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 1823
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 zoXcQ8DRPivxFfrwzPGZbkGxf1v1mPFpHGP-2SA17-pEPPpu2v_WS9CyUQzaF0CCoGN4sT3hYPDrqNP79_lKTKWZ5GfAMxL47MMBwgKuJtfIEelw5cO4j7LlA-29Ep4a45C1PSeJqy2w0dxh6GchtaWSg0me3b2Wu_EDLT9UvLk6R9nz2PackY1VbxgpegEkiEp_p... Show response
aj1559.online/ 2 KB
2 KB 289ms
97ms XHR
application/json 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/zoXcQ8DRPivxFfrwzPGZbkGxf1v1mPFpHGP-2SA17-pEPPpu2v_WS9CyUQzaF0CCoGN4sT3hYPDrqNP79_lKTKWZ5GfAMxL47MMBwgKuJtfIEelw5cO4j7LlA-29Ep4a45C1PSeJqy2w0dxh6GchtaWSg0me3b2Wu_EDLT9UvLk6R9nz2PackY1VbxgpegEkiEp_pfVgN2mkTw-59RtEVSUFg-YnhziiITK_73rMgUi8c1-D0MFnrohqKhEQH7tPPxmmVZ7A4mio3yMPyXQ9_x1soflY9XeGYMbWfS3n0oY9LXOB0PUudA3P2QSGm5n0H4sP60Ow1-g0c3z8G4fkRQZsc9RU_vp_bh49jvdgnhVhj_OZPPYtRkbHF4-GOHAbG9akillDoH-5eyIa5l_9iaXZI8mRQaw9rHMIvQpaVGR6EaeE8kR5pNJiE_SFqGrFWYd64lEHLmraEOuho0pUCMb3GBF88fuad_R4ZNJoLDvSNYu0bTXMQTDHw?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 0b5f2746907c063894fa5fddc029eff4459decfafcd8dd5b3eb39c70df4043a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:41 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
vary: accept-encoding
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://tin8.tinxahoivn.com
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5171 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=39&version=r20231109&sample=0.01

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&adk=1812271804&adf=3025194257&lmt=1700621501&plaf=1%3A2&plat=1%3A128%2C2%3A128%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621501487&bpp=4&bdt=410&idt=163&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8491574885203&frm=20&pv=2&ga_vid=1730419367.1700621501&ga_sid=1700621502&ga_hid=1401417511&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809004%2C31078297%2C44806140%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3592919157422686&tmod=908218760&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=190

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Requested by

Host: aj1559.online
URL: https://aj1559.online/ba298f04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

779928d8c88d58be3a373490e2295c6ac5efc41632c3c64ca472b97bcc951d4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52727
x-xss-protection: 0
server: cafe
etag: 5077389057570646208
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 02:51:41 GMT

GET
H/1.1 200 zpuEaQOil8mLm67Awp-bJiaD7BczXjq3CalgLM-mom6nNP4iwwN7Qi6tWYlJE6xBqumhnki2vWBcSrdPpRHrO-sU0FruADIDxhfpv8mUpwFF4NzDNrugJntTbjxiRiHBfgELJa9p1dF4Y8MBrb6lfAOQr6g7g3FNrolY9H_RhmTGQpY-N_AL_8ATZq3ErIqd3uB_3...
aj1559.online/ 49 B
512 B 136ms
97ms Image
image/gif 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/zpuEaQOil8mLm67Awp-bJiaD7BczXjq3CalgLM-mom6nNP4iwwN7Qi6tWYlJE6xBqumhnki2vWBcSrdPpRHrO-sU0FruADIDxhfpv8mUpwFF4NzDNrugJntTbjxiRiHBfgELJa9p1dF4Y8MBrb6lfAOQr6g7g3FNrolY9H_RhmTGQpY-N_AL_8ATZq3ErIqd3uB_35R8K1rPW_60yxHZ3dSB9_UvsRfYMhnpnbZRPKF76xdJmxKA4p-T3PG7KPhMNCB-xiRXhwHjHuJpxaKtb8ojiIkGl9L8K9Zp71Z1QHEGld5_PxMHJq4ub7Fws99dlHtj7DLQR-QPJUOQiPq59XEZsqCh7_iElMxQnX35yx7XXnzdrhxQR85I8vmxbSTcGDbWitMw1rWNHoyuAQBdY4NfpT54?DC=DO
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:41 GMT
last-modified: Mon, 06 Nov 2023 14:46:40 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1699282000000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 155B 39 KB
16 KB 159ms
158ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7158217283&adk=3375755801&adf=3353007588&pi=t.ma~as.7158217283&w=930&fwrn=4&fwrnh=100&lmt=1700621502&rafmt=1&format=930x280&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621502000&bpp=4&bdt=923&idt=4&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=20&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621502&ga_hid=1401417511&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809004%2C31078297%2C44806140%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3592919157422686&tmod=141995989&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=20

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ca695ede92c2530b7df3a73890d274dd1146b1b1d11e47400346e0644f40824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16529
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 02:51:42 GMT
expires: Wed, 22 Nov 2023 02:51:42 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
51 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Requested by

Host: aj1559.online
URL: https://aj1559.online/ba298f04.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a450b0780278c5492b672a8afb3735247d2d2ca8c6fab5f1c3b43541ff2a477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52691
x-xss-protection: 0
server: cafe
etag: 15795595272996500638
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 02:51:42 GMT

GET
H/1.1 200 z-P7-RE7c9LyPSzwhSTz9u3KWCItGMONt6BO6vq2aBUTxtlbq3i6uh_tZC6jXcL86diMVtCRihjIHgCHu7WJfWpNFf5iRkFRAie4HdsgIhoUHLyJbK42bUQD2gJ8isuJP1nmbnuWJgLuy3aI5VNIB_XUQWlNxaUvOjJvdhwOujoY5Q8rr3hCikeIxuvsOCj2WFmxL...
aj1559.online/ 49 B
512 B 97ms
96ms Image
image/gif 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/z-P7-RE7c9LyPSzwhSTz9u3KWCItGMONt6BO6vq2aBUTxtlbq3i6uh_tZC6jXcL86diMVtCRihjIHgCHu7WJfWpNFf5iRkFRAie4HdsgIhoUHLyJbK42bUQD2gJ8isuJP1nmbnuWJgLuy3aI5VNIB_XUQWlNxaUvOjJvdhwOujoY5Q8rr3hCikeIxuvsOCj2WFmxLGLvNwy4Vdg8_7ITjBjkYg0BwHaQHCF-tNRzwi2t27jj1pdiTEn3UE4G-RXDe8Bvv9_HX_7a2SF9-0ElbjWSG_XFAwo7VykPmGg6IBlj889nfqeGE-7pBY2YnfxrRVe9sEliAlfprCW6gGenIZP1O7PjFk9O6X3z9c-cQXtOjlb5ORkveki3B1sqZty6zU--YueHJ9buYwPmqropzdrffS98?DC=DO
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:42 GMT
last-modified: Mon, 06 Nov 2023 14:46:40 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1699282000000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B17B 39 KB
16 KB 186ms
185ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=8419707306&adk=350297942&adf=2243191896&pi=t.ma~as.8419707306&w=930&fwrn=4&fwrnh=100&lmt=1700621502&rafmt=1&format=930x280&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621502107&bpp=1&bdt=1030&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280&nras=1&correlator=8491574885203&frm=20&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621502&ga_hid=1401417511&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=2960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809004%2C31078297%2C44806140%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3592919157422686&tmod=299929489&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97d82e3752e091fe2684a4b1efaf78edea2152189090ebcd417fd00eb82288b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16556
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 02:51:42 GMT
expires: Wed, 22 Nov 2023 02:51:42 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 mobileinpage-mb.min.js Show response
server.zmedia.vn/static/template/passback/ 31 KB
9 KB 3402ms
196ms Script
application/javascript 123.30.177.102
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://server.zmedia.vn/static/template/passback/mobileinpage-mb.min.js
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 123.30.177.102 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: Byte-nginx /
Resource Hash: 842694dde1f0df86bfcb208d1aee5c98c7c1b27b1137f23c0eb347ea71204097

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Wed, 22 Nov 2023 03:06:45 GMT
date: Wed, 22 Nov 2023 02:51:45 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 09:39:51 GMT
server: Byte-nginx
etag: W/"64ec6b67-7c14"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
ef-cache-status: HIT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 155B 3 KB
1 KB 39ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7158217283&adk=3375755801&adf=3353007588&pi=t.ma~as.7158217283&w=930&fwrn=4&fwrnh=100&lmt=1700621502&rafmt=1&format=930x280&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621502000&bpp=4&bdt=923&idt=4&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=20&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621502&ga_hid=1401417511&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809004%2C31078297%2C44806140%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3592919157422686&tmod=141995989&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 155B 20 KB
9 KB 38ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 155B 0
0 47ms
16ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGmIJry3d1_srTAEB1DJ4W3i3diC73dNxq2Z17wXHhHE9yzDSgXeM7zdRdkk2rx0jfWjF_ibrbntUgusYKDJMiEnE3XQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7158217283&adk=3375755801&adf=3353007588&pi=t.ma~as.7158217283&w=930&fwrn=4&fwrnh=100&lmt=1700621502&rafmt=1&format=930x280&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621502000&bpp=4&bdt=923&idt=4&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=20&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621502&ga_hid=1401417511&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809004%2C31078297%2C44806140%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3592919157422686&tmod=141995989&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 155B 202 KB
64 KB 51ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 02:51:42 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 7F1F 140 KB
48 KB 88ms
54ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1svgAA2FwCO9dUAAMEQu5H4KvyHqIm_CiBqA&u=%7CHH2ib0ITAgqwRlGNIckEOw9SSbSyyl9dNn%2B2cbyMyog%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe-gsqx7QcQj0ByoNabXMVyrX50foR229MVi2eMqAfJHTd2LbvHnxXFYLLvcQZTUre8p2o4LUP8uqeMlxJs2_-cOZgUOGN4PhDAKgeonBn5qmMq1TdJsuqnXOP2T7i8Ksw-TrMUedYB83EA2F2byNbGbb8LThsNQx82e14gv-hJhxVg5Pr-aHaLuoY4GIpOwCtLHg7943OKiCP3oBWtPpvRvlRd2qEDC2YklPdt0tPYXvUpcBgixjG5l-wAWFz77kkaX-EWWGWNC0QOdQWwfe80ZoEvdVQDBJ24v9wzTFMBGZgGYkfjE1eZl3VdAcEwX1dCHTRjWL9ROFeTDHmZaEJc9-MLbV6y_09uecIJhOF2EeqcZisSWvwwlS-sGEa3E_2vIKNNE7qcXb7CrNlcmpNJP3g61IJBdwMko2oBbJfJgeDkwbO2uxs50OVAWXWR8FKE87djOjw17wQywdv6QZBT00hl_XJ378eiSp_DklhSxnDUrBp6pR4L0wmi9hodj9GaVawymYlUPZU4ieZvQ7AU8Yal090IE3Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWB40vmxdZdywA9Su78EPwoiMmAXJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MTkxMzMwMzE1MDgyNjTIAQmpAlNuIrwJT7I-qAMByAMCqgSEAk_QlbNVUacNi6GZG1FKxFV6fPAcXZZGOXsKGCwxp_rpKXa-byt5oOM0qgmDAjBkOrSl8Ox_81ZVtG4xM_Q6qJ5Cz-YD7BsODh-q4iuO7tmmqO0yUAPMpF2755uBYhovJR5Nts_Eti4wBQYdhiw2jmBCSLKjYpwIIXkOsm4rt1KK1JfQrTGM74mdN--KmIbP1zy8Uqs30jANLZLrUGtMmOo3owEAWW_Q90zZdhPpcCkEdf4VEAQ7JTbVYtDWEZk1QJloTq5VmspzPxw7ZXHHNolo4jMeCPrfkKOmLagoRrERryGLEueScSCNPeN2TUsmXQ2hchL5-FBcMLz_0iNJ2zP3cM6pgAbs6KWm5_L3uY0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2S71E049cvxZ0XcoPd1zYLppZkTw%26client%3Dca-pub-3619133031508264%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2f29d2ebe51626f462417aefa5d76ca764eab4afa27a0500fa532f519793dc69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 02:51:41 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=dvF0RFXNKzKDm-lPrnWYGLsfpW_4jvnW5XF0y8dAfx09qXlQ_SQqCuDQaUd6UNzJmvHPLT5373VbU-AXNqP7ifVl_o_e6YfwBb5L0oLsnWgI1qUOOMhgnV3qdZgcQjmhkDT1YZ4clJeK-tYv71NYEWasRFJTicrv7ChhJIt01AncfGIr2BFc7lkbdplI_H1tQ3VMxwqXaGFfJJQRLzbhq6-lTrXWrqD7px71WjmOt2jgfgL5scP08LEJD-k4cToHNSuqyw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 39925776
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4FBB 1 KB
643 B 12ms
11ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 09:25:15 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 09:25:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK 7685068b-1585-4042-8a22-0a56765c2cfd
https://tin8.tinxahoivn.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tin8.tinxahoivn.com/7685068b-1585-4042-8a22-0a56765c2cfd
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK a09408fd-5e38-4445-aa0e-12d3b8d76302
https://tin8.tinxahoivn.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tin8.tinxahoivn.com/a09408fd-5e38-4445-aa0e-12d3b8d76302
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4FBB 35 B
463 B 107ms
12ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEG7bGg60ukBY2UhHfUtCpAk&google_cver=1&google_push=AXcoOmQrSNq5pBxFdqHpuUJehEBan2oWOQ-uGrJmA3LRimq7tFQfBOQrUSENOGO1fnOiSaN4qjSNQtLWeauJMIfPyGA8aJ6Vvn4xV7Jg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:42 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4FBB
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEqjK5vuV0YwyGnZ7tOSHGU&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEqjK5vuV0YwyGnZ7tOSHGU&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MHpXYmpzZVAxUjVEbDQ1&google_gid=CAESEEqjK5vuV0YwyGnZ7tOSHGU&google_cver=1&google_push=AXcoOmSE7NWuSlZvxvBJttWD766oD3B4L_sZhUFb7jT_UQD...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MHpXYmpzZVAxUjVEbDQ1&google_gid=CAESEEqjK5vuV0YwyGnZ7tOSHGU&google_cver=1&google_push=AXcoOmSE7NWuSlZvxvBJttWD766oD3B4L_sZhUFb7jT_UQDifOn8GX8039CldHB0eJ0Hw8rjpO4Cycc7JaC_SG2Su4b-Wrs7KuaJogz2

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 02:51:41 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MHpXYmpzZVAxUjVEbDQ1&google_gid=CAESEEqjK5vuV0YwyGnZ7tOSHGU&google_cver=1&google_push=AXcoOmSE7NWuSlZvxvBJttWD766oD3B4L_sZhUFb7jT_UQDifOn8GX8039CldHB0eJ0Hw8rjpO4Cycc7JaC_SG2Su4b-Wrs7KuaJogz2
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 4FBB
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEN1FC_ZacDFEDfheJ9GUEmU&google_cver=1&google_push=AXcoOmQR4VXeacw8dWr9pZtCe1mbyWp97dX8ojHh-e6lBmPdsdbuOKtAOLSy-Z0gkzonR8tt-3Tv1c5oxKLhOiiUmNsru4xdMfoHX...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEN1FC_ZacDFEDfheJ9GUEmU&google_cver=1&google_push=AXcoOmQR4VXeacw8dWr9pZtCe1mbyWp97dX8ojHh-e6lBmPdsdbuOKtAOLSy-Z0gkzonR8tt-3Tv1c5oxKLhOiiUmNsru4xdMfo...

43 B
430 B

191ms
164ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEN1FC_ZacDFEDfheJ9GUEmU&google_cver=1&google_push=AXcoOmQR4VXeacw8dWr9pZtCe1mbyWp97dX8ojHh-e6lBmPdsdbuOKtAOLSy-Z0gkzonR8tt-3Tv1c5oxKLhOiiUmNsru4xdMfoHXV2G&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQR4VXeacw8dWr9pZtCe1mbyWp97dX8ojHh-e6lBmPdsdbuOKtAOLSy-Z0gkzonR8tt-3Tv1c5oxKLhOiiUmNsru4xdMfoHXV2G%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7158217283&adk=3375755801&adf=3353007588&pi=t.ma~as.7158217283&w=930&fwrn=4&fwrnh=100&lmt=1700621502&rafmt=1&format=930x280&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621502000&bpp=4&bdt=923&idt=4&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=20&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621502&ga_hid=1401417511&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809004%2C31078297%2C44806140%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3592919157422686&tmod=141995989&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=20
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:42 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 829ddf468d0d30d2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:42 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 151
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEN1FC_ZacDFEDfheJ9GUEmU&google_cver=1&google_push=AXcoOmQR4VXeacw8dWr9pZtCe1mbyWp97dX8ojHh-e6lBmPdsdbuOKtAOLSy-Z0gkzonR8tt-3Tv1c5oxKLhOiiUmNsru4xdMfoHXV2G&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQR4VXeacw8dWr9pZtCe1mbyWp97dX8ojHh-e6lBmPdsdbuOKtAOLSy-Z0gkzonR8tt-3Tv1c5oxKLhOiiUmNsru4xdMfoHXV2G%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 829ddf455c9f30d2-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 4FBB 70 B
149 B 140ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGoSxhZBJ3L4JBNzh326emI&google_cver=1&google_push=AXcoOmSLhKobNPRpsrdF0KBF4oaB0PqN-J1PVvQZ-4VDWJ1RZ6-hYChW1zPR0jubzGG4SThwVKCUvXAEW-Q_mkhw2k8HA-mfo8DRgJqt
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7158217283&adk=3375755801&adf=3353007588&pi=t.ma~as.7158217283&w=930&fwrn=4&fwrnh=100&lmt=1700621502&rafmt=1&format=930x280&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621502000&bpp=4&bdt=923&idt=4&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=20&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621502&ga_hid=1401417511&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809004%2C31078297%2C44806140%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3592919157422686&tmod=141995989&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4FBB
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJlXKqzDGMZJ42v7kSStl14&google_cver=1&google_push=AXcoOmQCexEdPFXnJzC3UdxtV7oEV937V2DkLF8blOkKfd8wm8gCgiH9cSKrKrT66elh3NdakWy8aShET4TnoZ...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDExMzczMzk2ODY1NjUyMw%3D%3D&google_push=AXcoOmQCexEdPFXnJzC3UdxtV7oEV937V2DkLF8blOkKfd8wm8gCgiH9cSKrKrT66elh3NdakWy8aShET4TnoZP1nI...

170 B
329 B

53ms
24ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDExMzczMzk2ODY1NjUyMw%3D%3D&google_push=AXcoOmQCexEdPFXnJzC3UdxtV7oEV937V2DkLF8blOkKfd8wm8gCgiH9cSKrKrT66elh3NdakWy8aShET4TnoZP1nIISSrIpDiy7R9W1

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDExMzczMzk2ODY1NjUyMw%3D%3D&google_push=AXcoOmQCexEdPFXnJzC3UdxtV7oEV937V2DkLF8blOkKfd8wm8gCgiH9cSKrKrT66elh3NdakWy8aShET4TnoZP1nIISSrIpDiy7R9W1
Date: Wed, 22 Nov 2023 02:51:42 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4FBB
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFXBYDp2Ky6_zySVjLBkcDA&google_cver=1&google_push=AXcoOmRs-5_b_1GsuEtpMKmv6eZR1Yr4Hq7p8vYaVw4gDFHBGmoU7vAA2LzVjac6qscQ9mh5LE_blzYjq79EhB3h...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=FA10xhfKSacuAk0TfiFEpw&google_push=AXcoOmRs-5_b_1GsuEtpMKmv6eZR1Yr4Hq7p8vYaVw4gDFHBGmoU7vAA2LzVjac6qscQ9mh5LE_blzYjq79EhB3h6tgnoxCtejdEYQXz

170 B
232 B

17ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=FA10xhfKSacuAk0TfiFEpw&google_push=AXcoOmRs-5_b_1GsuEtpMKmv6eZR1Yr4Hq7p8vYaVw4gDFHBGmoU7vAA2LzVjac6qscQ9mh5LE_blzYjq79EhB3h6tgnoxCtejdEYQXz

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 02:51:42 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=FA10xhfKSacuAk0TfiFEpw&google_push=AXcoOmRs-5_b_1GsuEtpMKmv6eZR1Yr4Hq7p8vYaVw4gDFHBGmoU7vAA2LzVjac6qscQ9mh5LE_blzYjq79EhB3h6tgnoxCtejdEYQXz
x-host: tde-deliveryengine-production-bb588bf9-l9j7w
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4FBB
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEFR6Z2rwbBod75PZbyWWVpA&google_cver=1&google_push=AXcoOmQ3vDtw_Uuf4bnacP1Mqx_9mz-SpkB2aVEfxIvGROXg0RRe1vFI6s7ysMZTp1pz69ChwSOHyB8Ys2gAEyfIaeKy7gN...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFR6Z2rwbBod75PZbyWWVpA&google_cver=1&google_push=AXcoOmQ3vDtw_Uuf4bnacP1Mqx_9mz-SpkB2aVEfxIvGROXg0RRe1vFI6s7ysMZTp1pz69ChwSOHyB8Ys2gAEyfIaeKy7...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ3vDtw_Uuf4bnacP1Mqx_9mz-SpkB2aVEfxIvGROXg0RRe1vFI6s7ysMZTp1pz69ChwSOHyB8Ys2gAEyfIaeKy7gNdSVhFAgw

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ3vDtw_Uuf4bnacP1Mqx_9mz-SpkB2aVEfxIvGROXg0RRe1vFI6s7ysMZTp1pz69ChwSOHyB8Ys2gAEyfIaeKy7gNdSVhFAgw

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ3vDtw_Uuf4bnacP1Mqx_9mz-SpkB2aVEfxIvGROXg0RRe1vFI6s7ysMZTp1pz69ChwSOHyB8Ys2gAEyfIaeKy7gNdSVhFAgw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4FBB 0
139 B 105ms
15ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JvCztJkxcqYzEuUUswjjioJekNauKTFxGk-mQZldn91yD4gW5tHIuz4gcm0zi4J4oC1hX3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 155B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f5862ddc3290d7258f7e7c7b132504904f41da1400e9c8d16407c4adb0db9cf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7F1F 2 KB
1 KB 50ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1svgAA2FwCO9dUAAMEQu5H4KvyHqIm_CiBqA&u=%7CHH2ib0ITAgqwRlGNIckEOw9SSbSyyl9dNn%2B2cbyMyog%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe-gsqx7QcQj0ByoNabXMVyrX50foR229MVi2eMqAfJHTd2LbvHnxXFYLLvcQZTUre8p2o4LUP8uqeMlxJs2_-cOZgUOGN4PhDAKgeonBn5qmMq1TdJsuqnXOP2T7i8Ksw-TrMUedYB83EA2F2byNbGbb8LThsNQx82e14gv-hJhxVg5Pr-aHaLuoY4GIpOwCtLHg7943OKiCP3oBWtPpvRvlRd2qEDC2YklPdt0tPYXvUpcBgixjG5l-wAWFz77kkaX-EWWGWNC0QOdQWwfe80ZoEvdVQDBJ24v9wzTFMBGZgGYkfjE1eZl3VdAcEwX1dCHTRjWL9ROFeTDHmZaEJc9-MLbV6y_09uecIJhOF2EeqcZisSWvwwlS-sGEa3E_2vIKNNE7qcXb7CrNlcmpNJP3g61IJBdwMko2oBbJfJgeDkwbO2uxs50OVAWXWR8FKE87djOjw17wQywdv6QZBT00hl_XJ378eiSp_DklhSxnDUrBp6pR4L0wmi9hodj9GaVawymYlUPZU4ieZvQ7AU8Yal090IE3Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWB40vmxdZdywA9Su78EPwoiMmAXJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MTkxMzMwMzE1MDgyNjTIAQmpAlNuIrwJT7I-qAMByAMCqgSEAk_QlbNVUacNi6GZG1FKxFV6fPAcXZZGOXsKGCwxp_rpKXa-byt5oOM0qgmDAjBkOrSl8Ox_81ZVtG4xM_Q6qJ5Cz-YD7BsODh-q4iuO7tmmqO0yUAPMpF2755uBYhovJR5Nts_Eti4wBQYdhiw2jmBCSLKjYpwIIXkOsm4rt1KK1JfQrTGM74mdN--KmIbP1zy8Uqs30jANLZLrUGtMmOo3owEAWW_Q90zZdhPpcCkEdf4VEAQ7JTbVYtDWEZk1QJloTq5VmspzPxw7ZXHHNolo4jMeCPrfkKOmLagoRrERryGLEueScSCNPeN2TUsmXQ2hchL5-FBcMLz_0iNJ2zP3cM6pgAbs6KWm5_L3uY0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2S71E049cvxZ0XcoPd1zYLppZkTw%26client%3Dca-pub-3619133031508264%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:42 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7F1F 2 KB
1 KB 49ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:42 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7F1F 308 B
637 B 25ms
12ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 16 Nov 2024 02:51:42 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 7F1F 293 B
621 B 27ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 16 Nov 2024 02:51:42 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 7F1F 43 B
348 B 78ms
15ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=6Qa9Auk_ujlkeeYniU3QabUbcXZ0mmuk_pvsGhDY1AqHzS1I3NY3AjDCIN-AEaIq-FP2NDEnzjR473OA91spclYwT5ow23XIfC-KJRlxZ48l75oYlpp6o9aMAK1nOPpv6daEI9LXyFw2FOWyejK9Gbfwykm4rhFWv4lyujo2Pn2cvwxTlUtXSRmTU2sb0cNhAoHglPDSGbtEn4bzJGmJy84G_cXV9u8SlbRCmdbbtyQqhkuLzgwwjgCCDmASdqwP6X8ueE0eZaeokeBb7GYTXzisQuoiRFoVpTHU7NBD5urohOsmsAwuzf3ZL9xcPkBDuNkOE3-NDErDr2rSkVyyuhPxqZPcEdC7kSWlqlAEsfY7ycCAi1vq6POWek__32zs-NNB2YnElZuwc9Ig0g35gpgFSK6WhI664PzW28oB5T9wOFhYi_WPJqpWBeQvlXbN5_OL2Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1621559
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B17B 3 KB
1 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=8419707306&adk=350297942&adf=2243191896&pi=t.ma~as.8419707306&w=930&fwrn=4&fwrnh=100&lmt=1700621502&rafmt=1&format=930x280&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621502107&bpp=1&bdt=1030&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280&nras=1&correlator=8491574885203&frm=20&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621502&ga_hid=1401417511&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=2960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809004%2C31078297%2C44806140%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3592919157422686&tmod=299929489&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B17B 20 KB
8 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B17B 0
0 18ms
16ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQyG85PMN77qxqi3TpQkHjSt7_TrjXtmDtxlN868CChrR-Kk41-UGjXeWtepjDKEdtS_y4BfTP_7hkAGMuxDHwKZUf0qQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=8419707306&adk=350297942&adf=2243191896&pi=t.ma~as.8419707306&w=930&fwrn=4&fwrnh=100&lmt=1700621502&rafmt=1&format=930x280&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621502107&bpp=1&bdt=1030&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280&nras=1&correlator=8491574885203&frm=20&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621502&ga_hid=1401417511&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=2960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809004%2C31078297%2C44806140%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3592919157422686&tmod=299929489&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B17B 202 KB
64 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 02:51:42 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 7F1F 12 KB
5 KB 31ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1193993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m1PBFehcZwKHHbOjhxqDj3ueDDF%2BlBDjg3ZfASYeIatJ3qNyrKoJyRP1vvPXf5cGzCuSWW11H170%2BoEZW9G29hv%2Fxgzibyzszxt2Q5SWb2YXPSmAcNmMQln6qM1xivNj4MyWxZAz04cWsk%2FPNg2RbLRz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 829ddf463d079253-FRA
expires: Mon, 11 Nov 2024 02:51:42 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 7F1F 12 KB
6 KB 15ms
15ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:42 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 0C95 135 KB
47 KB 52ms
51ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1svgACW4UCO8-NAA-N5aLV9QKsIKpQd3tPPQ&u=%7CHH2ib0ITAgojBenMga5Kdxvmb1q8h%2Fh4xlvVQNGUL1M%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe-gsqx7QcQj0ByoNabXMVzLsk1cS1XTEAbKkXTYoZWgB9xCP3UVrc77I7cNvhlUs1N8O5DAT1DlQBD4yxpgnfrY-j3JBTOS7aVmYVxGiILLYFe64nbDIfUY5jN5mYErKFzc7IdWSWowv48YAfmBNZK3z9jC42wxQ_rRXEghCbAp_zzdOZ7cWZB0JfLVp2w5xxRC2MtemjwEMT7nO3CgDgnPg0b91q8jMJLxj7_CFDKIb2Qj5hItnaLPjW5qiiUvbEd5ZvvbFTmKUSV1tpobiw4T1-VFvsoAWJj0k2quDyjXMl4sC9HvZnqgte7ggmy1hRXVleUYzfCoF1wL--UjSL8L34Fe5dIlOlUou9T8nN1XEG-msJP8r8xUpZQeabikOSyMMrCvm-AKzbWDAWQ1au0AxKoRI2fJuoloYntLKesVFQUj_TuJYNVBkjRcdSOysqSPVe9wRy69f6fSGvqBgepvT-iFA3QJyQ9uY2Eq2FDv_ELT3PpQhjmRVZOcwaxgeGRV7CW6f12uDm_Bnt1Zk_KbNKAm0qMEBWVvPt8GVfs3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC5ySvmxdZYW3CY2f78EP5Zu-qA_JntKxXL2Ol_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MTkxMzMwMzE1MDgyNjTIAQmpAs6uyc6GTrI-qAMByAMCqgSJAk_Q6yYHGSmzE4_EntKLkYxmdQw-V1B84Pxo15sTFeyFaMcCjaFMWdCKR9JONt4W7iHky8nU-fTSnFmTUCm7GOtC4oDm0um8z9wbVjSHhNDqYi-I7gmX6ASyfYHcD-cQWeaZXCcWkLZd5qyZzHBIWlQpaXBrj_2PCGSaRdsiUcYers-YMVqbMggyYKegS2NozgSfV45JVM2Oor8FJmdu3QmM7hXzE6gqtqXJjBHgy8au3k_lMdl3bOUVF5un8ZQFcfxv5A2eZ1uEmir_dYWP4ovBM_bOjAexTyZCrFX2R829WPsYJ8A6linIBhUchYvfmDgKkVCGyQzrElxPhhca9CaRkXnt4dkYIB2ABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0MTTu2wk1s-IC305sy2kpsxmuqug%26client%3Dca-pub-3619133031508264%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

21c0d6129cc12185f624cc61b91ff12bc702e7369d63bc6a80a6ecaad6ad238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 02:51:41 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=qIdmoFXNKzKDm-lP1ry05oKQXSsQWL6yQblIVJGXND8SqmheVlvUTgV1YKtA5JNweed-GkTuq8WvAW1wkkdSMZInEYiggJ2O8xGpQWed1JOm3tYuZhmMhs7JP_aE9yvCXK4YdeF0PvG-POT4cfJ-YWOh4ijKqf3vKAUttTRoeDZLw7BSnzaUpt2YXns4nP_ylx6WKEW1rBU46MZ20szpDrVNtEyNUqU_7gekLiBnfgNvesz3DgsHZMYqeHSxRqbozE1YVQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 37777035
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 454E 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 09:25:15 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 09:25:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7F1F 9 KB
9 KB 73ms
15ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=98009&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F98009%2F4848686%2F21e4ef88e686486fa50b1e920aa5cfbf_600x1200.png&v=3&w=196&rid=4&s=TsjquKCbfUsm5-8jcMlwi8-B

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8bd7601a2b17033f5df04eafe1d6eec2a476a396da7121399f5199d17d405c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 8808
expires: Mon, 11 Nov 2024 05:43:59 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7F1F 96 KB
97 KB 112ms
55ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=98009&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F98009%2F5095700%2F6a0b2b0864a846238c3140b4c01393fb_1200x1200_prospecting.jpg&v=3&w=1200&rid=4&s=dBHd3rQPJc-4H_gt38mqp3kY

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

74e4cdeeb9d39cb5cde81b406f2d3dadb2ec92e4643a6afb1a436e921fef8a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 98550
expires: Mon, 04 Nov 2024 13:33:47 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7F1F 39 KB
39 KB 97ms
40ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=98009&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0584%2F3645%2F2512%2Fproducts%2Fcollectionspage01_056dfcbf-b628-46b3-b48a-86a3b6dc525d.jpg%3Fv%3D1679549812&v=3&w=800&rid=4&s=riaQU15mgilSYDJPJLaJMkpk&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2eefa35233396cfa81b101daf01dca80def1e89fc1fb9ff298e78f2bddc3c951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 39730
expires: Mon, 28 Oct 2024 15:52:37 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7F1F 0
128 B 52ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=dvF0RFXNKzKDm-lPrnWYGLsfpW_4jvnW5XF0y8dAfx09qXlQ_SQqCuDQaUd6UNzJmvHPLT5373VbU-AXNqP7ifVl_o_e6YfwBb5L0oLsnWgI1qUOOMhgnV3qdZgcQjmhkDT1YZ4clJeK-tYv71NYEWasRFJTicrv7ChhJIt01AncfGIr2BFc7lkbdplI_H1tQ3VMxwqXaGFfJJQRLzbhq6-lTrXWrqD7px71WjmOt2jgfgL5scP08LEJD-k4cToHNSuqyw&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 02:51:42 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7F1F 2 KB
1 KB 16ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:42 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7F1F 2 KB
1 KB 16ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:42 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 0C95 2 KB
1 KB 19ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1svgACW4UCO8-NAA-N5aLV9QKsIKpQd3tPPQ&u=%7CHH2ib0ITAgojBenMga5Kdxvmb1q8h%2Fh4xlvVQNGUL1M%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe-gsqx7QcQj0ByoNabXMVzLsk1cS1XTEAbKkXTYoZWgB9xCP3UVrc77I7cNvhlUs1N8O5DAT1DlQBD4yxpgnfrY-j3JBTOS7aVmYVxGiILLYFe64nbDIfUY5jN5mYErKFzc7IdWSWowv48YAfmBNZK3z9jC42wxQ_rRXEghCbAp_zzdOZ7cWZB0JfLVp2w5xxRC2MtemjwEMT7nO3CgDgnPg0b91q8jMJLxj7_CFDKIb2Qj5hItnaLPjW5qiiUvbEd5ZvvbFTmKUSV1tpobiw4T1-VFvsoAWJj0k2quDyjXMl4sC9HvZnqgte7ggmy1hRXVleUYzfCoF1wL--UjSL8L34Fe5dIlOlUou9T8nN1XEG-msJP8r8xUpZQeabikOSyMMrCvm-AKzbWDAWQ1au0AxKoRI2fJuoloYntLKesVFQUj_TuJYNVBkjRcdSOysqSPVe9wRy69f6fSGvqBgepvT-iFA3QJyQ9uY2Eq2FDv_ELT3PpQhjmRVZOcwaxgeGRV7CW6f12uDm_Bnt1Zk_KbNKAm0qMEBWVvPt8GVfs3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC5ySvmxdZYW3CY2f78EP5Zu-qA_JntKxXL2Ol_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MTkxMzMwMzE1MDgyNjTIAQmpAs6uyc6GTrI-qAMByAMCqgSJAk_Q6yYHGSmzE4_EntKLkYxmdQw-V1B84Pxo15sTFeyFaMcCjaFMWdCKR9JONt4W7iHky8nU-fTSnFmTUCm7GOtC4oDm0um8z9wbVjSHhNDqYi-I7gmX6ASyfYHcD-cQWeaZXCcWkLZd5qyZzHBIWlQpaXBrj_2PCGSaRdsiUcYers-YMVqbMggyYKegS2NozgSfV45JVM2Oor8FJmdu3QmM7hXzE6gqtqXJjBHgy8au3k_lMdl3bOUVF5un8ZQFcfxv5A2eZ1uEmir_dYWP4ovBM_bOjAexTyZCrFX2R829WPsYJ8A6linIBhUchYvfmDgKkVCGyQzrElxPhhca9CaRkXnt4dkYIB2ABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0MTTu2wk1s-IC305sy2kpsxmuqug%26client%3Dca-pub-3619133031508264%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:42 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 0C95 2 KB
1 KB 20ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:42 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 0C95 308 B
636 B 14ms
12ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 16 Nov 2024 02:51:42 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 0C95 293 B
621 B 16ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 16 Nov 2024 02:51:42 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 0C95 43 B
347 B 34ms
34ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=5yQ0o-k_ujlkeeYniU3QabUbcXZLvEYCfzv3-VwJQveAj2S8w3pBMwfzuvsT1o8KNYgQy90Zlk9kwFheuyJvdeOWBaktlDI-4G4CEcGCWCYqNxgD8zupcX1KKTYJ8Y06CBhDi5zlwKdHPTGR82WEQUDOsVOEsKZn4sMJxBp4hKAzlUtgXg9S4x1zLC2oTLX9taQv4xoLVPW2YzMibEn4KMGnSegYAl4b0WYsqFln2P4Bm3EGiUEPjNgxyJiC1dUviaonheKJxO0ljEkVa8LaNn7WuGLuOF4v3RwNB5o_2UdivYHSV_kkUVvR-ggPKtTJkNltAtV-oD1oG7kxVtmh0TpXBYWFz4dd9NT7eLMl7dPtyzmjHD5bPV-Z0y7BiaWaaXIoEMiu3bV6dpD1xl9Osp9Nvq58xgUVzKC41K0tpugW2OQhLqajxcXd22dh4yHmgTvoKQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1931179
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 0C95 12 KB
5 KB 28ms
25ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1193993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3iItS5HADW%2Fj0c1he7MHkUCrafjDz92RmzhOd5RAFcNiNc77F1aP3UjziV7fCkrHrxoNMU68Q5Z6QLU74gRZeFUOU4xWSTEXd41c3rbyvMdTyCiBOqVWwRI8YJIHpIjTvagh5%2BAM6qWAoJ3GTdSJqIqI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 829ddf470d329253-FRA
expires: Mon, 11 Nov 2024 02:51:42 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 0C95 12 KB
6 KB 25ms
18ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:42 GMT

GET
H2 200 roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame 7F1F 2 KB
842 B 19ms
13ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:42 GMT

GET
H2 200 roboto-700.css
static.criteo.net/design/googlefont/roboto/ Frame 7F1F 2 KB
841 B 21ms
16ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13d-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:42 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 454E 0
104 B 105ms
26ms Image
text/plain 2a02:fa8:8806:21::1690
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENsSBNu0LYWewFs6Yp9MgP4&google_cver=1&google_push=AXcoOmQX4u3ftbKteoia1-PFUQlQ0KTQCWbn9z52IQ6QdAywQuvXmwHlY6evoQyNifj1DFPH9kbbHrbtkC8M_WQcFXpGs0WrUT1bBvY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=8419707306&adk=350297942&adf=2243191896&pi=t.ma~as.8419707306&w=930&fwrn=4&fwrnh=100&lmt=1700621502&rafmt=1&format=930x280&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621502107&bpp=1&bdt=1030&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280&nras=1&correlator=8491574885203&frm=20&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621502&ga_hid=1401417511&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=2960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809004%2C31078297%2C44806140%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3592919157422686&tmod=299929489&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:42 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 454E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPn4weSIQS3Zz8ddQMX0PVE&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MHpXYmpzZVAxUjVEbDQ1&google_gid=CAESEPn4weSIQS3Zz8ddQMX0PVE&google_cver=1&google_push=AXcoOmT0SrUCZ_0Pje--FD70Ok7NPb_Dwe5R0JwCS97fLlt...

170 B
188 B

25ms
24ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MHpXYmpzZVAxUjVEbDQ1&google_gid=CAESEPn4weSIQS3Zz8ddQMX0PVE&google_cver=1&google_push=AXcoOmT0SrUCZ_0Pje--FD70Ok7NPb_Dwe5R0JwCS97fLltcBXtQoy4BryIhddNZSfkEdLatnAx-8mTbOuk8tYgR_Du3xL1IWRocmGo

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 02:51:42 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MHpXYmpzZVAxUjVEbDQ1&google_gid=CAESEPn4weSIQS3Zz8ddQMX0PVE&google_cver=1&google_push=AXcoOmT0SrUCZ_0Pje--FD70Ok7NPb_Dwe5R0JwCS97fLltcBXtQoy4BryIhddNZSfkEdLatnAx-8mTbOuk8tYgR_Du3xL1IWRocmGo
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 454E
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAFBREyXBnMFXAjMB1QJJu0&google_cver=1&google_push=AXcoOmRHbw29BzaUSiraD1mFSwQhApFL-5iyPFdI16tVj19sGQoNzT92-50s0k8tUEcct1jw35bi1uI3vfF...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRHbw29BzaUSiraD1mFSwQhApFL-5iyPFdI16tVj19sGQoNzT92-50s0k8tUEcct1jw35bi1uI3vfFZnEzux6EJ_HKu_Ic-kA&google_hm=tlJDXbO0TqyNKiOBkm...

170 B
188 B

22ms
21ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRHbw29BzaUSiraD1mFSwQhApFL-5iyPFdI16tVj19sGQoNzT92-50s0k8tUEcct1jw35bi1uI3vfFZnEzux6EJ_HKu_Ic-kA&google_hm=tlJDXbO0TqyNKiOBkmsWdEs

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:42 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRHbw29BzaUSiraD1mFSwQhApFL-5iyPFdI16tVj19sGQoNzT92-50s0k8tUEcct1jw35bi1uI3vfFZnEzux6EJ_HKu_Ic-kA&google_hm=tlJDXbO0TqyNKiOBkmsWdEs
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 454E 0
174 B 65ms
14ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPjEc-GtSJOdnAnj_Ft8Wrg&google_cver=1&google_push=AXcoOmQaNkXkc8mWvYZBHQVyQN62QFIY6f8Qjx4c6BSLp3TUe84HwsHUj8kK7tVH5w6EFVVNFXXzEqta6_zMrqe84WoxogUcCvWTZN0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=8419707306&adk=350297942&adf=2243191896&pi=t.ma~as.8419707306&w=930&fwrn=4&fwrnh=100&lmt=1700621502&rafmt=1&format=930x280&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621502107&bpp=1&bdt=1030&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280&nras=1&correlator=8491574885203&frm=20&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621502&ga_hid=1401417511&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=2960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809004%2C31078297%2C44806140%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3592919157422686&tmod=299929489&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 454E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHG-NxmsVJHvzsfjUwNmbRQ&google_cver=1&google_push=AXcoOmS1U-Wo_X1QDlh0drR4qi7erH5IiK3nll7JX2xEi5uUHuTU_5IQRP09Rcc-vVBJFffl5Xm7vYioqADO5XPEManiwzG...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS1U-Wo_X1QDlh0drR4qi7erH5IiK3nll7JX2xEi5uUHuTU_5IQRP09Rcc-vVBJFffl5Xm7vYioqADO5XPEManiwzGpYBEnKEo&google_hm=eS1xX0d5d0I1RTJwRTh...

170 B
188 B

20ms
20ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS1U-Wo_X1QDlh0drR4qi7erH5IiK3nll7JX2xEi5uUHuTU_5IQRP09Rcc-vVBJFffl5Xm7vYioqADO5XPEManiwzGpYBEnKEo&google_hm=eS1xX0d5d0I1RTJwRThiU3hRMl84NUN1eEptcGxGS0NfTn5B

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 02:51:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS1U-Wo_X1QDlh0drR4qi7erH5IiK3nll7JX2xEi5uUHuTU_5IQRP09Rcc-vVBJFffl5Xm7vYioqADO5XPEManiwzGpYBEnKEo&google_hm=eS1xX0d5d0I1RTJwRThiU3hRMl84NUN1eEptcGxGS0NfTn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 454E
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEJ3b3cOCv6TCFdEVNb0URRg&google_cver=1&google_push=AXcoOmT0i2nR6GiHJn732TUJLt5-3lgn86tAk2rubMwtyV-RIqwF3dZIWKJx8AnpniZ3NiVckn6UoDyNETa24O0gfPCRpqG...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmT0i2nR6GiHJn732TUJLt5-3lgn86tAk2rubMwtyV-RIqwF3dZIWKJx8AnpniZ3NiVckn6UoDyNETa24O0gfPCRpqGhJeWl69o

170 B
188 B

21ms
20ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmT0i2nR6GiHJn732TUJLt5-3lgn86tAk2rubMwtyV-RIqwF3dZIWKJx8AnpniZ3NiVckn6UoDyNETa24O0gfPCRpqGhJeWl69o

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmT0i2nR6GiHJn732TUJLt5-3lgn86tAk2rubMwtyV-RIqwF3dZIWKJx8AnpniZ3NiVckn6UoDyNETa24O0gfPCRpqGhJeWl69o
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 454E 43 B
363 B 68ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQFqm9NXorrF-GrK0QKaFEZxNP0ZdYIA3HnTQHDA6Wwt8u-fdLMypQfKxc2CJmitAyxrK9CAPJa5DA4rNe1ANSQJXoJsERbVsQ&google_gid=CAESEDExZbsKfA1Jqw33cVbrH-E&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:42 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 221075
expires: Wed, 22 Nov 2023 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 454E 0
12 B 23ms
22ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J5kdpU8QVAavgnlQ179ZNJ7gGv1HT6f5baE4fz0vXBIHX5yvJ5vfnX3oPP0sCGW-kfWRcr

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 /
c.mgid.com/pv/ 43 B
115 B 51ms
26ms Image
image/gif 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/pv/?lu=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&cbuster=1700621502583973485987&pvid=18bf4f0c8778c4e998c&implVersion=11&cxurl=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&site=883217&i=1&scum=%3F0&scuw=%3F0

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 829ddf475f2365bd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0C95 9 KB
9 KB 31ms
15ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8bd7601a2b17033f5df04eafe1d6eec2a476a396da7121399f5199d17d405c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 8808
expires: Mon, 11 Nov 2024 05:43:59 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0C95 96 KB
97 KB 32ms
16ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

74e4cdeeb9d39cb5cde81b406f2d3dadb2ec92e4643a6afb1a436e921fef8a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 98550
expires: Mon, 04 Nov 2024 13:33:47 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0C95 40 KB
40 KB 32ms
16ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=98009&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0584%2F3645%2F2512%2Ffiles%2Fget_up_glow_trio_collectionspage01.jpg%3Fv%3D1686559880&v=3&w=800&rid=4&s=SySQEQXiXBx9yWK77xfPtiZE&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

78ee33b2b1a214768aa39a735c190af26244befb4ac6bc059950d85d15902220

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 40486
expires: Thu, 14 Nov 2024 08:37:32 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 0C95 0
127 B 30ms
16ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=qIdmoFXNKzKDm-lP1ry05oKQXSsQWL6yQblIVJGXND8SqmheVlvUTgV1YKtA5JNweed-GkTuq8WvAW1wkkdSMZInEYiggJ2O8xGpQWed1JOm3tYuZhmMhs7JP_aE9yvCXK4YdeF0PvG-POT4cfJ-YWOh4ijKqf3vKAUttTRoeDZLw7BSnzaUpt2YXns4nP_ylx6WKEW1rBU46MZ20szpDrVNtEyNUqU_7gekLiBnfgNvesz3DgsHZMYqeHSxRqbozE1YVQ&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 02:51:42 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0C95 2 KB
1 KB 25ms
11ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:42 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 0C95 2 KB
1 KB 24ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:42 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7F1F 9 KB
9 KB 24ms
18ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8bd7601a2b17033f5df04eafe1d6eec2a476a396da7121399f5199d17d405c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 8808
expires: Mon, 11 Nov 2024 05:43:59 GMT

GET
DATA 200
OK truncated
/ Frame B17B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20901902ecc68d58d11313f3d81b4b61e896806036b509a810cdf48e9de5255b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 7F1F 15 KB
16 KB 53ms
25ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-3d80"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:42 GMT

GET
H2 200 roboto-700-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 7F1F 15 KB
16 KB 58ms
30ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13d-3df4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:42 GMT

GET
H2 200 roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame 0C95 2 KB
842 B 13ms
13ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:42 GMT

GET
H2 200 roboto-700.css
static.criteo.net/design/googlefont/roboto/ Frame 0C95 2 KB
841 B 15ms
15ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13d-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:42 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 155B 0
19 B 56ms
54ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsT0MvmxdZdywA9Su78EPwoiMmAXJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MTkxMzMwMzE1MDgyNjTIAQmpAlNuIrwJT7I-qAMByAMCqgSBAk_QlbNVUacNi6GZG1FKxFV6fPAcXZZGOXsKGCwxp_rpKXa-byt5oOM0qgmDAjBkOrSl8Ox_81ZVtG4xM_Q6qJ5Cz-YD7BsODh-q4iuO7tmmqO0yUAPMpF2755uBYhovJR5Nts_Eti4wBQYdhiw2jmBCSLKjYpwIIXkOsm4rt1KK1JfQrTGM74mdN--KmIbP1zy8Uqs30jANLZLrUGtMmOo3owEAWW_Q90zZdhPpcCkEdf4VEAQ7JTbVYtDWEZk1QJloTq5VmspzPxw7ZXHHNolo4jMeCPrfkKOmLeoqZyORPPG2tDe1q6yt1Ed4akGQVyO58KYxxfauj6LTyruDTxMegAbs6KWm5_L3uY0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM2MTkxMzMwMzE1MDgyNjQYAA&sigh=52qY_iW-ChQ&uach_m=%5BUACH%5D&cid=CAQSPADICaaNZQlkt3eG_KLfL6C_NV4TLTQOD54S07Wk0mI2T11OGOzop25p5hKs5oZa-rtej-mS12gEeAk5cBgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7158217283&adk=3375755801&adf=3353007588&pi=t.ma~as.7158217283&w=930&fwrn=4&fwrnh=100&lmt=1700621502&rafmt=1&format=930x280&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621502000&bpp=4&bdt=923&idt=4&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=20&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621502&ga_hid=1401417511&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809004%2C31078297%2C44806140%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3592919157422686&tmod=141995989&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Nov 2023 02:51:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 155B 0
126 B 50ms
18ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kIqLFcz6RKIHmAKdg2ICAgAAAA-nPwaos-xAEL1sXWWoJnGS36rauTGFAAASAAAKCkFRVURBUUVCQVE&wp=ZV1svgAA2FwCO9dUAAMEQu5H4KvyHqIm_CiBqA&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 157907
server: Kestrel
content-length: 0

GET
H2 200 roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 0C95 15 KB
16 KB 17ms
16ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-3d80"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:42 GMT

GET
H2 200 roboto-700-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 0C95 15 KB
16 KB 20ms
20ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13d-3df4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:42 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B17B 0
19 B 54ms
53ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COn15vmxdZYW3CY2f78EP5Zu-qA_JntKxXL2Ol_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MTkxMzMwMzE1MDgyNjTIAQmpAs6uyc6GTrI-qAMByAMCqgSGAk_Q6yYHGSmzE4_EntKLkYxmdQw-V1B84Pxo15sTFeyFaMcCjaFMWdCKR9JONt4W7iHky8nU-fTSnFmTUCm7GOtC4oDm0um8z9wbVjSHhNDqYi-I7gmX6ASyfYHcD-cQWeaZXCcWkLZd5qyZzHBIWlQpaXBrj_2PCGSaRdsiUcYers-YMVqbMggyYKegS2NozgSfV45JVM2Oor8FJmdu3QmM7hXzE6gqtqXJjBHgy8au3k_lMdl3bOUVF5un8ZQFcfxv5A2eZ1uEmir_dYWP4ovBM_bOjAexTyZCrFX2R829Gvk5tUCpRhRu1jLGCas2PDYtm-aM5xRpppRyIOWl6gqJCbN5wTCABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzYxOTEzMzAzMTUwODI2NBgA&sigh=J2jRETs28js&uach_m=%5BUACH%5D&cid=CAQSPADICaaNoqJTJIZ4MGZr5yVCYPhwIgaGosTjvKGXBA-ktB-jHNGOjcq_OGcQYrBLT0OTP1wSG9y5cNzq9BgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=8419707306&adk=350297942&adf=2243191896&pi=t.ma~as.8419707306&w=930&fwrn=4&fwrnh=100&lmt=1700621502&rafmt=1&format=930x280&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621502107&bpp=1&bdt=1030&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280&nras=1&correlator=8491574885203&frm=20&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621502&ga_hid=1401417511&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=2960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809004%2C31078297%2C44806140%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3592919157422686&tmod=299929489&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Nov 2023 02:51:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame B17B 0
125 B 40ms
19ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kIqLFcz6RKIHmAKdg2ICAgAAAPbXlc9tI9qYEL5sXWUsjc8kzSv_ELqYAAASAAAKCkFRVURBUUVCQVE&wp=ZV1svgACW4UCO8-NAA-N5aLV9QKsIKpQd3tPPQ&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:42 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 167744
server: Kestrel
content-length: 0

GET
BLOB 206
Partial Content 8d9df077-6ca2-417d-9e0f-005e1abbfb86
https://tin8.tinxahoivn.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tin8.tinxahoivn.com/8d9df077-6ca2-417d-9e0f-005e1abbfb86
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 steepto_logo_mini_45.png
cdn.steepto.com/images/steepto/ 3 KB
3 KB 56ms
19ms Image
image/png 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.steepto.com/images/steepto/steepto_logo_mini_45.png
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:43 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: GRPAGV4TM71PG978
age: 3711
content-length: 2745
x-amz-id-2: qlu8gDt1wqoZ+Uwla3JwDTrjqeifp7WuqEMdqjOadOhDNiToyNd90gMDn8wMIwkq2ZH4+fnBDlCPkhCFWZEU9A==
last-modified: Mon, 04 May 2020 12:16:55 GMT
server: cloudflare
etag: "7e16c555b09abddb8088e5bfca7a1cde"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 829ddf49bc7a35fa-FRA
expires: Wed, 22 Nov 2023 06:51:43 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1477392/ 17 KB
4 KB 76ms
54ms Script
application/x-javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/1477392/1?mp4=1&ap=1&w=930&h=4424&ident_p=true&sz=680x451;337x280&szp=1,4,5,8,9,12,13;2,3,6,7,10,11,14,15&szl=1;2,3;4;5;6,7;8;9;10,11;12;13;14,15&cols=1&sessionId=655d6cbf-0bb4e&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&cbuster=1700621503010854599114&pvid=18bf4f0c8778c4e998c&implVersion=11&cxurl=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&scum=%3F0&scuw=%3F0&uniqId=01bf6&niet=4g&nisd=false&pv=5&lct=1700006400&jsv=es6&pageView=1&dpr=1&ref=&apt=2023-08-02T03%3A50%3A38%2B00%3A00&tfre=1923

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/o/congdong24.com.1477392.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fab38753127309dfc13b2a2a69aa009b014754536921edf26cf9db11a9cf7ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 829ddf49f85e65bd-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 steepto_logo_mini_45.png
cdn.steepto.com/images/steepto/ 3 KB
3 KB 13ms
12ms Image
image/png 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.steepto.com/images/steepto/steepto_logo_mini_45.png
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:43 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: GRPAGV4TM71PG978
age: 3711
content-length: 2745
x-amz-id-2: qlu8gDt1wqoZ+Uwla3JwDTrjqeifp7WuqEMdqjOadOhDNiToyNd90gMDn8wMIwkq2ZH4+fnBDlCPkhCFWZEU9A==
last-modified: Mon, 04 May 2020 12:16:55 GMT
server: cloudflare
etag: "7e16c555b09abddb8088e5bfca7a1cde"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 829ddf4a5cbc35fa-FRA
expires: Wed, 22 Nov 2023 06:51:43 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjY5MDQvN2JkZ...
s-img.steepto.com/g/16853267/492x277/-/ 11 KB
11 KB 232ms
192ms Image
image/webp 104.19.129.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/16853267/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjY5MDQvN2JkZGE4YWM5NThjMWVjNjlkNmNmYTQ1YWJkNDZkZmMucG5n.webp?v=1700621503-J7nf7f7tvWAG4MCMza8MD4TnAEIqXdv5soj_DO89HAw
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.129.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02d8d8d1d3f164722d3aae632d7f0847fa5e99e1f0bc0442043779016dc2f500

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:43 GMT
cf-cache-status: MISS
last-modified: Wed, 02 Aug 2023 15:12:46 GMT
x-mg-request-uuid: 231d038c-834f-426b-a67f-52b049601453
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 829ddf4aab1b2bf8-FRA
content-length: 11512

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjY5MDQvNjYzN...
s-img.steepto.com/g/16853266/492x277/-/ 9 KB
9 KB 290ms
251ms Image
image/webp 104.19.129.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/16853266/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjY5MDQvNjYzNzAwNGEwOGMyMWU0MjVjNWZmOTQ2ZDRhMDkyNGYuanBn.webp?v=1700621503-dvDwEoeA2UcTIEgm_ac-6nen_fAMvb1c7xZph_M7QU0
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.129.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fac3e33c9cfb1292e532ff09ff978a92bcccd41a1bd79c6a13dc5631c712a8c

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:43 GMT
cf-cache-status: MISS
last-modified: Wed, 02 Aug 2023 15:40:37 GMT
x-mg-request-uuid: 7c59838d-4e88-470f-854a-893aa1980768
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 829ddf4aab1c2bf8-FRA
content-length: 9050

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMC83ODMzODUvNDU5Z...
s-img.steepto.com/g/17591159/492x277/-/ 9 KB
10 KB 285ms
246ms Image
image/webp 104.19.129.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/17591159/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMC83ODMzODUvNDU5ZjM5YmFlY2I3MDJlNjA0YWI0M2EwOGZjYzAwNDMucG5n.webp?v=1700621503-so_e_UUPdqbQQ5qqoM9nUMIbOGKaJVsiy8DJVvVe-a4
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.129.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35851c34e4be78d12fc79cbf6964e7fc614c8ff0a7f6d32e223f2ff4ba84af09

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:43 GMT
cf-cache-status: MISS
last-modified: Tue, 31 Oct 2023 07:47:20 GMT
x-mg-request-uuid: 0b0bd076-d199-4df9-ab11-5b8689b4a387
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 829ddf4aab1d2bf8-FRA
content-length: 9700

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS83ODMzODUvN2I1N...
s-img.steepto.com/g/17764277/492x277/-/ 17 KB
17 KB 429ms
390ms Image
image/webp 104.19.129.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/17764277/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS83ODMzODUvN2I1NzliMTkxYThlYmUxNmFkNmE4NmY5OWY4Mzk1ZjAuanBlZw.webp?v=1700621503-V2rWLa_pbhXWeOCjqc4oRWQQ7usV2oXsE00V-hRMLZ4
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.129.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4e06464b1d4d7584d26a4e91bc5ab6deb2e7e939b73dbc53964805c905db4b2

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:43 GMT
cf-cache-status: MISS
last-modified: Thu, 16 Nov 2023 10:46:30 GMT
x-mg-request-uuid: 0ed9c63d-1ee1-4cab-b0c8-0340f97f5773
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 829ddf4aab1f2bf8-FRA
content-length: 17250

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wOS80NzU4MjEvZDk5N...
s-img.steepto.com/g/17252679/492x277/-/ 15 KB
15 KB 430ms
391ms Image
image/webp 104.19.129.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/17252679/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wOS80NzU4MjEvZDk5NDc1ZGY1NTAyODc3MmQ2ZjM3Zjk4YjIwZjNlYjEuanBn.webp?v=1700621503-jFbJDVrlqSEXFJXJgERQ2y36iTRDTEi4hWCMbGQvZ4A
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.129.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61ae424df439ea34b89eeb416074bc0214bc3d943dff687cc821896bde75d981

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:43 GMT
cf-cache-status: MISS
last-modified: Thu, 21 Sep 2023 07:29:06 GMT
x-mg-request-uuid: 3aecffb9-e95c-4237-bbe6-58218f85534a
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 829ddf4aab1e2bf8-FRA
content-length: 15666

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNi8zNjk0MDMvM2U5Y...
s-img.steepto.com/g/17021227/492x277/-/ 18 KB
18 KB 405ms
367ms Image
image/webp 104.19.129.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/17021227/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNi8zNjk0MDMvM2U5YzIwOTEwODQwMzk1ODFkOTQ1ZmU1NzFjNDk3ZDEuanBlZw.webp?v=1700621503-mxuXlwV5nn3v-93H7AW0elX-v5T5GIgIbHsbj7KpMW4
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.129.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1453242e022fe2a2435384d732ec220f07eddd1b911559b037b2d84f175524a7

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:43 GMT
cf-cache-status: MISS
last-modified: Wed, 23 Aug 2023 03:02:25 GMT
x-mg-request-uuid: 438cafcc-f9f3-43ec-994c-a4ff5eb4d17f
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 829ddf4aab202bf8-FRA
content-length: 17984

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS80ODUxMDAvNzllM...
s-img.steepto.com/g/17813391/492x277/-/ 19 KB
19 KB 368ms
365ms Image
image/webp 104.19.129.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/17813391/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS80ODUxMDAvNzllMzRiOWIyMTBmNTZjY2MzZTQ5MDJmNGUwYWRkMDcuanBn.webp?v=1700621503-sqkwYcq59u3a3ZWzIYhpEeIxLR0wZSC35yxEst_6_pE
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.129.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 761f02f9ce7edd7bb0135a674d27c64857cb58cbc31f83ef0792045607babc9e

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:43 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Nov 2023 09:26:11 GMT
x-mg-request-uuid: 6d6cc890-37cf-4151-95a1-30372bf66b5d
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 829ddf4b1b4d2bf8-FRA
content-length: 19450

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNy83ODMzODUvYTJhM...
s-img.steepto.com/g/16675892/492x277/-/ 9 KB
9 KB 269ms
266ms Image
image/webp 104.19.129.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/16675892/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNy83ODMzODUvYTJhMTgwZGYwMWZiZjE2NjIwZGU1ZmI1YTJkYTlkZDUucG5n.webp?v=1700621503-1vzNs7D8EEGxgg06QQK10x_T1u9RrN4UWdyNioZLJlk
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.129.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 657e6dbb6cf905fa06929854e64618f0aee6d1c08804cef18fc01507833c0c7d

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:43 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Jul 2023 12:34:10 GMT
x-mg-request-uuid: 14c86b73-e0ef-4122-9c5d-ee6cc3feadcb
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 829ddf4b1b4e2bf8-FRA
content-length: 9392

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8zNjk0MDMvMGU2M...
s-img.steepto.com/g/16621568/492x277/-/ 13 KB
13 KB 252ms
251ms Image
image/webp 104.19.129.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/16621568/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8zNjk0MDMvMGU2MjYzNDgwNjgxZDU4ZGM2MTY1NzE2ZmVlNzhhNWMuanBlZw.webp?v=1700621503-qMCV46U2SSFvpSD05kXpoddQ7D_73sCjOKc64DJ7pNA
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.129.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cdf7ea3b474c0386095c61755691af8545e472b38686666ef5f9854eb1180bb

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:43 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Jul 2023 08:06:05 GMT
x-mg-request-uuid: 043c89ca-27b7-4e50-ac23-fc1992e2393e
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 829ddf4b1b502bf8-FRA
content-length: 13368

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS83ODMzODUvYWNjM...
s-img.steepto.com/g/17776338/492x277/-/ 13 KB
13 KB 262ms
260ms Image
image/webp 104.19.129.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/17776338/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS83ODMzODUvYWNjMDYxMGY4ZWM4NWViNWRhNmJkZjljZDc1Y2FkNGEuanBlZw.webp?v=1700621503-1DAW7AMI1t7Tsy_gPSQO0WoP1uwITzC3wq21HymLdrQ
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.129.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a92523548ecceb29bbc011a48c6fe3526ef1c02ac2f1e47fff371a936f8e1e5d

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:43 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Nov 2023 05:30:49 GMT
x-mg-request-uuid: 4b351ef6-348d-45a2-a6d6-9441403f7943
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 829ddf4b1b512bf8-FRA
content-length: 13006

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMC83ODMzODUvNDYwY...
s-img.steepto.com/g/17550136/492x277/-/ 38 KB
38 KB 369ms
368ms Image
image/webp 104.19.129.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/17550136/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMC83ODMzODUvNDYwYjhhY2IxOWNiYzVkNzRiYmZjYjZlZWQwOTU2Y2YucG5n.webp?v=1700621503-FbO7AF2XjWRr1YZNaYf85WNT3r_2ILiogbyIaUt9Aog
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.129.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5922b6df487a5aa8ed91b63e68202554f66a9ebcb44e675efb9e4548d6478a42

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:43 GMT
cf-cache-status: MISS
last-modified: Thu, 26 Oct 2023 08:15:06 GMT
x-mg-request-uuid: b7d338c6-a126-4bf8-a565-661aa7b451de
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 829ddf4b1b532bf8-FRA
content-length: 39178

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjY5MDQvOWIzZ...
s-img.steepto.com/g/16853281/492x277/-/ 20 KB
20 KB 378ms
377ms Image
image/webp 104.19.129.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/16853281/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjY5MDQvOWIzZDQ3MWM2MTIwZTM1MjEyM2YxZDhiN2U1Mzc4YmIuanBlZw.webp?v=1700621503-aFKUekm32mOFZGxiBqWdBLsN1K6N9INZF02Qzm05z8k
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.129.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 785262c31960480e3ad1e1cd1df97203d954cb3ec895591d60b81c87f3670ed2

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:43 GMT
cf-cache-status: MISS
last-modified: Wed, 02 Aug 2023 17:16:05 GMT
x-mg-request-uuid: 822e97bd-3c78-4786-97ff-dfde671cfdc1
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 829ddf4b1b542bf8-FRA
content-length: 20506

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzAzLHlfMTgyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAzL...
s-img.steepto.com/g/15627187/492x277/-/ 16 KB
17 KB 362ms
361ms Image
image/webp 104.19.129.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/15627187/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzAzLHlfMTgyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAzLzQ3Mzc1NC9iYWU4OThjZTgxNmYwMGQxMjBhNzE1ODcwZWQ3ZWM3Mi5wbmc.webp?v=1700621503-srtOjINgwkvDd7hS3fOFlvEvYkfcLldsDzM05R5vQ2g
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.129.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bb0633cf615d1950231a4713fec1be1dc1c879f872c45c4297186a2d1f7abdd

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:43 GMT
cf-cache-status: MISS
last-modified: Mon, 04 Sep 2023 10:07:21 GMT
x-mg-request-uuid: 6fc48d0c-e165-4ee0-bfa0-e55d22cf0a37
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 829ddf4b1b552bf8-FRA
content-length: 16886

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMC8zODIwNzIvNTFkM...
s-img.steepto.com/g/17393159/492x277/-/ 9 KB
10 KB 248ms
247ms Image
image/webp 104.19.129.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/17393159/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMC8zODIwNzIvNTFkMzA5YjA1MWU1YTBjZmY3ZDFjZWQwYjA5MWJmMDguanBlZw.webp?v=1700621503-GNCQEoX8jytAQVNULwoGnAxaIQfANPPBmG4i-Jc0Cn4
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.129.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66617fcfac12bced6e04696091cd32393af2643ef4f3069bb0b43528b2c932a9

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:43 GMT
cf-cache-status: MISS
last-modified: Mon, 09 Oct 2023 10:49:08 GMT
x-mg-request-uuid: 9f6dd767-fb3c-4fde-8dde-d2741c133093
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 829ddf4b1b562bf8-FRA
content-length: 9636

GET
H2 206 f41f675d156dec0687499697959ac91f.mp4
cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-11/348419/ 145 KB
145 KB 71ms
20ms Media
video/mp4 2606:4700:4400::ac40:9281
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-11/348419/f41f675d156dec0687499697959ac91f.mp4?v=1700621503-IP-p-Lexw9DpUZCPYUYteYzOGA5CApRmvUJC1wOS1jo

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9281 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39e9f95e5f1a294713b1d0a6b74b479fe0207661f96dd19d85f43bcf299cd00a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 22 Nov 2023 02:51:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 69666
Content-Range: bytes 0-148018/148019
server-timing: cld-cloudflare;mitm=c;dur=2282;start=2023-11-20T10:39:26.633Z;desc=miss,content-info;desc="width=680,height=382,abps=41892,fps=30.0,du=3.533,vc="h264",bytes=148019,owidth=1920,oheight=1080,oabps=940158,ofps=30.0,odu=3.533,ovc="h264",obytes=3321892,oformat="mp4";";cloudinary;dur=2253;start=2023-11-20T10:39:26.649Z,cld-id;desc=6796e13c4f7b6ed83dedb85dd259eca6
alt-svc: h3=":443"; ma=86400
Content-Length: 148019
x-request-id: 6796e13c4f7b6ed83dedb85dd259eca6
last-modified: Mon, 20 Nov 2023 10:39:27 GMT
server: cloudflare
etag: "090fafc2ce6384d28de14b51a8f9bc65"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, max-age=31536000, no-transform, immutable
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 829ddf4ad8719bd4-FRA

GET
H2 200 i.js Show response
cm.steepto.com/ 0
39 B 279ms
258ms Script
application/javascript 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.steepto.com/i.js?cbuster=1700621503138233077780
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/o/congdong24.com.1477392.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:43 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 02:51:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 829ddf4acd0135fa-FRA
content-length: 0

GET
H2 200 i-noref.js Show response
cm.steepto.com/ Frame 58E8 0
134 B 252ms
249ms Script
application/javascript 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.steepto.com/i-noref.js?cbuster=1700621503145998588219
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/o/congdong24.com.1477392.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:43 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 02:51:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 829ddf4acd0035fa-FRA
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 155 KB
34 KB 171ms
20ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/o/congdong24.com.1477392.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55c42b730ca713b035def0627103a30502f57f3cb92b70646cf3a4ec6fd167d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 16:21:00 GMT
server: cloudflare
x-amz-request-id: AQTC2DNCJ3SDM0S8
age: 933
etag: W/"9de400a88b1abbc0d9f732ed23122ff0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 829ddf4c0cbebbd3-FRA
x-amz-id-2: mBivylEsySb8x16sgT3Z70SM3OTgY/brjvo0BlpNn35AqMN41sTRhi9af5FzT55OrogvxWZOLGk=

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 207 KB
63 KB 49ms
8ms Script
application/javascript 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/o/congdong24.com.1477392.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:43 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=136785
accept-ranges: bytes
content-length: 63913
expires: Thu, 23 Nov 2023 16:51:28 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 155B 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnMNgpvUBybeS1pj5mtkFEAE33yStlcGVh1IOHOG_N3zcp5UAQKTDPZNrowyhUmBrINrrS-v0Cd8917kUmD3w6mQCwZvOkzbYkfUa_KJRfAQCxsu7P&sig=Cg0ArKJSzPn_TSdlRRRcEAE&id=lidar2&mcvt=1003&p=0,0,280,930&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3375755801&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700621502022&rpt=341&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7F1F 0
127 B 14ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 02:51:42 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
279 B 40ms
7ms Fetch
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

5759d7f93cc66105913209060cfe8095589fa2242056a7b80dc1f1272230dc7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: https://tin8.tinxahoivn.com
date: Wed, 22 Nov 2023 02:51:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 v3 Show response
id5-sync.com/gm/ 319 B
604 B 38ms
8ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

e612247cea248e968a50348d1e33e09c6e2657a950d72c5e1cfc974e5ec73d9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tin8.tinxahoivn.com
date: Wed, 22 Nov 2023 02:51:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E53F 151 KB
52 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Requested by

Host: server.zmedia.vn
URL: https://server.zmedia.vn/static/template/passback/mobileinpage-mb.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10cdf5dc56e03e5c6c2211aabde212b1ba6f9633a65d9307a20506551217d6b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52751
x-xss-protection: 0
server: cafe
etag: 18195344374977597296
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 02:51:45 GMT

GET
H2 200 infooter-mb.min.js Show response
server.zmedia.vn/static/template/passback/ 42 KB
21 KB 200ms
198ms Script
application/javascript 123.30.177.102
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://server.zmedia.vn/static/template/passback/infooter-mb.min.js
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 123.30.177.102 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: Byte-nginx /
Resource Hash: e3d88d1097801509f6160f41ea7ecf7ca2f2c32bc0f1ddae6179b6daed17b0e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Wed, 22 Nov 2023 03:06:45 GMT
date: Wed, 22 Nov 2023 02:51:45 GMT
content-encoding: gzip
last-modified: Mon, 14 Aug 2023 08:01:53 GMT
server: Byte-nginx
etag: W/"64d9df71-a887"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
ef-cache-status: HIT

GET zbkRHFtOdCUBC36clASnJg2MhSWle2OO4y3bjDQ7Du1yoqhe4A7JTihcE1lMFkuAZbOnoNSkCC6guN99C7qxcS5JJcG_ImbgW53ijbSRt2CxFZoVElSiCuDvqc9h7k3ixbTK0V0LsBWy2v5n3wy39MtijljuuDzeICzQHmKVhf0iiZSXEl7bj4TGSGT16gNx-Fy2M...
aj1559.online/ 0
0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ Frame E53F 397 KB
134 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=tin8.tinxahoivn.com&bust=31079757

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e583cccb6f3c00a3e47ca6ebf1a9a6dbfc80377b313dd1ebfe6c8d207f22336c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137284
x-xss-protection: 0
server: cafe
etag: 15983745768756208340
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 02:51:45 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4B97 10 KB
5 KB 168ms
167ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&adk=1812271804&adf=2373185790&lmt=1700621505&plaf=1%3A2&plat=1%3A128%2C2%3A128%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621505619&bpp=4&bdt=67&idt=79&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&nras=1&correlator=8491574885203&frm=23&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621506&ga_hid=1001760996&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1855113125&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=588912739335768&tmod=513809925&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.fv2ac081ig98&fsb=1&dtd=105

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=tin8.tinxahoivn.com&bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

082c9d05f7fe8ee21d0bfdc99d5a5aed8716c9c66767b24a3c24c19da3b17171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 4673
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 02:51:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E53F 16 KB
12 KB 23ms
23ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

522cdfddca073f959b2cf1aabcc191f7d2339c63f5859eeca079bb759a0d435d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12316
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5E8D 47 KB
16 KB 288ms
287ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=700&slotname=7796836873&adk=4253876812&adf=3279755400&pi=t.ma~as.7796836873&w=400&lmt=1700621505&format=400x700&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621505623&bpp=1&bdt=72&idt=118&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=21&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621506&ga_hid=1001760996&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=270&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1855113125&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=588912739335768&tmod=513809925&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.l63iodch9xxg&fsb=1&dtd=123

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

540eccc097b2db7e156bf4b8b15600e3497097a624a4ea7c6e9fbe51263d991b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16793
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 02:51:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E53F 17 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 02:51:45 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B6B6 151 KB
52 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Requested by

Host: server.zmedia.vn
URL: https://server.zmedia.vn/static/template/passback/infooter-mb.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98fe33d2130caa95325db6eba43fc7048e2408485806288e3cc5a1e502ba2cfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52755
x-xss-protection: 0
server: cafe
etag: 14997961037274654083
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 02:51:45 GMT

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2b183bab67f6ccec7a73145d7553a3e3294d470b0d49bda1ee5de802b590394

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200 ba298f04.js Show response
aj1559.online/ 36 KB
36 KB 193ms
193ms Script
text/javascript 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/ba298f04.js
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: f532b1d4c30d3692c9d58690f83c1e9d2d17851ad0aecaccab8dbc8f00744440

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:45 GMT
accept-ranges: bytes
etag: "0e2cf53331521857872cbf642fd34234a"
content-length: 37125
content-type: text/javascript

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B93B 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 23193
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 20:25:12 GMT
expires: Wed, 20 Nov 2024 20:25:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9D2B 829 B
560 B 21ms
20ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a1fbc1384d1f5de262407cb6486a6a4a6c8e42a2c505f514e3abbd81063d0eab

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xHhLnoUc_ERuF4N-TjNE0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-xHhLnoUc_ERuF4N-TjNE0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 02:51:45 GMT
expires: Wed, 22 Nov 2023 02:51:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame B93B 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 13:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 13:05:04 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/ Frame B6B6 397 KB
134 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=tin8.tinxahoivn.com&bust=31079699

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c6ac4c92b43937d30f33e2ba301b56e55ad12aa721aa944b20da43196fa4592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137294
x-xss-protection: 0
server: cafe
etag: 3119015768195782106
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 02:51:45 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9D2B 0
0 43ms
43ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=588912739335768&rc=
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1F6C 10 KB
5 KB 159ms
158ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&adk=1812271804&adf=2373185791&lmt=1700621505&plaf=1%3A2&plat=1%3A128%2C2%3A128%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621505849&bpp=4&bdt=78&idt=95&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&nras=1&correlator=8491574885203&frm=23&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621506&ga_hid=1046684914&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=100&ifk=2284155398&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C44798934%2C31078297%2C31079699%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3752036220882487&tmod=1255810988&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C100&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iqcjf49rzlez&fsb=1&dtd=112

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=tin8.tinxahoivn.com&bust=31079699

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05bb48c83cd04e2a6ca75b34df1b99db6e9ffb6accdad2464019b831d74578b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 4670
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 02:51:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B6B6 16 KB
12 KB 22ms
22ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5012e5915ecc3dd381c1b940bd08475818b4266e885e67bdc3cb5b50c9b12380

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12297
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D744 34 KB
14 KB 268ms
267ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=100&slotname=5127037000&adk=1698990200&adf=3279755403&pi=t.ma~as.5127037000&w=400&lmt=1700621505&format=400x100&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621505853&bpp=1&bdt=82&idt=117&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=21&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621506&ga_hid=1046684914&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=1100&biw=1600&bih=1200&isw=1600&ish=100&ifk=2284155398&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C44798934%2C31078297%2C31079699%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3752036220882487&tmod=1255810988&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.zfishtrbytjc&fsb=1&dtd=125

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5baf440e8c9d9164da2534c19d4fca03c1dac650eae9e6377f39b8156f03259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 14185
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 02:51:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B6B6 17 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 02:51:46 GMT

POST
H/1.1 200 zEV5exSqkrx8mNhILt2uT0HtDeo8yhnqSN8mYsNRe5xaps5lkqA_8C9Za4s4zE9S6IKagaiPIoL7sDpQbwZpsG8WsuIA4UR9Lby2pUUuiyoANJCeNlSg61XdDW0W2pJQx8_wVkOVx7wddD9uHAenGjG6uyu7ZzfqRUwRvEMkzfF5CqdfV_XJgd3DjCY3TIV4AebcP... Show response
aj1559.online/ 2 KB
2 KB 176ms
176ms XHR
application/json 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/zEV5exSqkrx8mNhILt2uT0HtDeo8yhnqSN8mYsNRe5xaps5lkqA_8C9Za4s4zE9S6IKagaiPIoL7sDpQbwZpsG8WsuIA4UR9Lby2pUUuiyoANJCeNlSg61XdDW0W2pJQx8_wVkOVx7wddD9uHAenGjG6uyu7ZzfqRUwRvEMkzfF5CqdfV_XJgd3DjCY3TIV4AebcPlc1jHIzkG85pQxDo_Xdl-TXMy7kHKg8j3SPQ-hSx0MrtejBjr6yY1OGeuRxyU821ywhpEpxpLblzTQbfGezsFkaYwNuiSVxdxcxNSoHwMo1PKfOa38uVoaBvxOwXMcwynokTKo10x-T1MFNC_tae6eKCJUCar78quDfIGYrGklI0gdTxR0D31v39DBxDg8lWlrDmT_F_mGUGD_zYRyFkMiSvRF7Ifx3tM9To5EQhajk1fkpHgsx0HU0_9mVB5dVSCgn2rxQEN6eM0OMnaSVhlRB6XXMRsV4T7kECua3OPboaH3MeGmL1?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 5cf2024d282e55ec897e474359cac86a34b8b0867d66ac4a03d88e61207dae9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:45 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
vary: accept-encoding
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://tin8.tinxahoivn.com
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ptag.js Show response
tag.adbro.me/tags/ 33 KB
10 KB 82ms
17ms Script
application/javascript 2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.adbro.me/tags/ptag.js
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ba59bdfa5df7ac0f5efd3d15e24f89455c8f30e3b8260586c0429b2219c2887

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 21 Nov 2023 17:35:08 GMT
content-md5: Kre+pSjv/5704F++6Kckdw==
age: 872
server: cloudflare
cf-polished: origSize=62811
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 829ddf5cffca18e4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 6hpc7txv.js Show response
tag.adbro.me/configs/ 1 KB
772 B 409ms
344ms Script
application/javascript 2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.adbro.me/configs/6hpc7txv.js
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68afb75b6ccc9da9157a54429bed57b3a0c42dc62c3e1fac10ac6490bb41a960

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Thu, 26 Oct 2023 04:39:41 GMT
server: cloudflare
cf-polished: origSize=1817
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 829ddf5cffcc18e4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 tinxahoivn_mobile Show response
player.gliacloud.com/player/ 142 KB
46 KB 680ms
609ms Script
application/javascript 2606:4700:e6::ac40:c81f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.gliacloud.com/player/tinxahoivn_mobile
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c81f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f186776222454940ba9c56f9b38ed47872a619c5542db6081d6306ee391ba88e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: Public
date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 21 Nov 2023 19:10:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFiEO0qLIPDQOJokmqThnfFcCq3hGdRAY4lBQNXMOi%2FDOqPjDiW39falDC325asr26Hm%2Fp%2BUBoSTKqoDqXVJR9nngeDMRKhDRLGno6m0Gr3GD%2BTGEZnQrMwsKxYNiwKfZMX6LlKn7CiAlZD2ODaCqdYWaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-cloud-trace-context: 32ad16f9752e244b1a15f1dfcb53bf97
cache-control: public, max-age=900
cf-ray: 829ddf5d09162c57-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 Nov 2023 03:06:46 GMT

GET
H/1.1 200 zlIO8IuUw1sq6_wF9oCQUscNzxDMN3thZXOsQVwV1pnwtSQ85WDfcXhllY6bYWXvHon1g4sYww_jLk5VcsyQSmnn5hep65lGl-tp3qxZRFXUd3fF_WclZkBr01B1enZm1a_uMQ9___cc-i4_75EWDRXOPoVetqnw6-0Z4Qk7GDO0FQySSjmXHX40TwF8bTWxfXE8h...
aj1559.online/ 49 B
512 B 98ms
98ms Image
image/gif 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/zlIO8IuUw1sq6_wF9oCQUscNzxDMN3thZXOsQVwV1pnwtSQ85WDfcXhllY6bYWXvHon1g4sYww_jLk5VcsyQSmnn5hep65lGl-tp3qxZRFXUd3fF_WclZkBr01B1enZm1a_uMQ9___cc-i4_75EWDRXOPoVetqnw6-0Z4Qk7GDO0FQySSjmXHX40TwF8bTWxfXE8hTK6YzcWLXH3nuLDL0AXK-t63PZ0o1KJoWx8o54jPgqj6e7Q7ORjSG8J8qT6Uy5c3qTzR-f2JcckCKFX5Z7B0jzNwqVsbz1FKQWLkOOTE-UQWRimRvFTq8L3jg3kW2cSS-t_oguWNDjsWRlG3C9XVL-DHPd8IdE8GL14jp4imIh6z_sEeGpSqrLQtLqcGAi2Yuy43fGqigaMDUCd_0d9WXZU?DC=DO
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:45 GMT
last-modified: Mon, 06 Nov 2023 14:46:40 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1699282000000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B93B 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Iar99Q
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 87DB 13 KB
5 KB 22ms
18ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 23194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 20:25:12 GMT
expires: Wed, 20 Nov 2024 20:25:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1AF0 829 B
561 B 24ms
22ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6756b6bc99704347f59766ca80e7fa12e9aec8eec97e6626988300e14b484415

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-We_3KERvPvsRBC946ka24A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-We_3KERvPvsRBC946ka24A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 02:51:46 GMT
expires: Wed, 22 Nov 2023 02:51:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 33DB 51 KB
20 KB 18ms
18ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1swQAL578CO9dUAAMEQinai0CCD9xV5P7nSg&u=%7CpJ3WQi6EmEdiwTPlB%2FFFnPbewXAkInM5e%2F5rJmgcXfE%3D%7C&c1=VEd5MTeK-DXZ_xpexaO2-6frMMVgtFyD9UEnP5zsHUdtRkd5vOLWBwF71FhG0uSmJXaBoAvoAonhebQaPtw_tcumgLl9mbFDrylQIqHxfPRUtk5ab8XU4BUP19yE7wCqEXWdEi_ayvNdXVsuxS4P4_FBvdhNtijMA8HVRCONQs8-QPp2gfKjHzORak7D-4l_j5BhSalyCqokb90zzu063Q3ZHL14yQL2xufsOb_pOwrjOLaSTigtOx7K2WlYob-ZC6VWl8rdY4B33CUNoMTHMJVsZ8HoFuctt-aJSIHrS9msWb-FU8Cz8qbn5Z43copClhgwiTjsfqqp920aRFpgLXZMHuQsRbpQwCtMYLulHw5IVAccYYYNhKgAnT84ssRw9bGduRSujj5swDL186xef_fBHLhiFwyGc1qcWEBM7wIsRxycChPmC-nbBflq8NWqaCqXLNIVa14ekOVxkby21WJweISZGz2bmprqOOmo-IDWLbtA90_Kc3Th5PXn0FZcyLzSLiJoc3krJPnQC3M13-xWxsFMazsmPgQlpn0QqD7JDj9VSKy2_qJVoiZj1DZtAflHjHh6eEgQo4npse0xDLM0GORgm6KNSDStAaBQaFCrRLsYAmobog&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO8lywWxdZb_PL9Su78EPwoiMmAXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MTkxMzMwMzE1MDgyNjTIAQmpAlNuIrwJT7I-qAMByAMCqgSDAk_QJ_5eBNnm0Bej_21p_XmcODQPQtQZ0-0TeoVorGVMuM9IsbaDthvO__JCe1RL9I8Idrq-NVP4aIkvLLJVNgDm2gnBkIAXkOunP5UAPXzF-vz6zY2i_HXzgzOIRFmMwS5M6bUJL3wGogeOi1r82xN-gnJU0kx3G-GtjWwBpnlXa1Y99CsCe7ymmTXGWtI34DyXc-HW4SdUXG8LE4Jx0ochOEoZxzj_TJOk44SRiEyJcAh087n7YlScv8ik4FVQ32sqWU-V8C6PbQEJMk5fEfrAsdIAH15S9LdrkfnxSJ1M2mrFLzvNYMjT9EzzdLP04fsxKRpq7FbuBY77E6idVhn4U6mABonJq-iC9qLpDKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0iBcCvjoTX3pRROZ-iFAiPhqwmNA%26client%3Dca-pub-3619133031508264%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=700&slotname=7796836873&adk=4253876812&adf=3279755400&pi=t.ma~as.7796836873&w=400&lmt=1700621505&format=400x700&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621505623&bpp=1&bdt=72&idt=118&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=21&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621506&ga_hid=1001760996&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=270&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1855113125&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=588912739335768&tmod=513809925&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.l63iodch9xxg&fsb=1&dtd=123

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b6661e0f778cfa95a01dae4b440530bb6896ee3bd2f1126538839db07250fd42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 02:51:45 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=qz82R1XNKzKDm-lPAsnSP0DNYfwFRonCbzlsOjWAuLcPxY63RkWf0KKRiFIj7qSnowiPHrZ9JaFpvAjqwjyCb5DIqwTefjzeV-JHLaVH8v9q2CGEXj0sSOXLTIFQhkC843KMOSGBRIfdIwtFgsvyfTXxwhqFEcK_RBVKWSbtOciMnLfJgGWmffYkbuU1uJKstFUBHqcQKXb2U_ZU7MuntC-7DwoezCE4tq0Vk_gd0cW8kXrnXpXRMe6MFGqz5RYm497itA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 3309158
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame BE46 3 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3EE1 1 KB
643 B 14ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62791
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 09:25:15 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 09:25:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame BE46 20 KB
8 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12888
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BE46 202 KB
64 KB 20ms
16ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 02:51:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1AF0 0
0 41ms
41ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3752036220882487&rc=
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 87DB 39 KB
15 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 13:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 13:05:04 GMT

GET
DATA 200
OK truncated
/ Frame BE46 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18d9eab148d96c000b63e05346bdbe0845f2c3bc3ebd158c116072c45b174f01

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BE46 0
19 B 56ms
56ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0hOzwWxdZb_PL9Su78EPwoiMmAXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MTkxMzMwMzE1MDgyNjTIAQmpAlNuIrwJT7I-qAMByAMCqgSAAk_QJ_5eBNnm0Bej_21p_XmcODQPQtQZ0-0TeoVorGVMuM9IsbaDthvO__JCe1RL9I8Idrq-NVP4aIkvLLJVNgDm2gnBkIAXkOunP5UAPXzF-vz6zY2i_HXzgzOIRFmMwS5M6bUJL3wGogeOi1r82xN-gnJU0kx3G-GtjWwBpnlXa1Y99CsCe7ymmTXGWtI34DyXc-HW4SdUXG8LE4Jx0ochOEoZxzj_TJOk44SRiEyJcAh087n7YlScv8ik4FVQ32sqWU-V8C6PbQEJMk5fEfrAsdIAH15S9Ldr0_vQ2h3fCldj_xwX7Og6UELUfgX-z-OzndJXSqRRG6Lji2IJdvCABonJq-iC9qLpDKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zNjE5MTMzMDMxNTA4MjY0GAA&sigh=vK8HSd6lGYw&uach_m=[UACH]&cid=CAQSPADICaaNIaLJ8G5U0kkVGQVHH4CyE8jwEHm6QW26IlSBDQ9F3WC3PFrv4GzWAMHag0QRoQXwSnYic4_exhgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=700&slotname=7796836873&adk=4253876812&adf=3279755400&pi=t.ma~as.7796836873&w=400&lmt=1700621505&format=400x700&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621505623&bpp=1&bdt=72&idt=118&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=21&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621506&ga_hid=1001760996&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=270&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1855113125&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=588912739335768&tmod=513809925&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.l63iodch9xxg&fsb=1&dtd=123
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Nov 2023 02:51:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame BE46 0
126 B 111ms
22ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kIb-GI-lBKwC2ASdg2ICAgAAALipd61HS4l1EMFsXWVx9IGj86ay9m-9AAASAAAKCkFRVUREd0VCRHc&wp=ZV1swQAL578CO9dUAAMEQinai0CCD9xV5P7nSg&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:45 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 194766
server: Kestrel
content-length: 0

GET
H2 200 pto-mb.min.js Show response
server.zmedia.vn/static/template/passback/ 25 KB
8 KB 199ms
198ms Script
application/javascript 123.30.177.102
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://server.zmedia.vn/static/template/passback/pto-mb.min.js
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 123.30.177.102 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: Byte-nginx /
Resource Hash: 91412d7079f64f81e6943218fa890e5721b7c2d261cde6dd3c25b693a92c3805

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Wed, 22 Nov 2023 03:06:46 GMT
date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
last-modified: Thu, 24 Aug 2023 09:06:37 GMT
server: Byte-nginx
etag: W/"64e71d9d-6297"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
ef-cache-status: HIT

GET zHekuH9xQrZcB9Wpcql-eqUIXp8egFsgOwhQkYZc6FA2ZKcxVR0Kdh16l9EezVXe1yaskpZBCMOjyqF4vieoFIFZn8tl-c4ZELiLztzNj3LNrKlVWYMNudmt5yOS-Wh5SWvg4fCQ73ODSjM5vP0lb-kAIiTk9LnJCxBEOpSO_jX1wUxxVlLgM-l8yd8qug-dq-T-A...
aj1559.online/ 0
0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 33DB 2 KB
1 KB 19ms
18ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1swQAL578CO9dUAAMEQinai0CCD9xV5P7nSg&u=%7CpJ3WQi6EmEdiwTPlB%2FFFnPbewXAkInM5e%2F5rJmgcXfE%3D%7C&c1=VEd5MTeK-DXZ_xpexaO2-6frMMVgtFyD9UEnP5zsHUdtRkd5vOLWBwF71FhG0uSmJXaBoAvoAonhebQaPtw_tcumgLl9mbFDrylQIqHxfPRUtk5ab8XU4BUP19yE7wCqEXWdEi_ayvNdXVsuxS4P4_FBvdhNtijMA8HVRCONQs8-QPp2gfKjHzORak7D-4l_j5BhSalyCqokb90zzu063Q3ZHL14yQL2xufsOb_pOwrjOLaSTigtOx7K2WlYob-ZC6VWl8rdY4B33CUNoMTHMJVsZ8HoFuctt-aJSIHrS9msWb-FU8Cz8qbn5Z43copClhgwiTjsfqqp920aRFpgLXZMHuQsRbpQwCtMYLulHw5IVAccYYYNhKgAnT84ssRw9bGduRSujj5swDL186xef_fBHLhiFwyGc1qcWEBM7wIsRxycChPmC-nbBflq8NWqaCqXLNIVa14ekOVxkby21WJweISZGz2bmprqOOmo-IDWLbtA90_Kc3Th5PXn0FZcyLzSLiJoc3krJPnQC3M13-xWxsFMazsmPgQlpn0QqD7JDj9VSKy2_qJVoiZj1DZtAflHjHh6eEgQo4npse0xDLM0GORgm6KNSDStAaBQaFCrRLsYAmobog&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO8lywWxdZb_PL9Su78EPwoiMmAXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MTkxMzMwMzE1MDgyNjTIAQmpAlNuIrwJT7I-qAMByAMCqgSDAk_QJ_5eBNnm0Bej_21p_XmcODQPQtQZ0-0TeoVorGVMuM9IsbaDthvO__JCe1RL9I8Idrq-NVP4aIkvLLJVNgDm2gnBkIAXkOunP5UAPXzF-vz6zY2i_HXzgzOIRFmMwS5M6bUJL3wGogeOi1r82xN-gnJU0kx3G-GtjWwBpnlXa1Y99CsCe7ymmTXGWtI34DyXc-HW4SdUXG8LE4Jx0ochOEoZxzj_TJOk44SRiEyJcAh087n7YlScv8ik4FVQ32sqWU-V8C6PbQEJMk5fEfrAsdIAH15S9LdrkfnxSJ1M2mrFLzvNYMjT9EzzdLP04fsxKRpq7FbuBY77E6idVhn4U6mABonJq-iC9qLpDKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0iBcCvjoTX3pRROZ-iFAiPhqwmNA%26client%3Dca-pub-3619133031508264%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:46 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 33DB 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:46 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 33DB 308 B
636 B 13ms
12ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 16 Nov 2024 02:51:46 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 33DB 293 B
621 B 14ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 16 Nov 2024 02:51:46 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 33DB 43 B
347 B 18ms
16ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=q_5Hrewcv_GlTWSopDseKdwo2Kzj4gp0h5TSKwzCdpbeYUjOY3F8-jFOP3lmlPVZL6tAGOIrSOI-jiehu8MXIl_Maex9vWxu-qJdpG5rtckwgwRF16vB6202_u9tIi23BiSPLXBZNvbZ0cFWHf6jkkkWc4SX_MikrJB3jV3Zak8stNcvyyFASWx6omICkVQzxRBsgafSxsAPOLbMnH-pwiYpkUE980AaypSlHrRINXY9LLigFuk4S153ZSyPigF2-CRKt_DYePUe14g5Ij8G-KZCRIrTrcFoJuq0rew2RvTkVgdebmWYTFuszdJ27VvXfXsu2Gvir9kK0BQWNneMWKl8z9trW9NvCtWevGRJTXNnr9wwj12ALt9T3KAt8Z0vqGS3cYRhOJrrqCLTRSxZQwVDaF9XOTBmS565SC0ZUBB7PIvx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1796935
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

B31030449.381333670;dc_pre=CJSeoebM1oIDFRsVVQgdqS8ASg;dc_trk_aid=572205582;dc_trk_cid=204628760;dcopt=anid;ord=655d6cc1dbd3462f4d8ad7405947528c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
ad.doubleclick.net/ddm/trackimp/N743351.154378CRITEO/ Frame 33DB
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N743351.154378CRITEO/B31030449.381333670;dc_trk_aid=572205582;dc_trk_cid=204628760;dcopt=anid;ord=655d6cc1dbd3462f4d8ad7405947528c;dc_lat=;dc_rdid=;tag_for_c...
https://ad.doubleclick.net/ddm/trackimp/N743351.154378CRITEO/B31030449.381333670;dc_pre=CJSeoebM1oIDFRsVVQgdqS8ASg;dc_trk_aid=572205582;dc_trk_cid=204628760;dcopt=anid;ord=655d6cc1dbd3462f4d8ad7405...

42 B
246 B

28ms
26ms

Image
image/gif

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N743351.154378CRITEO/B31030449.381333670;dc_pre=CJSeoebM1oIDFRsVVQgdqS8ASg;dc_trk_aid=572205582;dc_trk_cid=204628760;dcopt=anid;ord=655d6cc1dbd3462f4d8ad7405947528c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd=;dc_tdv=1?

Requested by

Protocol

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N743351.154378CRITEO/B31030449.381333670;dc_pre=CJSeoebM1oIDFRsVVQgdqS8ASg;dc_trk_aid=572205582;dc_trk_cid=204628760;dcopt=anid;ord=655d6cc1dbd3462f4d8ad7405947528c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd=;dc_tdv=1?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 66e9a49205f24c909c2b91c4bb3b5844_image_ad_300x600.jpeg
static.criteo.net/design/dt/13426/5099577/ Frame 33DB 196 KB
197 KB 20ms
18ms Image
image/jpeg 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/13426/5099577/66e9a49205f24c909c2b91c4bb3b5844_image_ad_300x600.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

71758e5b7948e62d1c2854ad59d2f67fd38be6fc1b46b278125456f9da5cdec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 13 Nov 2023 14:09:56 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "65522e34-310f5"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 200949
expires: Sat, 16 Nov 2024 02:51:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D744 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=100&slotname=5127037000&adk=1698990200&adf=3279755403&pi=t.ma~as.5127037000&w=400&lmt=1700621505&format=400x100&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621505853&bpp=1&bdt=82&idt=117&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=21&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621506&ga_hid=1046684914&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=1100&biw=1600&bih=1200&isw=1600&ish=100&ifk=2284155398&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C44798934%2C31078297%2C31079699%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3752036220882487&tmod=1255810988&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.zfishtrbytjc&fsb=1&dtd=125

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D744 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12888
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D744 0
0 17ms
16ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTw9iudRKT6b_63fJVaIfdU8jU493hhqtYPtQdlBmfKqQYJsFa3wnRMJ2oRv4KhOp5egtosqM3LEcSSkwoBR0Hr_f2xow
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=100&slotname=5127037000&adk=1698990200&adf=3279755403&pi=t.ma~as.5127037000&w=400&lmt=1700621505&format=400x100&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621505853&bpp=1&bdt=82&idt=117&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=21&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621506&ga_hid=1046684914&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=1100&biw=1600&bih=1200&isw=1600&ish=100&ifk=2284155398&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C44798934%2C31078297%2C31079699%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3752036220882487&tmod=1255810988&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.zfishtrbytjc&fsb=1&dtd=125
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D744 202 KB
64 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 02:51:46 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3EE1
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDGpJHs-WQNKERRbOqQbm5E&google_cver=1&google_push=AXcoOmRa5GygjQvhEk4-uJX1XC-T97azAPdFPv0COQwvpQFL-oPOKJ-iK1...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRa5GygjQvhEk4-uJX1XC-T97azAPdFPv0COQwvpQFL-oPOKJ-iK1rN0jNQBxyMkCBf5z4mu3_c3J3Wlt5aotYMw8gseKQdnXA&google_hm=BelqEaaKz...

170 B
188 B

24ms
23ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRa5GygjQvhEk4-uJX1XC-T97azAPdFPv0COQwvpQFL-oPOKJ-iK1rN0jNQBxyMkCBf5z4mu3_c3J3Wlt5aotYMw8gseKQdnXA&google_hm=BelqEaaKzc9zpbxl49j70A

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRa5GygjQvhEk4-uJX1XC-T97azAPdFPv0COQwvpQFL-oPOKJ-iK1rN0jNQBxyMkCBf5z4mu3_c3J3Wlt5aotYMw8gseKQdnXA&google_hm=BelqEaaKzc9zpbxl49j70A
pragma: no-cache
date: Wed, 22 Nov 2023 02:51:46 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame 3EE1 43 B
474 B 237ms
235ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEKnMIR4Xwz4hSsopmDCMbmg&google_cver=1&google_push=AXcoOmT1W639pJya5g-x0wkOPP-qYck3L_yOZh4CoW-Xn2PearjzwOEp_QuWrUkP7vTGTOPViNIC9E7vjqHM5sFWwZx-dArIVthKLA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT1W639pJya5g-x0wkOPP-qYck3L_yOZh4CoW-Xn2PearjzwOEp_QuWrUkP7vTGTOPViNIC9E7vjqHM5sFWwZx-dArIVthKLA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=700&slotname=7796836873&adk=4253876812&adf=3279755400&pi=t.ma~as.7796836873&w=400&lmt=1700621505&format=400x700&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621505623&bpp=1&bdt=72&idt=118&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=21&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621506&ga_hid=1001760996&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=270&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1855113125&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=588912739335768&tmod=513809925&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.l63iodch9xxg&fsb=1&dtd=123
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:46 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 829ddf5e5e4730d2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 3EE1 43 B
362 B 14ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmStPsMTkvN3zqgjJUkKIIsOkkkpeGw3_F6iJ8pwpDdql79eQUD4VFHeSvDcz54FYKKOHifGgRPSo_bK2lCSezg_cgw4-RY_-J8&google_gid=CAESEDExZbsKfA1Jqw33cVbrH-E&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:46 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 264905
expires: Wed, 22 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3EE1
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK3N5ZBXGKXoJTOC0piRCIg&google_cver=1&google_push=AXcoOmQ3d0J3tHd757ONcyhtnSRO1VlgAPJIXVIaXT5BXaZNrnkwZFQI-6F6njc1G7sNex1_EEf74ujO...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEK3N5ZBXGKXoJTOC0piRCIg&google_cver=1&google_push=AXcoOmQ3d0J3tHd757ONcyhtnSRO1VlgAPJIXVIaXT5BXaZNrnkwZFQI-6F6njc1G7sNex1_EEf...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAyNTYyNjM0Mjc4MjgzOTQwOQ&google_push=AXcoOmQ3d0J3tHd757ONcyhtnSRO1VlgAPJIXVIaXT5BXaZNrnkwZFQI-6F6njc1G7sNex1_EEf74u...

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAyNTYyNjM0Mjc4MjgzOTQwOQ&google_push=AXcoOmQ3d0J3tHd757ONcyhtnSRO1VlgAPJIXVIaXT5BXaZNrnkwZFQI-6F6njc1G7sNex1_EEf74ujO1UsV_gJLxnwiRLvDlasHGg

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAyNTYyNjM0Mjc4MjgzOTQwOQ&google_push=AXcoOmQ3d0J3tHd757ONcyhtnSRO1VlgAPJIXVIaXT5BXaZNrnkwZFQI-6F6njc1G7sNex1_EEf74ujO1UsV_gJLxnwiRLvDlasHGg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3EE1 0
12 B 15ms
14ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JGpu1Kr8qftKacTToG4HXILVEYxFMgxVKbLH0XC4WLIT4rT_24

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D744 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbwoxwmxdZZZswKjvwQ_D5J3QD8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzYxOTEzMzAzMTUwODI2NMgBCakCU24ivAlPsj6oAwHIAwKqBIACT9CzxQ75Z7hg0_OFli514WDgviBZou1Lk1iJ0i1sC-KhDgj22gAlTKNCulkfGSypEDJOhmgFnpIOA83-UVZ7gW9M-Qe4auM7JtI-TcfmFGZUmG36X8HfzB3Tk_hT6LoBkbD7uTKLj7IWFXlsQhfFqllWRYB2eyY0xGKXN4fAlEetZnlEFRQiKo_NpuQOS20x9FvYchs_399usxCIgl4pECssCya9-Scmh1Ref3whjB7kfvPCwlWVwMAftzXtejuIJSkxsQS407pyhqXImsdsHzCK6dSfnrEHxdEGq0O2YqSK_AwV3Dd-r-9D0HHbFE3ktfO4NvfpCw05pR8i8760EIAG7Oilpufy97mNAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zNjE5MTMzMDMxNTA4MjY0GAA&sigh=sufNx3WLTng&uach_m=[UACH]&cid=CAQSPADICaaN5OvRCUP_2sSuGWKpxpU79Xd3d7z-3TmXkYwwYucXMDFeM6aZwtmEt4vquh_5wer-CbOaDl9yABgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=100&slotname=5127037000&adk=1698990200&adf=3279755403&pi=t.ma~as.5127037000&w=400&lmt=1700621505&format=400x100&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621505853&bpp=1&bdt=82&idt=117&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=21&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621506&ga_hid=1046684914&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=1100&biw=1600&bih=1200&isw=1600&ish=100&ifk=2284155398&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C44798934%2C31078297%2C31079699%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3752036220882487&tmod=1255810988&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.zfishtrbytjc&fsb=1&dtd=125
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Nov 2023 02:51:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame D744 0
0 27ms
15ms Fetch 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kIqLFcz6RJADZJ2DYgICAAAAKethLCR3cG4QwWxdZe3pJ1n7px8wDkUAABIAAAoKQVFVRER3RVBEdw&wp=ZV1swgAANhYCO9RAAAdyQ7t2LzkEJ5wwQm8z4g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:45 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 166553
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame ACF6 131 KB
46 KB 59ms
52ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1swgAANhYCO9RAAAdyQ7t2LzkEJ5wwQm8z4g&u=%7C6Sb4jh4xxyFgxZZ2BQ%2F7UF7RjwnoFBj5I0hRsebIDgU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZ72leTwqgY6guWqjNQgREAb3nIYp8tsl44QXofZlvf7cZsXaO4_3bD6klSWmjl6LogidWxxow6fs_CMKuzKNsAkFck--u5tvqlvcidS-BQMnxfwg3zik-S8EvBO26Otuki_fVo37GL16pjp9em4TFHU6d51Y4q7EO3H2AFzdTPZGIyoMhymnZ6NNLmifytjvRlrvVm8YK2u9A6LGuFesjZDE9Agd6eFDFkAzc4n341ZDLMifWpVlpVwyyNuxc6fo7jhCu1PkoyJ9ooyVXKjdHfnq88Vv6m70JAvZedJyLzsQRXUdS-Y9aN5UnHHW-yxSxTaCUh3z7ntgG-tcEYLwihyQvGVo8whETnof2tbo05DGY7Rgf14Ktmh2Fwx2qkDA1_mISpUmzQvdzO7ndFkkDJombXf9ZVhw2BvXXw6Tck0IxU3xL_VL12PHhOuYCY7bvWFT8ifqRsgblTV5-DJCfARGGIH8WMCYukz7hh5cCi5Xl_dRPEH7eClBYlejbxIWc42ea2lJglH3Y_1XlD3lHO9kDJ_PPhs9bANqKc0h30a&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7uIwmxdZZZswKjvwQ_D5J3QD8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzYxOTEzMzAzMTUwODI2NMgBCakCU24ivAlPsj6oAwHIAwKqBIMCT9CzxQ75Z7hg0_OFli514WDgviBZou1Lk1iJ0i1sC-KhDgj22gAlTKNCulkfGSypEDJOhmgFnpIOA83-UVZ7gW9M-Qe4auM7JtI-TcfmFGZUmG36X8HfzB3Tk_hT6LoBkbD7uTKLj7IWFXlsQhfFqllWRYB2eyY0xGKXN4fAlEetZnlEFRQiKo_NpuQOS20x9FvYchs_399usxCIgl4pECssCya9-Scmh1Ref3whjB7kfvPCwlWVwMAftzXtejuIJSkxsQS407pyhqXImsdsHzCK6dSfnrEHxdFEqWIk4jdawarF--3yjwbn3lbRokfKrXEM_spP-bIniQe6OSqU-Ru_j4AG7Oilpufy97mNAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0-Iw0bvhEtPZ_UHrVdr5SrmV98cw%26client%3Dca-pub-3619133031508264%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b4c1a913035deba9a588514fc9ef13eba470be118d5c6abb18ef711b8f77da77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 02:51:45 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=-L_1nlXNKzKDm-lPlXEMT-P2giJy2P6q_WSQUaFcpjDQxjLjdO5ZoxurJeVWCXD7PwZ3YUiU14urykYaIFQ9iKXm9mmhrqY1Ixc3hkL5MRulF8-7Jdsd66cQbClrMxtlO2LAfHVHtuerOxgJB4eaZr1dw5pD3Y1ns7AUOokoSJqezL3s7NOWhiQGsgiuqAEBhOqG0ZLb7J9uNydeNVIGUItHv7RSM3oLBCPuehoCVkCKMb1QVL8tOllaPewb2Iy4PyazeQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 39309005
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5552 1 KB
643 B 11ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62791
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 09:25:15 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 09:25:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 33DB 0
127 B 15ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=qz82R1XNKzKDm-lPAsnSP0DNYfwFRonCbzlsOjWAuLcPxY63RkWf0KKRiFIj7qSnowiPHrZ9JaFpvAjqwjyCb5DIqwTefjzeV-JHLaVH8v9q2CGEXj0sSOXLTIFQhkC843KMOSGBRIfdIwtFgsvyfTXxwhqFEcK_RBVKWSbtOciMnLfJgGWmffYkbuU1uJKstFUBHqcQKXb2U_ZU7MuntC-7DwoezCE4tq0Vk_gd0cW8kXrnXpXRMe6MFGqz5RYm497itA&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 02:51:46 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 33DB 2 KB
1 KB 22ms
21ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:46 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 33DB 2 KB
1 KB 23ms
22ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:46 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame ACF6 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1swgAANhYCO9RAAAdyQ7t2LzkEJ5wwQm8z4g&u=%7C6Sb4jh4xxyFgxZZ2BQ%2F7UF7RjwnoFBj5I0hRsebIDgU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZ72leTwqgY6guWqjNQgREAb3nIYp8tsl44QXofZlvf7cZsXaO4_3bD6klSWmjl6LogidWxxow6fs_CMKuzKNsAkFck--u5tvqlvcidS-BQMnxfwg3zik-S8EvBO26Otuki_fVo37GL16pjp9em4TFHU6d51Y4q7EO3H2AFzdTPZGIyoMhymnZ6NNLmifytjvRlrvVm8YK2u9A6LGuFesjZDE9Agd6eFDFkAzc4n341ZDLMifWpVlpVwyyNuxc6fo7jhCu1PkoyJ9ooyVXKjdHfnq88Vv6m70JAvZedJyLzsQRXUdS-Y9aN5UnHHW-yxSxTaCUh3z7ntgG-tcEYLwihyQvGVo8whETnof2tbo05DGY7Rgf14Ktmh2Fwx2qkDA1_mISpUmzQvdzO7ndFkkDJombXf9ZVhw2BvXXw6Tck0IxU3xL_VL12PHhOuYCY7bvWFT8ifqRsgblTV5-DJCfARGGIH8WMCYukz7hh5cCi5Xl_dRPEH7eClBYlejbxIWc42ea2lJglH3Y_1XlD3lHO9kDJ_PPhs9bANqKc0h30a&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7uIwmxdZZZswKjvwQ_D5J3QD8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzYxOTEzMzAzMTUwODI2NMgBCakCU24ivAlPsj6oAwHIAwKqBIMCT9CzxQ75Z7hg0_OFli514WDgviBZou1Lk1iJ0i1sC-KhDgj22gAlTKNCulkfGSypEDJOhmgFnpIOA83-UVZ7gW9M-Qe4auM7JtI-TcfmFGZUmG36X8HfzB3Tk_hT6LoBkbD7uTKLj7IWFXlsQhfFqllWRYB2eyY0xGKXN4fAlEetZnlEFRQiKo_NpuQOS20x9FvYchs_399usxCIgl4pECssCya9-Scmh1Ref3whjB7kfvPCwlWVwMAftzXtejuIJSkxsQS407pyhqXImsdsHzCK6dSfnrEHxdFEqWIk4jdawarF--3yjwbn3lbRokfKrXEM_spP-bIniQe6OSqU-Ru_j4AG7Oilpufy97mNAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0-Iw0bvhEtPZ_UHrVdr5SrmV98cw%26client%3Dca-pub-3619133031508264%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:46 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame ACF6 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:46 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame ACF6 308 B
636 B 15ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 16 Nov 2024 02:51:46 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame ACF6 293 B
621 B 15ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 16 Nov 2024 02:51:46 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame ACF6 43 B
347 B 16ms
15ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Z3z6eqRzlhMQdFW_JiL47eZmYYhjmZXcG2Motqr5ufgxcHEW-2WJYlhutoTQxaws6SicxEmEWKtosWrk2ig8vfizU1iFPW_F5KMhuVhg6Af9r2czHdLi5bGbPET_K6lNW3TX2J6Om-rf6aXAkfw2G9y4CP1DQY1W4Bs-BsVsJ1ISZqrp6WjUl0CJW3mG6WHbK3mEGMdGV1zUWfql8enw8AjFuxJ0CqUNjUYkiMuHUUBnvqKysfzJega81ZpuHiL0iccO0ycXfp_OzKzNW92r_E2PELmlz_MLprkJpQfjSc3JTT9B6xDamOja4SxVcoxY2o-L1E_OszJnd8XUCpTVW-WTzETuIMXFLRZfM6dOGn-OKCmEmvdvASSlUg7Z7-mcmChIkMjlvIE4-j6cVapY7qywQe_PTAAPR7VpDWk59XeQz3P5JhatrPwagqncUNb1mw3rdw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2006936
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D744 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b5be406a39bb8d975ff8a89207196896c4fe81c9d9e9b1eabbdd0d74474e6d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5552
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDGpJHs-WQNKERRbOqQbm5E&google_cver=1&google_push=AXcoOmQf5OL41kMyEmnusOP1pKpiPmTM5bqeCpIKrOBavlZ1P0e6QrEr8U...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQf5OL41kMyEmnusOP1pKpiPmTM5bqeCpIKrOBavlZ1P0e6QrEr8UWqo5RyDTbdpwG_ejVuo_Q5ocMIvPlkQ8T2qpsR1XF4&google_hm=BelqEaaKzc9z...

170 B
188 B

26ms
25ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQf5OL41kMyEmnusOP1pKpiPmTM5bqeCpIKrOBavlZ1P0e6QrEr8UWqo5RyDTbdpwG_ejVuo_Q5ocMIvPlkQ8T2qpsR1XF4&google_hm=BelqEaaKzc9zpbxl49j70A

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQf5OL41kMyEmnusOP1pKpiPmTM5bqeCpIKrOBavlZ1P0e6QrEr8UWqo5RyDTbdpwG_ejVuo_Q5ocMIvPlkQ8T2qpsR1XF4&google_hm=BelqEaaKzc9zpbxl49j70A
pragma: no-cache
date: Wed, 22 Nov 2023 02:51:46 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 i.match
a.tribalfusion.com/ Frame 5552 43 B
639 B 169ms
163ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEKnMIR4Xwz4hSsopmDCMbmg&google_cver=1&google_push=AXcoOmSxxVO04PuVBkaLhWpOarlPUjhmm407vx2HhN6GXDp0wvk2F8VrjdgBiHjcMTwYEQ_gChgJTiaaQQiqNKWD5IGdOE_dEkdPjg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSxxVO04PuVBkaLhWpOarlPUjhmm407vx2HhN6GXDp0wvk2F8VrjdgBiHjcMTwYEQ_gChgJTiaaQQiqNKWD5IGdOE_dEkdPjg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=100&slotname=5127037000&adk=1698990200&adf=3279755403&pi=t.ma~as.5127037000&w=400&lmt=1700621505&format=400x100&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621505853&bpp=1&bdt=82&idt=117&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=21&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621506&ga_hid=1046684914&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=1100&biw=1600&bih=1200&isw=1600&ish=100&ifk=2284155398&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C44798934%2C31078297%2C31079699%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3752036220882487&tmod=1255810988&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.zfishtrbytjc&fsb=1&dtd=125
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:46 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 829ddf5f7ccd360e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 5552 43 B
362 B 20ms
9ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRdRJSWpTO2w8HHHXsAvRyS6YBuVcJ4e-8TqR9yrnFSinwu72Hj4eDI9ddD1NPwfI5ZltUgEBkU6SRiI4RUnyV5MTAL6kq-&google_gid=CAESEDExZbsKfA1Jqw33cVbrH-E&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:45 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 204093
expires: Wed, 22 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5552
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK3N5ZBXGKXoJTOC0piRCIg&google_cver=1&google_push=AXcoOmRRzQ1f7bBqRynrFaIcse5BWRtgVUiPDgiJohCE5MYfGvGgIBdDw6ehlHHXtASACOInazxPWP9S...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwOTQ2NDIzNjcyMjgzNTQ5Nw&google_push=AXcoOmRRzQ1f7bBqRynrFaIcse5BWRtgVUiPDgiJohCE5MYfGvGgIBdDw6ehlHHXtASACOInazxPWP...

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwOTQ2NDIzNjcyMjgzNTQ5Nw&google_push=AXcoOmRRzQ1f7bBqRynrFaIcse5BWRtgVUiPDgiJohCE5MYfGvGgIBdDw6ehlHHXtASACOInazxPWP9S9DRuqMXsk7hRIngkowpPHw

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwOTQ2NDIzNjcyMjgzNTQ5Nw&google_push=AXcoOmRRzQ1f7bBqRynrFaIcse5BWRtgVUiPDgiJohCE5MYfGvGgIBdDw6ehlHHXtASACOInazxPWP9S9DRuqMXsk7hRIngkowpPHw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5552 0
12 B 22ms
17ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LRE-ZG9Og0nSBLkGEkPDh0-1ZeKhPx6pghvmNVipUJckO702ja

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame ACF6 12 KB
5 KB 13ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 854316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lK5uXl0%2BJrCN0AaCrcsF40ypj4QCeFEbdvbaZYp7F2gC0vIfGYrcUznNV2mzK0C5Pa4jHll1wMbc%2FOIcQWyFYhaLORAjZ2MT8ibNlJUzWDLP1PipZoN57Wp89LLzVSwIm7c%2F1qvkJYI1ecauB0pctKHV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 829ddf5fcfa43722-FRA
expires: Mon, 11 Nov 2024 02:51:46 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame ACF6 12 KB
6 KB 14ms
13ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 137ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: server.zmedia.vn
URL: https://server.zmedia.vn/static/template/passback/pto-mb.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 01:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3728
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 22 Nov 2023 03:49:38 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame ACF6 2 KB
2 KB 16ms
15ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=196&m=0&partner=98009&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F98009%2F4848686%2Fec0a6f3a4f4b4a0f8eb4a29df22d2d97_500x500.jpg&v=3&w=196&rid=4&s=YabdWrUfdDm4jRtIvRXzvVyE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1e3bf3cdbc12d525705deac223abab07c46073686eb005158c29fbca6ba9ed03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 2026
expires: Mon, 11 Nov 2024 02:16:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame ACF6 55 KB
55 KB 16ms
15ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=98009&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F98009%2F5095700%2F122b92f6497c469da389e115198bc0b7_1200x628_prospecting.jpg&v=3&w=1200&rid=4&s=jnXyW_rw8A1wbvl0Xd8Y4mpt

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

282909584e99989f050e2f0a3a2beac7e9cd9dcbb1094db3218097c886cec23b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 55968
expires: Mon, 04 Nov 2024 13:36:19 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame ACF6 15 KB
15 KB 14ms
14ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=98009&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0584%2F3645%2F2512%2Fproducts%2Fcollectionspage01_57d1b843-fba1-4352-8c92-a9b784b2654f.jpg%3Fv%3D1679550294&v=3&w=400&rid=4&s=G1z_Gd1isgEdkpBGVxErG9ky&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8d76f694e104604d4f1efd87fb907d18ffc3a35629112df6b9d10dbd03887a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 15048
expires: Mon, 28 Oct 2024 15:52:59 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame ACF6 0
127 B 15ms
15ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=-L_1nlXNKzKDm-lPlXEMT-P2giJy2P6q_WSQUaFcpjDQxjLjdO5ZoxurJeVWCXD7PwZ3YUiU14urykYaIFQ9iKXm9mmhrqY1Ixc3hkL5MRulF8-7Jdsd66cQbClrMxtlO2LAfHVHtuerOxgJB4eaZr1dw5pD3Y1ns7AUOokoSJqezL3s7NOWhiQGsgiuqAEBhOqG0ZLb7J9uNydeNVIGUItHv7RSM3oLBCPuehoCVkCKMb1QVL8tOllaPewb2Iy4PyazeQ&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 02:51:45 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame ACF6 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:46 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame ACF6 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:46 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BD2F 150 KB
52 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Requested by

Host: server.zmedia.vn
URL: https://server.zmedia.vn/static/template/passback/pto-mb.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30c113f613cf35756f4823cc184ee9479e922f79a4df544ff08a4f002982c3bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52723
x-xss-protection: 0
server: cafe
etag: 6379586071466384011
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 02:51:46 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 87DB 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?omZPzg
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E53F 0
0 47ms
45ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=588912739335768&bg=!-Pul-7TNAAZxrfrxUa07ADQBe5WfOOe6OhSDt618Tpyjjq27MirToOK4KYAmxtvsHBB7sq1H-78jEpsiIMtOk4wPvVhKAgAAAPNSAAAAA2gBB5kC1BKUrTG_N-zKY1gOQwq27nbFnI0vjHdDqoCrTbePhrtsT9E6_m9ry9OXzX5Scxk-ApFxZZcsn_i-1oaUrTatLwwzPB0-dGB1zAJJoLvTN7YfN9Z-0aOQ1wFaUMNwHSKJ1fdMRjsZxYfh9tSe5kVCMEl_TcW0l7ySk7NCauIKSvw2aR7IHwuskLJkgLqGtwWEdK47fIsNUtqGi-vHPsQ2Ltp80jLzSZscOvWSqnipguePFE7GQ1iSyZNrXFRsrL_OaIumbAunAHHzSYStEp6VhPXXSNLssojJUQvWAae7tQjG8VVlIDYCKfVj16FYdqRAwP6ZMNXhZnuopYr5hX4YQZYkwE2WWpmKqS5St0FPx9mmq3cmJA33rLwbUR4vRygfWQy1Ap2gyPoo8IGj1G_kqlbu8awFd1sAHtk7amdKKiJY3Gj7xzLu94vDint9KyEnOJmrbjXnnASZinxcbKi2HzWkhPlp9ygxq-OB18--LZ2fjMUTgoC1OKLHjwkQNkigZCnbuosiyh0W3GrGVflN-e13prWn0voiScQ6OsBsB8aNmvOC239hIBlV8Nq9N25Ai8zFrCEnDqG-l_nCciy_Q5hh9BAoQTAH-jch_X94qVJ36eV1rHRPW9TUhXHTOKzXe3i7exr6ANPDijaWzYx4p_XJ9CmxOuS5Y5wst61XJGVYtxZ91utP3aToErt4O1JB3qm0iTfBcGzqy0du1Cy49pQr5nXK9CqJ4w2b9CmK9E4MolZbYEAqcg0ODsdJjczPy05XLsGaZu4o5reeQJylh3M8Hz6cWfQInCrcK5E7saJnnIOVQD5zV8E-8njCEypwMPqWGS8mPk4Xf9h5PwsDSKhFSSkjcovk23G10TzfYJLiTve0hNjKlt-s-mD4azMy0hF3mRw_06COTfjcmcpMOSCsivKG3LIADp5HcC-iN38HsoaWfwaAMx2mfCsadq_-prusIKo
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame ACF6 2 KB
842 B 18ms
17ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:46 GMT

GET
H2 200 roboto-700.css
static.criteo.net/design/googlefont/roboto/ Frame ACF6 2 KB
841 B 13ms
12ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13d-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:46 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ Frame BD2F 400 KB
135 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=tin8.tinxahoivn.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a93042efe84eda6176a528caaec7f60ba035a030f28af080201217480c6eaa73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138528
x-xss-protection: 0
server: cafe
etag: 10814088383851117303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 02:51:46 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
211 B 18ms
16ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1401417511&t=pageview&_s=1&dl=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ul=en-us&de=UTF-8&dt=Xu%E1%BA%A5t%20hi%E1%BB%87n%20video%20B%C3%A0%20tr%C3%B9m%20Hoa%20h%E1%BA%ADu%20d%C3%AC%20Dung%20ch%C3%ADnh%20th%E1%BB%A9c%20m%E1%BB%87t%20m%E1%BB%8Fi%20v%E1%BB%9Bi%20%C3%9D%20Nhi%3A%20%22C%C3%A1i%20g%C3%AC%20kh%C3%B4ng%20d%C3%ADnh%20t%E1%BB%9Bi%20c%C3%A1i%20ch%E1%BB%AF%20%C3%9D%20Nhi%20l%C3%A0%20ok%22%20-%20Tin%20T%E1%BB%A9c&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=tin8.tinxahoivn.com&cs=PTO_MB&cm=&cc=&_u=YADAAEABAAAAACAAI~&jid=501842513&gjid=287675312&cid=1730419367.1700621501&tid=UA-206083988-2&_gid=1412156452.1700621507&_r=1&_slc=1&z=890798758

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tin8.tinxahoivn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 10ms
8ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1401417511&t=event&_s=2&dl=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ul=en-us&de=UTF-8&dt=Xu%E1%BA%A5t%20hi%E1%BB%87n%20video%20B%C3%A0%20tr%C3%B9m%20Hoa%20h%E1%BA%ADu%20d%C3%AC%20Dung%20ch%C3%ADnh%20th%E1%BB%A9c%20m%E1%BB%87t%20m%E1%BB%8Fi%20v%E1%BB%9Bi%20%C3%9D%20Nhi%3A%20%22C%C3%A1i%20g%C3%AC%20kh%C3%B4ng%20d%C3%ADnh%20t%E1%BB%9Bi%20c%C3%A1i%20ch%E1%BB%AF%20%C3%9D%20Nhi%20l%C3%A0%20ok%22%20-%20Tin%20T%E1%BB%A9c&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=tin8.tinxahoivn.com&cs=PTO_MB&cm=&cc=&ec=tin8.tinxahoivn.com&ea=PTO_MB&el=google-ads&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=1730419367.1700621501&tid=UA-206083988-2&_gid=1412156452.1700621507&z=1363589832

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 04:52:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79181
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 11ms
9ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1401417511&t=event&_s=3&dl=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ul=en-us&de=UTF-8&dt=Xu%E1%BA%A5t%20hi%E1%BB%87n%20video%20B%C3%A0%20tr%C3%B9m%20Hoa%20h%E1%BA%ADu%20d%C3%AC%20Dung%20ch%C3%ADnh%20th%E1%BB%A9c%20m%E1%BB%87t%20m%E1%BB%8Fi%20v%E1%BB%9Bi%20%C3%9D%20Nhi%3A%20%22C%C3%A1i%20g%C3%AC%20kh%C3%B4ng%20d%C3%ADnh%20t%E1%BB%9Bi%20c%C3%A1i%20ch%E1%BB%AF%20%C3%9D%20Nhi%20l%C3%A0%20ok%22%20-%20Tin%20T%E1%BB%A9c&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=tin8.tinxahoivn.com&cs=PTO_MB&cm=&cc=&ec=tin8.tinxahoivn.com&ea=PTO_MB&el=google-ads&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=1730419367.1700621501&tid=UA-206083988-2&_gid=1412156452.1700621507&z=428969835

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 04:52:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79181
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 218 KB
76 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PQ3GKRX&l=gliaDataLayer&cb=170062

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/player/tinxahoivn_mobile

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3d29b8ee817ab19b9d55ac96fa742ce033340d1ba318e940b9d1f682b6c90b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77608
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Nov 2023 02:51:46 GMT

GET
H2 200 gc-instream-plyr.js Show response
player.gliacloud.com/p/embed/ 492 KB
141 KB 30ms
28ms Script
application/javascript 2606:4700:e6::ac40:c81f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.js?v=0.3.216a28
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/player/tinxahoivn_mobile
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c81f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39c313444e7c1c2abcefd1f50d26d0fcc72c453571db6b961aab1b27671347e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78513
cf-polished: origSize=503466
alt-svc: h3=":443"; ma=86400
pragma: Public
cf-bgj: minify
last-modified: Tue, 21 Nov 2023 05:03:13 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JFaqxNXuI5sddaemueJpeI3W5am4ghW%2BSbRVJcqm33Nqb2RVbjAi2CvSQXjKGTT%2FgD1Bnm3GFn9jUT%2BLWL7%2F%2Bljk4lddehuRfKzFUPWtd%2F48qeJRGOkxNHOispCeNpRJrZ0G20BVoRxsdWD3FCw3giCGHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-cloud-trace-context: 8d7aeb9384c1043df0ecb1693267db42
cache-control: public, max-age=86400
cf-ray: 829ddf61db862c57-FRA
expires: Wed, 22 Nov 2023 04:32:19 GMT

GET
H2 200 gc-instream-plyr.css
player.gliacloud.com/p/embed/ 63 KB
10 KB 20ms
19ms Stylesheet
text/css 2606:4700:e6::ac40:c81f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.css?v=0.3.216a28
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/player/tinxahoivn_mobile
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c81f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dfedb61a9841307009dde0dc42b94db8b4784c7947d5bdd9b46591d7b60a433

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76881
cf-polished: origSize=65592
alt-svc: h3=":443"; ma=86400
pragma: Public
cf-bgj: minify
last-modified: Tue, 21 Nov 2023 05:30:25 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dw4%2BpMgH5g2UJx%2Bafc417z%2BTK7gb6FTqpur7%2F8fQYEk53xvG3HHwGZOK1OlixPX2Dk3aFFkX48U3il8xYc9MQXYedXxKjltWZqV%2FOw8zWom0YMClxcCOwtBkA9RrucONBO2msJvKF4%2BYlFxuZMFbokufQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
x-cloud-trace-context: f9b0ccecaed820c9baea798cca857546
cache-control: public, max-age=86400
cf-ray: 829ddf61db842c57-FRA
expires: Wed, 22 Nov 2023 04:21:48 GMT

GET
H2 200 pixel.gif
pixel.gliacloud.com/glia_player_media3/ 43 B
191 B 318ms
269ms Image
image/gif 35.227.207.122

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media3/pixel.gif?sid=glia-tinxahoivn_mobile&sk=tinxahoivn_mobile&si=tinxahoivn_mobile&sa=zmedia_tinxahoivn&pt=SimplePlayer&ab=0&ta=0&pgu=tin8.tinxahoivn.com&pv=0.3.216a28&ul=en-US&cb=3273056493&payload=ea%3Dloader.init%26ofst%3D0
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.207.122 -, , ASN (),
Reverse DNS
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:47 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET partner
sync.search.spotxchange.com/ 0
0

GET
H/1.1 200 zOoHOlLhXCLgMTD9ETOm5fn9hQDvWSV9WqwAUGA_PvOvGw9WzKbwHTotAdHeaLusfp3bWYu2FXy8-XQhmoMbpKolJiABJm7JraBeej7fB3HSGJanKMt_TMwvFks2YG6ajUU_YPz__WlK0Z0omTk8ezRO_62AYdYPp25tOuNWHZX2ULRkdqUSAQLNDVjP8ljkz18mQ...
aj1559.online/ 49 B
512 B 97ms
97ms Image
image/gif 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/zOoHOlLhXCLgMTD9ETOm5fn9hQDvWSV9WqwAUGA_PvOvGw9WzKbwHTotAdHeaLusfp3bWYu2FXy8-XQhmoMbpKolJiABJm7JraBeej7fB3HSGJanKMt_TMwvFks2YG6ajUU_YPz__WlK0Z0omTk8ezRO_62AYdYPp25tOuNWHZX2ULRkdqUSAQLNDVjP8ljkz18mQNT7FkG7F-ipRYdALy8OAK8ZTISljoFg1BbQWM8UPStktuxX9YTuqbDSxYpDA3r6eUkGZjDW1HZdOa2MlZJl2kSVw40PD7BT7tLEjBl2eAyX0XAdtwxsRgHYdsJu9OMo4omcSOfXlQA1NxcC5KSZr0cJqhZWlRedbw8zy7mgMgsWHbUIFpIJt_8pECgNaZCDVMKPTq3U5bJYBkcKdZEg20YQ?DC=DO
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:45 GMT
last-modified: Mon, 06 Nov 2023 14:46:40 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1699282000000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame ACF6 15 KB
16 KB 21ms
20ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-3d80"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:46 GMT

GET
H2 200 roboto-700-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame ACF6 15 KB
16 KB 17ms
16ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13d-3df4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
666 B 44ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.css?v=0.3.216a28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

eb9f037b8ddff6f9ef0236c133d4204a4b0488896d0f7ce56e132cb6b704f5f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.gliacloud.com/p/embed/gc-instream-plyr.css?v=0.3.216a28
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 02:37:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Nov 2023 02:51:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 120 KB
33 KB 44ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap&subset=chinese-traditional

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.css?v=0.3.216a28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

9fdb69e7e1ea61be2e37d528e724f3756f79446902b89f4e8db5fff26e48d032

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.gliacloud.com/p/embed/gc-instream-plyr.css?v=0.3.216a28
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 01:21:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Nov 2023 02:51:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
744 B 43ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.css?v=0.3.216a28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.gliacloud.com/p/embed/gc-instream-plyr.css?v=0.3.216a28
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 02:37:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Nov 2023 02:51:46 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 42ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.css?v=0.3.216a28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.gliacloud.com/p/embed/gc-instream-plyr.css?v=0.3.216a28
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 02:51:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Nov 2023 02:51:46 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F508 10 KB
5 KB 143ms
139ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&adk=1812271804&adf=2373185784&lmt=1700621506&plat=1%3A16777344%2C2%3A16777344%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621506729&bpp=11&bdt=159&idt=242&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&nras=1&correlator=8491574885203&frm=23&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621507&ga_hid=804666361&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1855113125&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44809315%2C31078301%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=996070109846676&tmod=1398611479&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.5tocj0h34652&fsb=1&dtd=268

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5cf56243bee2ac91116a2f2a84491969da7f18d808d3a42029401fc69d66bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 4672
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 02:51:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD2F 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=sp-pto-mb-div&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD2F 0
20 B 46ms
46ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=sp-pto-mb-div&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BD2F 16 KB
12 KB 20ms
20ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30a010f4324b08015f4ba8af4478c87b037b35cb12aecf09a69cf94dd72e82ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12316
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0348 48 KB
17 KB 120ms
119ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=700&slotname=6248546980&adk=1463420899&adf=3279755402&pi=t.ma~as.6248546980&w=400&lmt=1700621507&format=400x700&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621506740&bpp=1&bdt=170&idt=287&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=21&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621507&ga_hid=804666361&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=250&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1855113125&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44809315%2C31078301%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=996070109846676&tmod=1398611479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.4ie5uk4fm06h&fsb=1&dtd=315

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01c2dde5b16b6d93b60d1b5e15169b2a3b23ddc34ff368dd420fa390a51c043a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 17477
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 02:51:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BD2F 17 KB
6 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 02:51:47 GMT

GET
H2 200 pixel.gif
pixel.gliacloud.com/glia_player_media3/ 43 B
93 B 287ms
286ms Image
image/gif 35.227.207.122

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media3/pixel.gif?sid=glia-tinxahoivn_mobile&sk=tinxahoivn_mobile&si=tinxahoivn_mobile&sa=zmedia_tinxahoivn&pt=SimplePlayer&ab=0&ta=0&pgu=tin8.tinxahoivn.com&pv=0.3.216a28&ul=en-US&cb=30640377&payload=ea%3Dslot.init%26ofst%3D0
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.207.122 -, , ASN (),
Reverse DNS
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:47 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 pixel.gif
pixel.gliacloud.com/glia_player_media3/ 43 B
93 B 269ms
268ms Image
image/gif 35.227.207.122

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media3/pixel.gif?sid=glia-tinxahoivn_mobile&sk=tinxahoivn_mobile&si=tinxahoivn_mobile&sa=zmedia_tinxahoivn&pt=SimplePlayer&ab=0&ta=0&pgu=tin8.tinxahoivn.com&pv=0.3.216a28&ul=en-US&cb=062483733&payload=ea%3DcustomScript.beforeLoaderInitDomStart%26ofst%3D0
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.207.122 -, , ASN (),
Reverse DNS
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:47 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H3 200 tinxahoivn.com%7CCDN Show response
player.gliacloud.com/playlist/ 3 KB
1 KB 203ms
184ms Fetch
application/json 2606:4700:e6::ac40:c81f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.gliacloud.com/playlist/tinxahoivn.com%7CCDN
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.js?v=0.3.216a28
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c81f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee2f0e6c65fbbab5b25dfd4098ef08319e32220611c30abc25e10aebc47d993

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
pragma: Public
last-modified: Wed, 22 Nov 2023 02:51:47 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rlEFr7FCBdPgb7T0jUOBIpwefg09w%2BGPvCpFFhQwoeVEAVdmxa3%2Bptnj7HBwK6G7TySeXR44jigiW8h1OsEsHSAt2Ll8AC%2Bc2ZXTjzxn2NZDlaH2Hdw5ZuxmKU3nscTQMZ%2BzGaJwHiPBOcoKEBiObdDSQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 44bf8f25c50577ccec685005a1990277
cache-control: public, max-age=900
cf-ray: 829ddf63cd3d9b43-FRA
priority: u=1,i
expires: Wed, 22 Nov 2023 03:06:47 GMT

GET
H2 200 pixel.gif
pixel.gliacloud.com/glia_player_media3/ 43 B
93 B 270ms
268ms Image
image/gif 35.227.207.122

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media3/pixel.gif?sid=glia-tinxahoivn_mobile&sk=tinxahoivn_mobile&si=tinxahoivn_mobile&sa=zmedia_tinxahoivn&pt=SimplePlayer&ab=0&ta=0&pgu=tin8.tinxahoivn.com&pv=0.3.216a28&ul=en-US&cb=682970749&payload=ea%3DcustomScript.beforeLoaderInitDomEnd%26ofst%3D0
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.207.122 -, , ASN (),
Reverse DNS
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:47 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 pixel.gif
pixel.gliacloud.com/glia_player_media1/ 43 B
93 B 285ms
283ms Image
image/gif 35.227.207.122

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media1/pixel.gif?sid=glia-tinxahoivn_mobile&sk=tinxahoivn_mobile&si=tinxahoivn_mobile&sa=zmedia_tinxahoivn&pt=SimplePlayer&ab=0&ta=0&pgu=tin8.tinxahoivn.com&pv=0.3.216a28&ul=en-US&cb=70675394207&payload=ea%3Dplayer.init%26ofst%3D0
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.207.122 -, , ASN (),
Reverse DNS
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:47 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 497F 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 23195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 20:25:12 GMT
expires: Wed, 20 Nov 2024 20:25:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C556 829 B
558 B 19ms
18ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4bae027b49606df97113d61a72c4dcca2f5eb17518b72aede4824e2139eb429b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7DWn9vCPQOAwE8055knmeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-7DWn9vCPQOAwE8055knmeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 02:51:47 GMT
expires: Wed, 22 Nov 2023 02:51:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 7A62 51 KB
20 KB 24ms
24ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1swwABMTwIEfw5AAIL-2Frw0imyMwGB5DIvg&u=%7CSyMk6TfZ9uo8oYK5Z9bWpn7QcQJQP10FguEmbWoy9TA%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUanE-_GzvxoKEzH8N192rW-tx5p-M0a32ermgnAGNyi4BkVHBmW1Tmo4SEVCFPdHiissUOtG9fahrAKNuYrPIEnRvi6qmVBp6bY-13nFcwn5H5ab2CjdSa9A8TbKA5c1CqU9Wq_dAabfWL6WtiSezxNU01ZmpGSKSV93fKvBUwO4gjYfHVPptyILm-QWdlwcJfytBTwCaHBqNSzzFIiq6I97GACcJ1IhetFcNq6p5yfTDY2thalkzhkxSSAdkK-g4Vc99eQ5v0MpaLOtOB-BuczsAouTUOJBYCpvDxyn-9PxXeSD0iWLXjmEu9FrH3-skIAkeuL2E4k-lZhrSzJuAJYjznIq9FQJknjiH5uz9sYRPd-EnhUh7zkJ8RByIXI7uyZPEsOGlcy867UJV6x_ngEo-JhnwakVkBP4gwWhF8IWoOI8Cay4zb5capZ8oNRkJy5v_w-39NBQG0QTE7tz4NuPRhi6i2UhiVjkWAdcV5xi6bTjHQXBTDcrB4Oqa-kmUCpzZScO0qItg6E90_i9qCQioX-_xIhkGFCsTi18l99JbQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1-Hfw2xdZbziBLn4x_AP-5eIwAvJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MTkxMzMwMzE1MDgyNjTIAQmpAhjxi0TITrI-qAMByAMCqgSDAk_QrWupukdMsswy9AhDkGiMYENUE2AQZ-l9C0ENWT4E8WEuGDqp5KfefxadJ9x6p8h7z8zMDahU5efDzazvErQE3bFmt4id7C2wElRLg1nN5maaYu4jbXLDsoHzLFlJHNuRE3sUz6pOQ0hGiYn6XKRAPC36w_dPmqEjK4miQ3gnqmGn3NqbjNLNVv_M6LYvhODrlyFGHX4iJ1TN-tPbHcWl85RMibJ7zN-pnbjMSoldm1of-4Sewx19i3DCIey3byyO4VRha6xB-75iaZ-wg7ZbZDm-X8XirVL2CCchAKKfWRFyF8qIdnMbqhxtXbE-eTuOkEgLgBTCkCCWvp2REFNhRAOABonJq-iC9qLpDKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_21Lah4gOUBsvknlenpiEpgqzn16A%26client%3Dca-pub-3619133031508264%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=700&slotname=6248546980&adk=1463420899&adf=3279755402&pi=t.ma~as.6248546980&w=400&lmt=1700621507&format=400x700&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621506740&bpp=1&bdt=170&idt=287&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=21&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621507&ga_hid=804666361&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=250&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1855113125&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44809315%2C31078301%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=996070109846676&tmod=1398611479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.4ie5uk4fm06h&fsb=1&dtd=315

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bf97a54554b9342c52244e97140cceb1ffc4e63696c0431088b570760bb640f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 02:51:46 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=N6Gc3FXNKzKDm-lPu9BW5vm0HeywEG2FcXXRi6hFmPJeFiBNWAmNAy8yqHX7WCmrffncZ7QSI_vDtK87dG2YnY7zWUY84Rw6G8r1wpHD7zNOiSeMoW5bhSVPFKrCVDemy_HQM5Ojt9ik8TqQvCgR3wCt1-xKT0IdwDCqt0gccgV6jSc5qQA5vnu3AK4ej4L3JIzZSsU7LkIQZD40YhbH5I7I1v7jRb5pBQcdoGW6S7_r3srMruR-dEbC_BApiplN7oDB0g"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 3210097
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3675 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35995
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E8D5 1 KB
643 B 16ms
15ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 09:25:15 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 09:25:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3675 20 KB
8 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3675 0
0 22ms
14ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5khxZJdZMHgXQgr_n1FYMFcBQUPR4Lwh0JZ-M_4JSifZAvCaaZUuyT5j-JS0zvwbHq8tDnXe0nzuuHk6xZLnZI1T7zQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=700&slotname=6248546980&adk=1463420899&adf=3279755402&pi=t.ma~as.6248546980&w=400&lmt=1700621507&format=400x700&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621506740&bpp=1&bdt=170&idt=287&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=21&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621507&ga_hid=804666361&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=250&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1855113125&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44809315%2C31078301%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=996070109846676&tmod=1398611479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.4ie5uk4fm06h&fsb=1&dtd=315
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3675 202 KB
64 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 02:51:47 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7A62 2 KB
1 KB 16ms
12ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1swwABMTwIEfw5AAIL-2Frw0imyMwGB5DIvg&u=%7CSyMk6TfZ9uo8oYK5Z9bWpn7QcQJQP10FguEmbWoy9TA%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUanE-_GzvxoKEzH8N192rW-tx5p-M0a32ermgnAGNyi4BkVHBmW1Tmo4SEVCFPdHiissUOtG9fahrAKNuYrPIEnRvi6qmVBp6bY-13nFcwn5H5ab2CjdSa9A8TbKA5c1CqU9Wq_dAabfWL6WtiSezxNU01ZmpGSKSV93fKvBUwO4gjYfHVPptyILm-QWdlwcJfytBTwCaHBqNSzzFIiq6I97GACcJ1IhetFcNq6p5yfTDY2thalkzhkxSSAdkK-g4Vc99eQ5v0MpaLOtOB-BuczsAouTUOJBYCpvDxyn-9PxXeSD0iWLXjmEu9FrH3-skIAkeuL2E4k-lZhrSzJuAJYjznIq9FQJknjiH5uz9sYRPd-EnhUh7zkJ8RByIXI7uyZPEsOGlcy867UJV6x_ngEo-JhnwakVkBP4gwWhF8IWoOI8Cay4zb5capZ8oNRkJy5v_w-39NBQG0QTE7tz4NuPRhi6i2UhiVjkWAdcV5xi6bTjHQXBTDcrB4Oqa-kmUCpzZScO0qItg6E90_i9qCQioX-_xIhkGFCsTi18l99JbQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1-Hfw2xdZbziBLn4x_AP-5eIwAvJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MTkxMzMwMzE1MDgyNjTIAQmpAhjxi0TITrI-qAMByAMCqgSDAk_QrWupukdMsswy9AhDkGiMYENUE2AQZ-l9C0ENWT4E8WEuGDqp5KfefxadJ9x6p8h7z8zMDahU5efDzazvErQE3bFmt4id7C2wElRLg1nN5maaYu4jbXLDsoHzLFlJHNuRE3sUz6pOQ0hGiYn6XKRAPC36w_dPmqEjK4miQ3gnqmGn3NqbjNLNVv_M6LYvhODrlyFGHX4iJ1TN-tPbHcWl85RMibJ7zN-pnbjMSoldm1of-4Sewx19i3DCIey3byyO4VRha6xB-75iaZ-wg7ZbZDm-X8XirVL2CCchAKKfWRFyF8qIdnMbqhxtXbE-eTuOkEgLgBTCkCCWvp2REFNhRAOABonJq-iC9qLpDKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_21Lah4gOUBsvknlenpiEpgqzn16A%26client%3Dca-pub-3619133031508264%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:47 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7A62 2 KB
1 KB 17ms
12ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:47 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7A62 308 B
636 B 15ms
12ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 16 Nov 2024 02:51:47 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 7A62 293 B
621 B 25ms
23ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 16 Nov 2024 02:51:47 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 7A62 43 B
347 B 18ms
16ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=fWrpkaPYfoAnmrJtIvNsPGHj_vEUA2bBKdFjCP8cE195iSEZ-yNFpdHCe1eE0jKFjGdtXpN9kf0Vh-VJ_Jdy8ThL6WPUuQyWtOobdAGthBw8QptzaOZf2yMdrJWSe05CqzwxaP9DC__dbNN14VZtmGWi_ZeyewxUnmlXW9NsJNd_kwlHqCukj_6J_0S3S18jLLIJ7X7EPUaziNBgWbSROaF9Ju6KQteZ0my1qPnvFswF1zTc9vAVB8DjoHKuA4BaVDERy-j8Ic0mGqDiCJnzMhdCrhlji9jcCJ8KHJk6m8yhnOqZzxQktFFcEE9Yvzr-ShJIspgN7cP2hiJg_REdNpFt2qSHch7QzG7s_aMlHE5d7pHq7LdeShjxQB4TRAjO_yNxPqb9Ccp8CpWhrcfQl36WERovaiUj5Ng55P-RUSKSxTPN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:47 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1746491
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

B31030449.381333670;dc_pre=CN6F3-bM1oIDFQ_OEQgd8hwG3A;dc_trk_aid=572205582;dc_trk_cid=204628760;dcopt=anid;ord=655d6cc2981d7abf3730b47972cc853b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
ad.doubleclick.net/ddm/trackimp/N743351.154378CRITEO/ Frame 7A62
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N743351.154378CRITEO/B31030449.381333670;dc_trk_aid=572205582;dc_trk_cid=204628760;dcopt=anid;ord=655d6cc2981d7abf3730b47972cc853b;dc_lat=;dc_rdid=;tag_for_c...
https://ad.doubleclick.net/ddm/trackimp/N743351.154378CRITEO/B31030449.381333670;dc_pre=CN6F3-bM1oIDFQ_OEQgd8hwG3A;dc_trk_aid=572205582;dc_trk_cid=204628760;dcopt=anid;ord=655d6cc2981d7abf3730b4797...

42 B
63 B

29ms
25ms

Image
image/gif

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N743351.154378CRITEO/B31030449.381333670;dc_pre=CN6F3-bM1oIDFQ_OEQgd8hwG3A;dc_trk_aid=572205582;dc_trk_cid=204628760;dcopt=anid;ord=655d6cc2981d7abf3730b47972cc853b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd=;dc_tdv=1?

Requested by

Protocol

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:47 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N743351.154378CRITEO/B31030449.381333670;dc_pre=CN6F3-bM1oIDFQ_OEQgd8hwG3A;dc_trk_aid=572205582;dc_trk_cid=204628760;dcopt=anid;ord=655d6cc2981d7abf3730b47972cc853b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd=;dc_tdv=1?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 66e9a49205f24c909c2b91c4bb3b5844_image_ad_300x600.jpeg
static.criteo.net/design/dt/13426/5099577/ Frame 7A62 196 KB
197 KB 15ms
13ms Image
image/jpeg 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/13426/5099577/66e9a49205f24c909c2b91c4bb3b5844_image_ad_300x600.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

71758e5b7948e62d1c2854ad59d2f67fd38be6fc1b46b278125456f9da5cdec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 13 Nov 2023 14:09:56 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "65522e34-310f5"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 200949
expires: Sat, 16 Nov 2024 02:51:47 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7A62 0
127 B 13ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=N6Gc3FXNKzKDm-lPu9BW5vm0HeywEG2FcXXRi6hFmPJeFiBNWAmNAy8yqHX7WCmrffncZ7QSI_vDtK87dG2YnY7zWUY84Rw6G8r1wpHD7zNOiSeMoW5bhSVPFKrCVDemy_HQM5Ojt9ik8TqQvCgR3wCt1-xKT0IdwDCqt0gccgV6jSc5qQA5vnu3AK4ej4L3JIzZSsU7LkIQZD40YhbH5I7I1v7jRb5pBQcdoGW6S7_r3srMruR-dEbC_BApiplN7oDB0g&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 02:51:46 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7A62 2 KB
1 KB 13ms
12ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:47 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7A62 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 02:51:47 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame E8D5 0
103 B 16ms
14ms Image
text/plain 2a02:fa8:8806:21::1690
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENsSBNu0LYWewFs6Yp9MgP4&google_cver=1&google_push=AXcoOmQFUF-hB-tfhDAYHMqE_MvfU-EQPlt0-2nLDX2LqItble8H3uJzlbnyXQWZSCiw31bskod-Xd_Vvc_k5hFeTzsocGHxAvnO3-ln
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=700&slotname=6248546980&adk=1463420899&adf=3279755402&pi=t.ma~as.6248546980&w=400&lmt=1700621507&format=400x700&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621506740&bpp=1&bdt=170&idt=287&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=21&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621507&ga_hid=804666361&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=250&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1855113125&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44809315%2C31078301%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=996070109846676&tmod=1398611479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.4ie5uk4fm06h&fsb=1&dtd=315
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:47 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3 200 i.match
a.tribalfusion.com/ Frame E8D5 43 B
611 B 168ms
166ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEKnMIR4Xwz4hSsopmDCMbmg&google_cver=1&google_push=AXcoOmTLVaO1nCCPRiFwgOLWn7c52pkUdc3kGIbr8BT6Z0mTTvoxNOTxhsj1-wz0FAKKi7Vc_dwTiwu09sgieum6yjshP1TXGmFH914&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTLVaO1nCCPRiFwgOLWn7c52pkUdc3kGIbr8BT6Z0mTTvoxNOTxhsj1-wz0FAKKi7Vc_dwTiwu09sgieum6yjshP1TXGmFH914%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=700&slotname=6248546980&adk=1463420899&adf=3279755402&pi=t.ma~as.6248546980&w=400&lmt=1700621507&format=400x700&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621506740&bpp=1&bdt=170&idt=287&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=21&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621507&ga_hid=804666361&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=250&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1855113125&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44809315%2C31078301%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=996070109846676&tmod=1398611479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.4ie5uk4fm06h&fsb=1&dtd=315
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:47 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 829ddf658f63360e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E8D5
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEC7IzO8Ks-TF3AmwPSRut8I&google_cver=1&google_push=AXcoOmTEGkf_m8yf8TAp4fijX-qj8Ixewb2UcBBBR5f2hg3RARnVYnsWCEW8pGLitqfUzKaWdxhb6hQe5WLIB0i-xINDXl65mEVN4xlZ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=51D40E7B7F23407B862065D55B70C32F&google_push=AXcoOmTEGkf_m8yf8TAp4fijX-qj8Ixewb2UcBBBR5f2hg3RARnVYnsWCEW8pGLitqfUzKaWdxhb6hQe5WLIB0i...

170 B
188 B

30ms
29ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=51D40E7B7F23407B862065D55B70C32F&google_push=AXcoOmTEGkf_m8yf8TAp4fijX-qj8Ixewb2UcBBBR5f2hg3RARnVYnsWCEW8pGLitqfUzKaWdxhb6hQe5WLIB0i-xINDXl65mEVN4xlZ

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 02:51:47 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=51D40E7B7F23407B862065D55B70C32F&google_push=AXcoOmTEGkf_m8yf8TAp4fijX-qj8Ixewb2UcBBBR5f2hg3RARnVYnsWCEW8pGLitqfUzKaWdxhb6hQe5WLIB0i-xINDXl65mEVN4xlZ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 21 Nov 2023 02:51:47 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E8D5
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPq4lQ62tZ_RRHWGC39XPv4&google_cver=1&google_push=AXcoOmRgVufl6F56jzyhA2KciThuRNlccp549PQNsel8R5uc1UJzOAKDrxyxpFbGoxVEXL-TGj69ZFgfX0Y9ZA...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDExMzczMzk2ODY1NjUyMw%3D%3D&google_push=AXcoOmRgVufl6F56jzyhA2KciThuRNlccp549PQNsel8R5uc1UJzOAKDrxyxpFbGoxVEXL-TGj69ZFgfX0Y9ZAal7T...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDExMzczMzk2ODY1NjUyMw%3D%3D&google_push=AXcoOmRgVufl6F56jzyhA2KciThuRNlccp549PQNsel8R5uc1UJzOAKDrxyxpFbGoxVEXL-TGj69ZFgfX0Y9ZAal7T8W_oyZY3b8QIw

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDExMzczMzk2ODY1NjUyMw%3D%3D&google_push=AXcoOmRgVufl6F56jzyhA2KciThuRNlccp549PQNsel8R5uc1UJzOAKDrxyxpFbGoxVEXL-TGj69ZFgfX0Y9ZAal7T8W_oyZY3b8QIw
Date: Wed, 22 Nov 2023 02:51:47 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 sync
x.bidswitch.net/ Frame E8D5 43 B
146 B 562ms
25ms Image
image/gif 18.157.154.195

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHV4Pu08PwLPFdHgYswDEIU&google_cver=1&google_push=AXcoOmQ1WY0x223RsplOqPLQysWvDL4Vk80ut2JIiUh563pNC-jCePBAF_pAH_5rX1VnR_RG7hi9jya0D9oqBhy_HvcovDRTaJlipQxS
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=700&slotname=6248546980&adk=1463420899&adf=3279755402&pi=t.ma~as.6248546980&w=400&lmt=1700621507&format=400x700&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621506740&bpp=1&bdt=170&idt=287&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=21&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621507&ga_hid=804666361&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=250&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1855113125&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44809315%2C31078301%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=996070109846676&tmod=1398611479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.4ie5uk4fm06h&fsb=1&dtd=315
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.154.195 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame E8D5 43 B
362 B 14ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTamKN2C77X7b2BuAh2et0Lv-f2iW9Tc78n0aaeL0-GW4pYbP_zBkHAV8fsdJPf2oTtFNMTCNhAL-GMdY97rBbREKOLMLSbI7QV&google_gid=CAESEDExZbsKfA1Jqw33cVbrH-E&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:47 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 250861
expires: Wed, 22 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E8D5
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK3N5ZBXGKXoJTOC0piRCIg&google_cver=1&google_push=AXcoOmSf01QN8C-uoECJABJiTStU3SvNYBArMokVxTlsCNFTJ8-yrnilE_bSnWCDryWaE5aFbHZPz3hS...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwOTQ2NDIzNjcyMjgzNTQ5Nw&google_push=AXcoOmSf01QN8C-uoECJABJiTStU3SvNYBArMokVxTlsCNFTJ8-yrnilE_bSnWCDryWaE5aFbHZPz3...

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwOTQ2NDIzNjcyMjgzNTQ5Nw&google_push=AXcoOmSf01QN8C-uoECJABJiTStU3SvNYBArMokVxTlsCNFTJ8-yrnilE_bSnWCDryWaE5aFbHZPz3hSMRC7TceJh6EjS_hSRqWkBV1m

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwOTQ2NDIzNjcyMjgzNTQ5Nw&google_push=AXcoOmSf01QN8C-uoECJABJiTStU3SvNYBArMokVxTlsCNFTJ8-yrnilE_bSnWCDryWaE5aFbHZPz3hSMRC7TceJh6EjS_hSRqWkBV1m
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E8D5 0
12 B 16ms
15ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K0i-vlSNms1cJAqQCqtcZeRDSnE7ml5ZMXAN17efHeKnGOe1R1epmjrd3kbazO2hYYZj_M

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C556 0
0 41ms
41ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=996070109846676&rc=
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 3675 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 614cfb756bde5572ddced01f4d0e372146c3290deae05db22070327f13a17597

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3675 0
19 B 52ms
51ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXXQpw2xdZbziBLn4x_AP-5eIwAvJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MTkxMzMwMzE1MDgyNjTIAQmpAhjxi0TITrI-qAMByAMCqgSAAk_QrWupukdMsswy9AhDkGiMYENUE2AQZ-l9C0ENWT4E8WEuGDqp5KfefxadJ9x6p8h7z8zMDahU5efDzazvErQE3bFmt4id7C2wElRLg1nN5maaYu4jbXLDsoHzLFlJHNuRE3sUz6pOQ0hGiYn6XKRAPC36w_dPmqEjK4miQ3gnqmGn3NqbjNLNVv_M6LYvhODrlyFGHX4iJ1TN-tPbHcWl85RMibJ7zN-pnbjMSoldm1of-4Sewx19i3DCIey3byyO4VRha6xB-75iaZ-wg7ZbZDm-X8XirVL2SiUAkiIMiSzUx-1S-lPyDhJKVwc0VyMMJIA2JuZ9jgyOJlcFMLqABonJq-iC9qLpDKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zNjE5MTMzMDMxNTA4MjY0GAA&sigh=1vuwhAgiGl8&uach_m=[UACH]&cid=CAQSPADICaaN0EdHlwuAbMEHmKLGaWoZaMcEscwP5Zpgy6TRXvE2SBUK2qTIHEy-qtm5nQcbwJm60As9XAYlDRgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=700&slotname=6248546980&adk=1463420899&adf=3279755402&pi=t.ma~as.6248546980&w=400&lmt=1700621507&format=400x700&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621506740&bpp=1&bdt=170&idt=287&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=21&ife=1&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621507&ga_hid=804666361&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=250&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1855113125&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44809315%2C31078301%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=996070109846676&tmod=1398611479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.4ie5uk4fm06h&fsb=1&dtd=315
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Nov 2023 02:51:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 3675 0
125 B 16ms
15ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kIb-GN-BMKwC2ASdg2ICAgAAAKaa7pweZgDUEMJsXWWhyFm0RWJEwJvdAAASAAAKCkFRVUREd0VCRHc&wp=ZV1swwABMTwIEfw5AAIL-2Frw0imyMwGB5DIvg&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:47 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 158015
server: Kestrel
content-length: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1401417511&t=event&_s=4&dl=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ul=en-us&de=UTF-8&dt=Xu%E1%BA%A5t%20hi%E1%BB%87n%20video%20B%C3%A0%20tr%C3%B9m%20Hoa%20h%E1%BA%ADu%20d%C3%AC%20Dung%20ch%C3%ADnh%20th%E1%BB%A9c%20m%E1%BB%87t%20m%E1%BB%8Fi%20v%E1%BB%9Bi%20%C3%9D%20Nhi%3A%20%22C%C3%A1i%20g%C3%AC%20kh%C3%B4ng%20d%C3%ADnh%20t%E1%BB%9Bi%20c%C3%A1i%20ch%E1%BB%AF%20%C3%9D%20Nhi%20l%C3%A0%20ok%22%20-%20Tin%20T%E1%BB%A9c&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=tin8.tinxahoivn.com&cs=PTO_MB&cm=&cc=&ec=tin8.tinxahoivn.com&ea=PTO_MB&el=google-ads&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=1730419367.1700621501&tid=UA-206083988-2&_gid=1412156452.1700621507&z=1509025817

Requested by

Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:47:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 18236
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D744 42 B
64 B 46ms
45ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFqTSjO3PFDZUS4j4koWTcQHTuVhfVL5s6jCSTv0Zyl1hlA3yWSrltRGh6pHbunG3LWXttB7uywokvX6X9aOuUPlmS1AIVI9_ylgDyi7LLne-lQuMi&sig=Cg0ArKJSzF6wJBcgO_89EAE&id=lidar2&mcvt=1031&p=0,0,100,400&mtos=1031,1031,1031,1031,1031&tos=1031,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1698990200&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700621505982&rpt=470&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
api.ipify.org/ 22 B
222 B 524ms
135ms Fetch
application/json 173.231.16.77

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.js?v=0.3.216a28
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.16.77 -, , ASN (),
Reverse DNS
Software: nginx/1.25.1 /
Resource Hash: a04ec3b2d9529b7776095594dd263610b8d78b8428075ee9b1a561a342367541

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 22 Nov 2023 02:51:48 GMT
Server: nginx/1.25.1
Connection: keep-alive
Content-Length: 22
Vary: Origin
Content-Type: application/json

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 365 KB
126 KB 421ms
28ms Script
text/javascript 2a00:1450:4001:801::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.js?v=0.3.216a28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128094
x-xss-protection: 0
expires: Wed, 22 Nov 2023 02:51:47 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 100 KB
31 KB 436ms
44ms Script
text/javascript 2a00:1450:4001:803::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.js?v=0.3.216a28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

924eb2aa75c2bbc01d1cd3689890b1e01315e07864747148fb55798fefd477d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31424
x-xss-protection: 0
server: cafe
etag: 924 / 19683 / m202311090101 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 02:51:48 GMT

GET
H2 200 draggable-icon.svg
0-3-216a28-dot-living-bio.appspot.com/embed/img/ 2 KB
1 KB 414ms
22ms Image
image/svg+xml 2a00:1450:4001:81c::2014

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0-3-216a28-dot-living-bio.appspot.com/embed/img/draggable-icon.svg
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2014 -, , ASN (),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0f2d79f369d3c083f2a4be911dc46e9a62188502d54c175533aba4909472ce3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:37:24 GMT
content-encoding: gzip
server: Google Frontend
age: 863
etag: "IMAsDw"
content-type: image/svg+xml
x-cloud-trace-context: 0a7e1aea09ac7e61449f897a813bfb37
cache-control: public, max-age=900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 894
expires: Wed, 22 Nov 2023 02:52:24 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 497F 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 13:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 13:05:04 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 401ms
25ms Font
font/woff2 2a00:1450:4001:80e::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:08:20 GMT
x-content-type-options: nosniff
age: 369807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 20:08:20 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame ACF6 0
127 B 14ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 02:51:46 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B6B6 0
0 46ms
43ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3752036220882487&bg=!YmGlYS7NAAZxrfrxUa07ADQBe5WfOO-kBDElMLzQMsSfBtB7sHiH9pPAgRBuDYvew4UA2BU0EeYB9l1-3YvKm8IQwD1XAgAAAY9SAAAAkWgBBwoAoadDrlfEdEtdKBtcvpf71sUa1cFbkX7oTtlT8etI7qRg5hDRRQ-1UcZNYBO0ZOjHGOws7PpkKxoY0CXpMtauPHzKt9b-DXf4bbWWMbjiSAQj_JXSJJER1T2mqz3lCPz4uWV3w6Me2JyiIbRkKqoJai2ygzonqfTOq7IK1F8WlSogNAEM5WSZe-b0kHbb9G_4J556692J2LQSiHsU3WDeYjLZmQLbXuUiG-bOKmXmq-rr7160UrF5UjG769P5gRsuCVvQbTSlCgI7I317KzdgHoPAZGFrT661Oon1FlJ_jNmnPp8RMNqtRpJcvHEm0dNi9g2q3CmfiOqI2W7PQ9l15VNqTrIaxnifHqCmioAE8Oe3TjWu8XlIrbZpkmWjw3Iw8Z4kVPrHqXThjW9Htd-OaGkQ0I2QKXK_isHP1RyxBBILYcg7EUa0lAojxihA5lnAVKbs_LRselxxegAhuq6nEG_AIP9h8AHJbzja7jwJ5RmvkC2xxhrZ6Mb77x4skfO0GQEPDdtVt9ZHWQNhV3dEXG3RMasGQJ8_jxOt5h6nGhNRLQOCGSDtO7a3uEW2hgD9i1m8tcE2e2yERXL8m791TEOWeWeTxwwFL2vURqJZNY4khmDo2NTqgEZUUWnyxI-t0zK1-gF6WU3tYwUraJObsrWnsBuCN7dpIFOg8V5RdmZa0EQPtl1gvrep_0_FikWzOcU3nMKR_hR6XEnyCgnpMMQM-HLOiAwlQPa_vJdy8EWGKP0lnDKE3fbyVat5m_tRjKCwOd4__ksPveU6YMZIW9u8BHGimm3JEIVdmj9iq3I04HqJh-Z9INxE11j5jG4d0LpWXZnXLsGFWFRGuPzKtN_DxQ0DCehx0TgFl4UcDY3TvG0Y9YdYU7dEslAab_VaAMpec--yobsScl3gvVPXL6hZnOsobPro_q3_RYCM5oYGuZWXNzgfgp-TQ3zy2aqfm7s8yler2DR675I1I0dwGUV6jxyZ40K34rB-H6YfVeXNr0Tm1h-jaPMShfq-UTA-zYlE3K6Os570kOntieK9TZNPDgmRWuJNU9FBZJeUfMpzlcW1grYo8G_An2QQgNd9JEZxqLQd5wG7xeIuL0-tkMacqeqTHzC4Gp-VCVj7Ugpjr9BzGG-Wrkn-5qXNfIr8qCi05WJYPAj76Rg2Dfvh0vPSJK6r7onqUSwo3RrNHNM
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 429 KB
135 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 13:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49608
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137535
x-xss-protection: 0
server: cafe
etag: 18342593356503948095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 20 Nov 2024 13:05:00 GMT

GET
H2 403 adScriptBlocking.min.js
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/ 0
0 43ms
14ms Script
text/plain 2606:4700::6810:5614

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScriptBlocking.min.js
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.js?v=0.3.216a28
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5614 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 tin8.tinxahoivn.com Show response
player.gliacloud.com/violations/ 26 B
578 B 159ms
158ms Fetch
application/json 2606:4700:e6::ac40:c81f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.gliacloud.com/violations/tin8.tinxahoivn.com
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.js?v=0.3.216a28
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c81f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6928acfea351e62723cd2af8ecb4f838f7826708e95b1b6a5ce613d2913df268

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:48 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
pragma: Public
last-modified: Wed, 22 Nov 2023 02:51:48 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wcfnJEYg72YnKGk%2B0ofJqrHnrXWG2sBb6X7P8TnX9tAeVqwtjp0yX8p7Q7DYRrH5QYCXkhSMW71CnTDRVvVfztPaRZN4WWax2x%2Fs1baKjnEwgrhavsblnAclVLaFXW0QtbMY%2Bn5TWJFaAwpgtS%2BbjsCXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: dbe325016e60afb8a5281ada4823487e
cache-control: public, max-age=900
cf-ray: 829ddf6a2fd99b43-FRA
priority: u=1,i
expires: Wed, 22 Nov 2023 03:06:48 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 497F 0
10 B 18ms
18ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qhWtRQ
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pixel.gif
pixel.gliacloud.com/glia_player_media1/ 43 B
93 B 299ms
298ms Image
image/gif 35.227.207.122

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media1/pixel.gif?pp=256%2C144%2C0%2C956&bp=1600%2C1200&wp=1600%2C15910%2C0%2C0&sid=glia-tinxahoivn_mobile&sk=tinxahoivn_mobile&si=tinxahoivn_mobile&sa=zmedia_tinxahoivn&pt=SimplePlayer&ab=0&ta=0&pgu=tin8.tinxahoivn.com&pv=0.3.216a28&ul=en-US&cb=071894465&payload=ea%3Dwaterfall.fallStart%26ofst%3D0
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.207.122 -, , ASN (),
Reverse DNS
Software: nginx/1.23.1 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:48 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 bridge3.605.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 0800 752 KB
241 KB 15ms
8ms Document
text/html 2a00:1450:4001:801::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 318242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 246766
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 10:27:46 GMT
expires: Sun, 17 Nov 2024 10:27:46 GMT
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 11ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tin8.tinxahoivn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 07:18:49 GMT
x-content-type-options: nosniff
age: 329579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 07:18:49 GMT

GET
H2 200 client.js
s0.2mdn.net/instream/video/ 44 KB
17 KB 63ms
14ms Script
text/javascript 2a00:1450:4001:812::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 02:51:48 GMT

GET
H3 200 hls.min.js Show response
cdnjs.cloudflare.com/ajax/libs/hls.js/1.4.10/ 366 KB
91 KB 17ms
17ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/hls.js/1.4.10/hls.min.js

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.js?v=0.3.216a28

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd2f57bd8668c0222e299540b077e8d4f4ada840976122e421bbccd57af420c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1129975
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 92797
last-modified: Tue, 18 Jul 2023 21:04:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64b6fe72-16a7d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFX%2BCGffR6EqJKJ1cLXB2RH86QNGCfbY7iY05R%2FxAtZtxchPyDFKNJJ7mMPaeGhuQdClSj6eRGMmnKtaop837qHl%2F%2FFZkeV1J%2Bx1Y8kXmowbiuzDM61hNvzup0ejJv39DRhY6mzaoIuWHdA3VbcSvjv5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 829ddf6b8d5f3722-FRA
expires: Mon, 11 Nov 2024 02:51:48 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4144 40 KB
14 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 22 Nov 2023 02:55:28 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3675 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstERa3LRZfB2S-lJvyLCENtgJb26xXA02S6VV6EN9BPshADcWcAA6HBhSAJeSdH3884mihgm1QO16esVjwKCpvNmW5qmv3Op6j-91JU7dAYqEsRzd9o&sig=Cg0ArKJSzG_0a_K3OuBOEAE&id=lidar2&mcvt=1071&p=0,0,600,300&mtos=1071,1071,1071,1071,1071&tos=1071,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1463420899&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700621507242&rpt=273&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7A62 0
127 B 13ms
12ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 02:51:47 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET plyr.svg
cdn.plyr.io/3.7.3/ 0
0

GET
H2 200 plyr.svg
cdn.plyr.io/3.7.3/ 6 KB
2 KB 340ms
307ms XHR
image/svg+xml 2606:4700:21::681b:c358

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.7.3/plyr.svg
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.js?v=0.3.216a28
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c358 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 20 Apr 2023 10:33:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3a727a9b7eef825081d78cc6e48aaadf"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EzVqsiWLNXNEceKX3Oow2LNhNp3RI9KBQKQjV3aumpNzQJOO%2Bph4KjcuoU9GFepX0yIc%2FZkT%2BMcGFI96p0G7iPDWko5BoElk%2FKu6Oz%2BKchdD9PEV6rpGAfkvTCWKVGVhrNwxLTBeyOW5"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 829ddf6d6aed9bc8-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media1/ 43 B
57 B 277ms
276ms Image
image/gif 35.227.207.122

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media1/pixel.gif?sid=glia-tinxahoivn_mobile&sk=tinxahoivn_mobile&si=tinxahoivn_mobile&sa=zmedia_tinxahoivn&pt=SimplePlayer&ab=0&ta=0&pgu=tin8.tinxahoivn.com&pv=0.3.216a28&ul=en-US&cb=206139142&payload=ea%3Dplayer.inited%26ofst%3D0
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 -, , ASN (),
Reverse DNS
Software: nginx/1.23.1 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:48 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media3/ 43 B
57 B 275ms
275ms Image
image/gif 35.227.207.122

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media3/pixel.gif?sid=glia-tinxahoivn_mobile&sk=tinxahoivn_mobile&si=tinxahoivn_mobile&sa=zmedia_tinxahoivn&pt=SimplePlayer&ab=0&ta=0&pgu=tin8.tinxahoivn.com&pv=0.3.216a28&ul=en-US&cb=876529577&payload=ea%3Dslot.inited%26ofst%3D0
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 -, , ASN (),
Reverse DNS
Software: nginx/1.23.1 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:48 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 206 blank.mp4
cdn.plyr.io/static/ 2 KB
2 KB 55ms
18ms Media
video/mp4 2606:4700:21::681b:c358

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/static/blank.mp4
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c358 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 22 Nov 2023 02:51:48 GMT
cf-cache-status: HIT
last-modified: Thu, 20 Apr 2023 10:33:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 784739
etag: "08fc2557b6c938f1a251e59b016e90e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBFm%2BTnaeP66VHAF1WLYGmqRvOvFSjWpla0w7NAZN9Vy3LQYKYpl0X2H9thHdw2CS%2BIQUrh3ut7WohmyWqgagjEcaNWV1FK8TFeaT77U%2Fs5dd94XSxHbB0qgyTUe85F%2Bb7teGWzvF70z"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 0-1776/1777
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 829ddf6dcd184d22-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 1777

GET
H2 206 tinxahoivn.com-1700561376.418112.mp4
cdn-gliacloud.urekamedia.co/studio_backend/tinxahoivn.com/ 2 MB
2 MB 182ms
21ms Media
video/mp4 2a02:6ea0:c700::19

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gliacloud.urekamedia.co/studio_backend/tinxahoivn.com/tinxahoivn.com-1700561376.418112.mp4
Requested by: Host: tin8.tinxahoivn.com
URL: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 -, , ASN (),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Referer: https://tin8.tinxahoivn.com/xuat-hien-video-ba-trum/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

x-77-pop: frankfurtDE
date: Wed, 22 Nov 2023 02:51:48 GMT
x-age-lb: 19487
x-77-cache: HIT
Content-Range: bytes 0-2283785/2283786
x-accel-date: 1700602021
Content-Length: 2283786
x-77-nzt: AsO1qhE3Nzf/H0wAANRmOJw3Nzf/ho4AAA
x-accel-expires: @1701602335
x-77-age: 55973
x-cache-lb: HIT
last-modified: Tue, 21 Nov 2023 10:09:43 GMT
server: CDN77-Turbo
etag: "655c81e7-22d90a"
x-77-nzt-ray: 4c156224dcb6f9cbc46c5d65f12bbd35
content-type: video/mp4
access-control-allow-origin: *

GET
H2 200 ads
pubads.g.doubleclick.net/gampad/ Frame 0800 156 B
575 B 264ms
222ms XHR
text/xml 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22825748039%2C22613468195%2Fstudio_admin%2Fdormknight_content_mcm_5_tinxahoivn_mobile_1692606078.165234&description_url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ad_type=video&tfcd=0&npa=0&sz=640x480&gdfp_req=1&unviewed_position_start=1&env=vp&correlator=1524612527620434&ppid=14132710-88e2-11ee-8607-2b6874f2eeb8&output=xml_vast4&ad_rule=0&vpa=auto&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=1629968494&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&sid=CCD504C8-771C-48D7-AFA0-504B39063947&nel=0&eid=44750822%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44804615%2C44807947&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&dt=1700621508782&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&scor=4159880783672035&ged=ve4_td8_tt0_pd8_la8000_er956.0.1110.256_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0800 0
234 B 68ms
14ms Ping
image/gif 2001:4860:4802:32::3

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lp964y4g&c=8491574885203&slotId=4245787442601.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 02:51:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ads
pubads.g.doubleclick.net/gampad/ Frame 0800 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: aj1559.online
URL: https://aj1559.online/zbkRHFtOdCUBC36clASnJg2MhSWle2OO4y3bjDQ7Du1yoqhe4A7JTihcE1lMFkuAZbOnoNSkCC6guN99C7qxcS5JJcG_ImbgW53ijbSRt2CxFZoVElSiCuDvqc9h7k3ixbTK0V0LsBWy2v5n3wy39MtijljuuDzeICzQHmKVhf0iiZSXEl7bj4TGSGT16gNx-Fy2M0DGQhDvIVyLYQWfAxVzdcapHLFb3PqsCvJ-iwDkUaOxGy6D_HEg81EZSiEpX9OCadNE2-EmkZYh9L792TcEx3aqdp67udg1h4l06eNp1o3efArgdPOo4VW54arWnYdWCeVZPS6aq7NFlZTOAUv8Qxj2AeernS3LmFaIykJf1Y5vaOs27WVLgkAwuzVI_8IxVU0J0SMueehps4zXW-leMcnQ?DC=DO

Domain: aj1559.online
URL: https://aj1559.online/zHekuH9xQrZcB9Wpcql-eqUIXp8egFsgOwhQkYZc6FA2ZKcxVR0Kdh16l9EezVXe1yaskpZBCMOjyqF4vieoFIFZn8tl-c4ZELiLztzNj3LNrKlVWYMNudmt5yOS-Wh5SWvg4fCQ73ODSjM5vP0lb-kAIiTk9LnJCxBEOpSO_jX1wUxxVlLgM-l8yd8qug-dq-T-AUdy7m5RxAEHmXO1ZLW9FwKhcnIrNYke-s4v0Et-bwflFje9ZczzBOi9_6cN2r-D8pTuecWR4YDtIjy9iOnAXUzJQCt2wbNrRv6SCh3AZCzeHwDCHt4ENJScKFeBFqDQHRbYaRKEWAFX4w-tjfCPgnNURQ_iPVSaEdsqciLMWEA4cxvpkDtq8UxDemMnBhcLOvS7qpDf4hJCXF7TTOvJjEK16PXoURtOMmbteEAxeIdDBA_A?DC=DO

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?source=283156&sync_limit=7

Domain: cdn.plyr.io
URL: https://cdn.plyr.io/3.7.3/plyr.svg

Domain: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21818843116%2Fglia_adx_5_tinxahoivn_mobile_1692606029.317788&description_url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ad_type=video&tfcd=0&npa=0&sz=640x480&gdfp_req=1&unviewed_position_start=1&env=vp&correlator=1524612527620434&ppid=14132710-88e2-11ee-8607-2b6874f2eeb8&output=xml_vast4&ad_rule=0&vpa=auto&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=3737005103&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&sid=CCD504C8-771C-48D7-AFA0-504B39063947&nel=0&eid=44750822%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44804615%2C44807947&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&dlt=1700621501077&idt=7515&dt=1700621509137&cookie=ID%3D9f20e6f072ab3f20%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w&gpic=UID%3D00000cd6bf326778%3AT%3D1700621502%3ART%3D1700621502%3AS%3DALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw&scor=4159880783672035&ged=ve4_td8_tt0_pd8_la8000_er956.0.1110.256_vi0.0.1200.1600_vp100_ts0_eb24171

Verdicts & Comments Add Verdict or Comment

167 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tinxahoivn.com/	1970-01-21 01:59:41	Name: _ga_128MY772SD Value: GS1.1.1700621501.1.0.1700621501.0.0.0
.tinxahoivn.com/	1970-01-21 01:59:41	Name: _ga_KQLGDK28W5 Value: GS1.1.1700621501.1.0.1700621501.0.0.0
.tinxahoivn.com/	1970-01-21 01:59:41	Name: _ga_SHGKFYC5EF Value: GS1.1.1700621501.1.0.1700621501.0.0.0
.mgid.com/	1970-01-20 16:23:43	Name: __cf_bm Value: fvLB9KIHCMoWC_gO6UWE.krfY5UkCtSc7q22DrsvUXw-1700621501-0-AVqhHFZTs1jLo2iPBoJc4JcRKhW21rO3FHk5LDjeWJwK+W5EWNuIx1Qpzcc3eztmrZeN/FnpeYm59vR5XmKaVDQ=
.aj1559.online/	1970-01-21 01:59:41	Name: UUID Value: b58a45bf-8093-5f03-ad11-5b922d8e9789
.tinxahoivn.com/	1970-01-21 01:45:17	Name: __gads Value: ID=9f20e6f072ab3f20:T=1700621502:RT=1700621502:S=ALNI_MZImbLW9mgoW1TNRwhNU2SPLJxo4w
.tinxahoivn.com/	1970-01-21 01:45:17	Name: __gpi Value: UID=00000cd6bf326778:T=1700621502:RT=1700621502:S=ALNI_MbuetZ94B-pnLT66e6fvbC3DVb-bw
.adfarm1.adition.com/	1970-01-20 18:33:17	Name: UserID1 Value: 7304113733968656523
.w55c.net/	1970-01-21 01:53:55	Name: wfivefivec Value: 0zWbjseP1R5Dl45
.travelaudience.com/	1970-01-21 01:53:55	Name: _tracker Value: %7B%22UUID%22%3A%22140D74C6-17CA-49A7-2E02-4D137E2144A7%22%7D
.doubleclick.net/	1970-01-21 01:45:17	Name: IDE Value: AHWqTUkCJsK1RNzAkCA70TUUyiZnmjEJxzlwmFomV1kD2jQ__0R6PJuj0vgNEDUBG-w
.quantserve.com/	1970-01-20 18:33:17	Name: d Value: EAwBCQG-KoEA
.quantserve.com/	1970-01-21 01:53:55	Name: mc Value: 655d6cbe-53671-15301-900bf
.w55c.net/	1970-01-20 17:06:53	Name: matchgoogle Value: 5
.de17a.com/	1970-01-21 01:02:05	Name: guid Value: 1.7594905501214202705
.blismedia.com/	1970-01-21 01:09:21	Name: b Value: 655D6CBEEFB8F966D252EC08BLIS
.ctnsnet.com/	1970-01-21 01:09:17	Name: cid_b652435db3b44eac8d2a2381926b1674 Value: 1
.ctnsnet.com/	1970-01-21 01:09:17	Name: gid_CAESEAFBREyXBnMFXAjMB1QJJu0 Value: 1
.yahoo.com/	1970-01-21 01:09:39	Name: A3 Value: d=AQABBL5sXWUCEN2vQxly3a67TXny2XPYrkwFEgEBAQG-XmVnZQAAAAAA_eMAAA&S=AQAAAkmO9gfkc4umfw7CCL-CfJk
tin8.tinxahoivn.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1477392%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221700621503100%22%7D%7D
tin8.tinxahoivn.com/	1970-01-20 17:06:53	Name: _pbjs_userid_consent_data Value: 3524755945110770
.doubleclick.net/	1970-01-20 20:42:53	Name: APC Value: AfxxVi6qvlLjBqViNy-wIbyC8jznMSkt4FNs2vmtZr--nDl-c0V2xg
.adform.net/	1970-01-20 17:06:53	Name: C Value: 1
.adform.net/	1970-01-20 17:50:05	Name: uid Value: 8509464236722835497
.tribalfusion.com/	1970-01-20 18:33:17	Name: ANON_ID Value: abnvBNxlqLlnJVsPT6n65PacvwfcJJLfxOpyjKrHJUTVfBwe0hYq1kgyZdS2QUYMFoCb0QI41GWpm0sLMyMBTxlZagZd27RImiSS8D8hM5cXc5d9Zan8m6ql
.tinxahoivn.com/	1970-01-21 01:59:41	Name: _ga Value: GA1.2.1730419367.1700621501
.tinxahoivn.com/	1970-01-20 16:25:07	Name: _gid Value: GA1.2.1412156452.1700621507
.tinxahoivn.com/	1970-01-20 16:23:41	Name: _gat_PTO_MB Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7158217283&adk=3375755801&adf=3353007588&pi=t.ma~as.7158217283&w=930&fwrn=4&fwrnh=100&lmt=1700621502&rafmt=1&format=930x280&url=https%3A%2F%2Ftin8.tinxahoivn.com%2Fxuat-hien-video-ba-trum%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700621502000&bpp=4&bdt=923&idt=4&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8491574885203&frm=20&pv=1&ga_vid=1730419367.1700621501&ga_sid=1700621502&ga_hid=1401417511&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809004%2C31078297%2C44806140%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3592919157422686&tmod=141995989&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=20 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://sync.search.spotxchange.com/partner?source=283156&sync_limit=7 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScriptBlocking.min.js Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0-3-216a28-dot-living-bio.appspot.com
a.tribalfusion.com
ad.doubleclick.net
ads.eu.criteo.com
ads.pubmatic.com
ads.travelaudience.com
aj1559.online
api.ipify.org
c.mgid.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn-gliacloud.urekamedia.co
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.plyr.io
cdn.steepto.com
cdnjs.cloudflare.com
cl.imghosts.com
cm.g.doubleclick.net
cm.steepto.com
cms.quantserve.com
csi.gstatic.com
csm.eu.criteo.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
id5-sync.com
imageproxy.eu.criteo.net
imasdk.googleapis.com
jsc.mgid.com
lb.eu-1-id5-sync.com
match.adsrvr.org
pagead2.googlesyndication.com
pixel.gliacloud.com
player.gliacloud.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
region1.google-analytics.com
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
s-img.steepto.com
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
server.zmedia.vn
servicer.mgid.com
static.criteo.net
sync.search.spotxchange.com
tag.adbro.me
tin8.tinxahoivn.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
aj1559.online
cdn.plyr.io
pubads.g.doubleclick.net
sync.search.spotxchange.com
104.19.128.72
104.19.129.72
123.30.177.102
142.250.185.70
142.250.185.98
162.19.138.82
173.231.16.77
178.250.1.6
178.250.1.9
18.157.154.195
184.30.16.195
2001:4860:4802:32::3
2001:4860:4802:34::36
212.124.124.115
213.155.156.165
2606:4700:10::6816:30fd
2606:4700:10::6816:3556
2606:4700:1::6813:824c
2606:4700:21::681b:c358
2606:4700:3031::ac43:88e4
2606:4700:4400::ac40:9281
2606:4700::6810:5614
2606:4700::6811:180e
2606:4700::6812:19ad
2606:4700:e6::ac40:c81f
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:800::2001
2a00:1450:4001:801::200a
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:812::2006
2a00:1450:4001:81c::2014
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:830::200e
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:d::c
2a02:6ea0:c700::19
2a02:fa8:8806:21::1690
2a05:d018:d29:3602:be7c:8786:5b47:1e53
34.96.105.8
35.186.193.173
35.190.0.66
35.204.158.49
35.227.207.122
37.157.6.254
52.223.40.198
52.28.254.225
85.114.159.118
014a797d310432535ec5ff99aa138a98d5ba0113028154406085e5bb8dcd5f50
01c2dde5b16b6d93b60d1b5e15169b2a3b23ddc34ff368dd420fa390a51c043a
02d8d8d1d3f164722d3aae632d7f0847fa5e99e1f0bc0442043779016dc2f500
05bb48c83cd04e2a6ca75b34df1b99db6e9ffb6accdad2464019b831d74578b8
082c9d05f7fe8ee21d0bfdc99d5a5aed8716c9c66767b24a3c24c19da3b17171
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b5f2746907c063894fa5fddc029eff4459decfafcd8dd5b3eb39c70df4043a2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cdf7ea3b474c0386095c61755691af8545e472b38686666ef5f9854eb1180bb
0f2d79f369d3c083f2a4be911dc46e9a62188502d54c175533aba4909472ce3d
10cdf5dc56e03e5c6c2211aabde212b1ba6f9633a65d9307a20506551217d6b2
12d50f3f2c0011179b49ea047bef6aaea317ab534e723b55d06a46087085736e
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1453242e022fe2a2435384d732ec220f07eddd1b911559b037b2d84f175524a7
18d9eab148d96c000b63e05346bdbe0845f2c3bc3ebd158c116072c45b174f01
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
195003aa099b6b30dd9e5831468fefd6e002aaa565f1b3aad442c3cdae7cb0e7
1b6e5d2b8f6eb82db5d2fb74d08dc7f21b87eebc07c81c8ef86fb3baab1c0c57
1bb0633cf615d1950231a4713fec1be1dc1c879f872c45c4297186a2d1f7abdd
1c6ac4c92b43937d30f33e2ba301b56e55ad12aa721aa944b20da43196fa4592
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1dfedb61a9841307009dde0dc42b94db8b4784c7947d5bdd9b46591d7b60a433
1e3bf3cdbc12d525705deac223abab07c46073686eb005158c29fbca6ba9ed03
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
20901902ecc68d58d11313f3d81b4b61e896806036b509a810cdf48e9de5255b
21c0d6129cc12185f624cc61b91ff12bc702e7369d63bc6a80a6ecaad6ad238f
2781e9e7c3f369b8fc7965e679b17b60b5b11eaae5da1e5045107bbdd9d568f0
282909584e99989f050e2f0a3a2beac7e9cd9dcbb1094db3218097c886cec23b
2a5d29a5a393dd7537c839a0ba0090aa7ba21cef29293ab6c647e36c98065644
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2eefa35233396cfa81b101daf01dca80def1e89fc1fb9ff298e78f2bddc3c951
2f29d2ebe51626f462417aefa5d76ca764eab4afa27a0500fa532f519793dc69
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30a010f4324b08015f4ba8af4478c87b037b35cb12aecf09a69cf94dd72e82ae
30c113f613cf35756f4823cc184ee9479e922f79a4df544ff08a4f002982c3bd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35851c34e4be78d12fc79cbf6964e7fc614c8ff0a7f6d32e223f2ff4ba84af09
39c313444e7c1c2abcefd1f50d26d0fcc72c453571db6b961aab1b27671347e2
39e9f95e5f1a294713b1d0a6b74b479fe0207661f96dd19d85f43bcf299cd00a
3a38c967413f7bce36d3baefc321aade81edf369e6a99dc32d911550148f636f
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3d29b8ee817ab19b9d55ac96fa742ce033340d1ba318e940b9d1f682b6c90b81
4035a43c6984acac6e1d7bce62d2390c8fc0ca4843e64278d2e5878c0856a4f3
43dbe17308f0ee0d632562d9b45ba47e42f6ac2e228990de3934deca99c7e547
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
4b5be406a39bb8d975ff8a89207196896c4fe81c9d9e9b1eabbdd0d74474e6d1
4bae027b49606df97113d61a72c4dcca2f5eb17518b72aede4824e2139eb429b
4bf9f0181200ce23cd6f1c67e85511922ceb56bb30631bd6623450d9a7909566
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e55b451621a060d376f1b31af3b370ea3d65ab7532ca82e875e52882deefbae
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
4f5862ddc3290d7258f7e7c7b132504904f41da1400e9c8d16407c4adb0db9cf
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5012e5915ecc3dd381c1b940bd08475818b4266e885e67bdc3cb5b50c9b12380
522cdfddca073f959b2cf1aabcc191f7d2339c63f5859eeca079bb759a0d435d
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
540eccc097b2db7e156bf4b8b15600e3497097a624a4ea7c6e9fbe51263d991b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c42b730ca713b035def0627103a30502f57f3cb92b70646cf3a4ec6fd167d6
5759d7f93cc66105913209060cfe8095589fa2242056a7b80dc1f1272230dc7e
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5922b6df487a5aa8ed91b63e68202554f66a9ebcb44e675efb9e4548d6478a42
5cf2024d282e55ec897e474359cac86a34b8b0867d66ac4a03d88e61207dae9b
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
614cfb756bde5572ddced01f4d0e372146c3290deae05db22070327f13a17597
61ae424df439ea34b89eeb416074bc0214bc3d943dff687cc821896bde75d981
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
657e6dbb6cf905fa06929854e64618f0aee6d1c08804cef18fc01507833c0c7d
66617fcfac12bced6e04696091cd32393af2643ef4f3069bb0b43528b2c932a9
6756b6bc99704347f59766ca80e7fa12e9aec8eec97e6626988300e14b484415
68afb75b6ccc9da9157a54429bed57b3a0c42dc62c3e1fac10ac6490bb41a960
6928acfea351e62723cd2af8ecb4f838f7826708e95b1b6a5ce613d2913df268
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6abbaf6abc734ad766d3bc80c90fa6efb439195a871c37fe6e6883fc348dbc85
6ca695ede92c2530b7df3a73890d274dd1146b1b1d11e47400346e0644f40824
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
71758e5b7948e62d1c2854ad59d2f67fd38be6fc1b46b278125456f9da5cdec2
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
722a90d42ef2bd0ea38f0fdac6b4c0523aa4a027e9ffe889972100746e165582
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
74e4cdeeb9d39cb5cde81b406f2d3dadb2ec92e4643a6afb1a436e921fef8a39
761f02f9ce7edd7bb0135a674d27c64857cb58cbc31f83ef0792045607babc9e
779928d8c88d58be3a373490e2295c6ac5efc41632c3c64ca472b97bcc951d4f
785262c31960480e3ad1e1cd1df97203d954cb3ec895591d60b81c87f3670ed2
78ee33b2b1a214768aa39a735c190af26244befb4ac6bc059950d85d15902220
79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45
7ba59bdfa5df7ac0f5efd3d15e24f89455c8f30e3b8260586c0429b2219c2887
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842694dde1f0df86bfcb208d1aee5c98c7c1b27b1137f23c0eb347ea71204097
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
89a4d48176ed66983aee1e9b874d852f7225c37f4d23041439c6ffada36f3d45
8bd7601a2b17033f5df04eafe1d6eec2a476a396da7121399f5199d17d405c40
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d76f694e104604d4f1efd87fb907d18ffc3a35629112df6b9d10dbd03887a3d
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
91412d7079f64f81e6943218fa890e5721b7c2d261cde6dd3c25b693a92c3805
9169d8be7a8177e5a92a4d04b6de7f6504b938573bf4da5889871c4f376d3849
924eb2aa75c2bbc01d1cd3689890b1e01315e07864747148fb55798fefd477d8
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9371423dc62dc2b3db0178dbbc31837a82a13aca9cbcbf6354a4cf278e2dd24f
93e30c19cf73c304a0d5eb17cec336546e84b42839b5d0696fb76d99da883ce1
94df8d78c3297051e5d5dfa138dc1519dca9975b9ba5d7cf47f5023bf378f26f
9630f3cef2868c644e403f51bf092dd7ed88af5ecc372562dfb638e037dac81b
97d82e3752e091fe2684a4b1efaf78edea2152189090ebcd417fd00eb82288b4
98fe33d2130caa95325db6eba43fc7048e2408485806288e3cc5a1e502ba2cfb
991fd4a4d81847aba58c0795a43492dbe1e67d336a843553d9af5c12471055ad
9a06aa84f08b4d57747e5eba867aa061deaadb4e657ca532d10e73b5a36fd73c
9a450b0780278c5492b672a8afb3735247d2d2ca8c6fab5f1c3b43541ff2a477
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c15f7b06458075c69b40e79f03e62d43017ecf4c618487add407ee47e438684
9fac3e33c9cfb1292e532ff09ff978a92bcccd41a1bd79c6a13dc5631c712a8c
9fdb69e7e1ea61be2e37d528e724f3756f79446902b89f4e8db5fff26e48d032
a04ec3b2d9529b7776095594dd263610b8d78b8428075ee9b1a561a342367541
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1fbc1384d1f5de262407cb6486a6a4a6c8e42a2c505f514e3abbd81063d0eab
a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745
a2ac425514fee3ae22901b49f4e5f640b325c647d6ebd4426558566deaea0e95
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
a4e06464b1d4d7584d26a4e91bc5ab6deb2e7e939b73dbc53964805c905db4b2
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a92523548ecceb29bbc011a48c6fe3526ef1c02ac2f1e47fff371a936f8e1e5d
a93042efe84eda6176a528caaec7f60ba035a030f28af080201217480c6eaa73
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad55816ac6c62f214e60a1913ff4f0215ab329034cbc7436a5514941449ca7b9
aee2f0e6c65fbbab5b25dfd4098ef08319e32220611c30abc25e10aebc47d993
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
b4c1a913035deba9a588514fc9ef13eba470be118d5c6abb18ef711b8f77da77
b6661e0f778cfa95a01dae4b440530bb6896ee3bd2f1126538839db07250fd42
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd7e9705573e01d301efe30f1dc3c4a488da6e7f65f23940e80bb819f029bfd5
bf5cf56243bee2ac91116a2f2a84491969da7f18d808d3a42029401fc69d66bc
bf97a54554b9342c52244e97140cceb1ffc4e63696c0431088b570760bb640f6
c5baf440e8c9d9164da2534c19d4fca03c1dac650eae9e6377f39b8156f03259
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
c6cc96ee36df1dd833315cd406eff3c02ec03c330808824a60d69b5b90cfb4a4
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
cd2f57bd8668c0222e299540b077e8d4f4ada840976122e421bbccd57af420c1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d2b183bab67f6ccec7a73145d7553a3e3294d470b0d49bda1ee5de802b590394
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
dc1d92866be59f30d87af03ca650208889f844a6059f435f796eb5fcb9bf766d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1b7562b902a3027eafd0d0200b9769ae0acc4a7c9bd6d7bbdd26efa7aa737e9
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d88d1097801509f6160f41ea7ecf7ca2f2c32bc0f1ddae6179b6daed17b0e5
e583cccb6f3c00a3e47ca6ebf1a9a6dbfc80377b313dd1ebfe6c8d207f22336c
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e612247cea248e968a50348d1e33e09c6e2657a950d72c5e1cfc974e5ec73d9c
ea4af374c2573e661d0cefccaf91a5798dcfefd528ff072960cfe9e7ad7610f1
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eb9f037b8ddff6f9ef0236c133d4204a4b0488896d0f7ce56e132cb6b704f5f3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f186776222454940ba9c56f9b38ed47872a619c5542db6081d6306ee391ba88e
f27172df09a4481d0b9b8704f1d4142aa432bee9c46a22097e0e45a744d1aa28
f2899d216addc665197190e5055529b141c96a1b28ae02938a286fc0db35251e
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
f46b013e7151fecfe7d1112aaccdbcbc4941e61b0aee8606dba1b2d8883d565f
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f50a8430f181ee644e80604682ecbd5a8684ed9e0dfa455c95bbbded61f58c7b
f532b1d4c30d3692c9d58690f83c1e9d2d17851ad0aecaccab8dbc8f00744440
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fab38753127309dfc13b2a2a69aa009b014754536921edf26cf9db11a9cf7ec8
fb3ed351cd5c0f1f30f88778ee1f9b056598e6d25ac4fdcab1eebcd8be521cd9
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
feade23a47f6041e6d1008885642dd7ab7cc4f12d94b0c7191c9cf8ca55df97d

tin8.tinxahoivn.com Open in urlscan Pro 2606:4700:3031::ac43:88e4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

338 Requests

92 %HTTPS

61 %IPv6

43 Domains

64 Subdomains

50 IPs

9 Countries

7896 kBTransfer

17188 kBSize

28 Cookies

2 Outgoing links

Redirected requests

338 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tin8.tinxahoivn.com Open in urlscan Pro
2606:4700:3031::ac43:88e4 Public Scan

Screenshot
Live screenshot

Full Image

338
Requests

92 %
HTTPS

61 %
IPv6

43
Domains

64
Subdomains

50
IPs

9
Countries

7896 kB
Transfer

17188 kB
Size

28
Cookies

338 HTTP transactions
12 data transactions