www.tinthethao.com.vn Open in urlscan Pro
203.162.2.86 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.tinthethao.com.vn/
Effective URL:
https://www.tinthethao.com.vn/
Submission Tags: falconsandbox
Submission: On February 15 via api (February 15th 2021, 5:50:50 pm UTC) from US

Summary HTTP 600 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 81 IPs in 13 countries across 72 domains to perform 600 HTTP transactions. The main IP is 203.162.2.86, located in Viet Nam and belongs to VNPT-AS-VN VNPT Corp, VN. The main domain is www.tinthethao.com.vn.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 5th 2020. Valid for: a year.

This is the only time www.tinthethao.com.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 36	203.162.2.86 203.162.2.86	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	116.203.211.59 116.203.211.59	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:212... 2600:9000:2127:4400:18:681:2880:93a1	16509 (AMAZON-02) (AMAZON-02)
59	103.90.220.90 103.90.220.90	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
1 3	222.255.217.231 222.255.217.231	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
5	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	23.196.202.183 23.196.202.183	16625 (AKAMAI-AS) (AKAMAI-AS)
2	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
2 4	2600:9000:212... 2600:9000:2127:ac00:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
19	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
22	2a04:4e42:1b:... 2a04:4e42:1b::626	54113 (FASTLY) (FASTLY)
4	34.243.35.122 34.243.35.122	16509 (AMAZON-02) (AMAZON-02)
6	188.40.114.5 188.40.114.5	24940 (HETZNER-AS) (HETZNER-AS)
7	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	152.199.22.243 152.199.22.243	15133 (EDGECAST) (EDGECAST)
17	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
17 140	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
47	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
49	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
1 3	2.19.34.195 2.19.34.195	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
9	2606:4700::68... 2606:4700::6812:da5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.35.249.226 3.35.249.226	16509 (AMAZON-02) (AMAZON-02)
3 12	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
9 15	184.30.20.241 184.30.20.241	16625 (AKAMAI-AS) (AKAMAI-AS)
4 5	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 2	184.31.88.106 184.31.88.106	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:1f18:612... 2600:1f18:612b:4200:8331:bab2:3072:ce38	14618 (AMAZON-AES) (AMAZON-AES)
6 8	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
2 2	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1	115.88.123.125 115.88.123.125	45974 (NHN-AS-KR...) (NHN-AS-KR NHN)
1	203.133.167.207 203.133.167.207	9764 (DAUM-NET ...) (DAUM-NET Kakao Corp)
1	15.164.190.193 15.164.190.193	16509 (AMAZON-02) (AMAZON-02)
3 3	52.28.254.214 52.28.254.214	16509 (AMAZON-02) (AMAZON-02)
3 4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 2	104.84.57.138 104.84.57.138	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	185.86.137.131 185.86.137.131	201081 (SMARTADSE...) (SMARTADSERVER)
8	144.76.91.199 144.76.91.199	24940 (HETZNER-AS) (HETZNER-AS)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	94.130.102.164 94.130.102.164	24940 (HETZNER-AS) (HETZNER-AS)
1 4	159.69.70.9 159.69.70.9	24940 (HETZNER-AS) (HETZNER-AS)
3	88.99.165.19 88.99.165.19	24940 (HETZNER-AS) (HETZNER-AS)
3	46.4.10.49 46.4.10.49	24940 (HETZNER-AS) (HETZNER-AS)
10 14	104.109.83.210 104.109.83.210	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8 12	84.200.5.215 84.200.5.215	31400 (ACCELERAT...) (ACCELERATED-IT)
1 5	2606:4700::68... 2606:4700::6812:d25f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	85.239.105.10 85.239.105.10	16097 (HLKOMM 04...) (HLKOMM 04107 Leipzig)
16	2606:4700::68... 2606:4700::6813:ba79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6813:fb79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
4	5.148.168.135 5.148.168.135	29691 (NINE) (NINE)
2	2a00:d70:0:b:... 2a00:d70:0:b:2002:0:d91a:365b	29097 (HOSTPOINT-AS) (HOSTPOINT-AS)
2 2	18.159.182.76 18.159.182.76	16509 (AMAZON-02) (AMAZON-02)
2 2	193.232.148.159 193.232.148.159	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	35.244.147.96 35.244.147.96	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	54.93.141.230 54.93.141.230	16509 (AMAZON-02) (AMAZON-02)
1 1	184.30.24.22 184.30.24.22	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:9cf3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:710... 2a02:26f0:7100:184::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
5	52.45.78.137 52.45.78.137	14618 (AMAZON-AES) (AMAZON-AES)
1	18.211.56.72 18.211.56.72	14618 (AMAZON-AES) (AMAZON-AES)
2	52.48.123.100 52.48.123.100	16509 (AMAZON-02) (AMAZON-02)
5	184.30.20.198 184.30.20.198	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	213.155.156.182 213.155.156.182	1299 (TELIANET ...) (TELIANET Telia Carrier)
14	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.190.106 185.64.190.106	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
2 2	54.228.114.223 54.228.114.223	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.247 37.157.6.247	198622 (ADFORM) (ADFORM)
1 1	185.29.133.199 185.29.133.199	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
3 3	18.195.193.185 18.195.193.185	16509 (AMAZON-02) (AMAZON-02)
2 2	18.193.144.52 18.193.144.52	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
2 2	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	159.65.196.12 159.65.196.12	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	185.64.190.75 185.64.190.75	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	104.84.56.214 104.84.56.214	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.159.228.25 18.159.228.25	16509 (AMAZON-02) (AMAZON-02)
2	23.67.134.226 23.67.134.226	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	221.132.35.178 221.132.35.178	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
600	81

36 203.162.2.86 (Viet Nam) 1 redirects

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

www.tinthethao.com.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.203.211.59 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.59.211.203.116.clients.your-server.de

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:4400:18:681:2880:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed.dugout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 103.90.220.90 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)

media.tinthethao.com.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 222.255.217.231 (Viet Nam) 1 redirects

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

ss.yomedia.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.196.202.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-202-183.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2127:ac00:1:a3fa:7cc0:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a04:4e42:1b::626 (United States)

ASN54113 (FASTLY, US)

ssl.p.jwpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets-jpcust.jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prd.jwpltx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.243.35.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-35-122.eu-west-1.compute.amazonaws.com

perf.dugout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.40.114.5 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.5.114.40.188.clients.your-server.de

tt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.22.243 (United States)

ASN15133 (EDGECAST, US)

entitlements.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

140 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany) 17 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.34.195 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-34-195.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6812:da5 (United States)

ASN13335 (CLOUDFLARENET, US)

videos-cloudflare.jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.35.249.226 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-35-249-226.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 184.30.20.241 (Frankfurt am Main, Germany) 9 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.221.87 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.31.88.106 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-31-88-106.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:8331:bab2:3072:ce38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.94.180.126 (United States) 6 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7000 (United Kingdom) 2 redirects

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 115.88.123.125 (Korea, Republic Of)

ASN45974 (NHN-AS-KR NHN, KR)

ace-sync.toast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.133.167.207 (Korea, Republic Of)

ASN9764 (DAUM-NET Kakao Corp, KR)

analytics.ad.daum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.164.190.193 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-164-190-193.ap-northeast-2.compute.amazonaws.com

adx.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.254.214 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-254-214.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.84.57.138 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-57-138.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.137.131 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 144.76.91.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 94.130.102.164 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de

hal900012.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.69.70.9 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.9.70.69.159.clients.your-server.de

hal900017.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.99.165.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de

hal900028.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.4.10.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de

hal90001.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.109.83.210 (Frankfurt am Main, Germany) 10 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-109-83-210.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 84.200.5.215 (Germany) 8 redirects

ASN31400 (ACCELERATED-IT, DE)

cct.connects.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:d25f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.conrad.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.239.105.10 (Leipzig, Germany) 2 redirects

ASN16097 (HLKOMM 04107 Leipzig, DE)

trf.greatviews.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tms.parship.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700::6813:ba79 (United States)

ASN13335 (CLOUDFLARENET, US)

www.parship.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:fb79 (United States)

ASN13335 (CLOUDFLARENET, US)

www.elitepartner.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 5.148.168.135 (Zurich, Switzerland)

ASN29691 (NINE, CH)
PTR: adresult08.nine.ch

www.adtracker.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:d70:0:b:2002:0:d91a:365b (Switzerland)

ASN29097 (HOSTPOINT-AS, CH)

www.linsenkontakt.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.182.76 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.159 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.147.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.147.244.35.bc.googleusercontent.com

pix.impdesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.141.230 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.22 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:9cf3 (United States)

ASN13335 (CLOUDFLARENET, US)

eum.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100:184::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

vast.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.45.78.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.56.72 (Fort Worth, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-56-72.compute-1.amazonaws.com

gov.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.123.100 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

eum-eu-west-1.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com

vpaid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

streamlyn-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.182 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.106 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.228.114.223 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.247 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.133.199 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.193.185 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.144.52 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.25 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.196.12 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (United States)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

vid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.84.56.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)

aktrack.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.228.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.67.134.226 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

video-ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 221.132.35.178 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)

analytics.yomedia.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
121	googlesyndication.com 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com ade.googlesyndication.com	524 KB
95	tinthethao.com.vn 1 redirects www.tinthethao.com.vn media.tinthethao.com.vn	1 MB
91	doubleclick.net 20 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net	305 KB
49	2mdn.net s0.2mdn.net	812 KB
23	pubmatic.com vpaid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com aud.pubmatic.com image4.pubmatic.com Failed vid.pubmatic.com aktrack.pubmatic.com Failed	91 KB
23	redintelligence.net 2 redirects hal9000.redintelligence.net hal900012.redintelligence.net hal900017.redintelligence.net hal900028.redintelligence.net hal90001.redintelligence.net	151 KB
21	googleapis.com imasdk.googleapis.com fonts.googleapis.com	2 MB
17	parship.ch www.parship.ch tms.parship.ch	247 KB
15	casalemedia.com 9 redirects dsum-sec.casalemedia.com	13 KB
14	google.com adservice.google.com www.google.com	3 KB
13	googletagservices.com www.googletagservices.com	407 KB
12	jwpltx.com prd.jwpltx.com	511 B
12	connects.ch 8 redirects cct.connects.ch	3 KB
12	awin1.com 8 redirects www.awin1.com	7 KB
12	jwpsrv.com assets-jpcust.jwpsrv.com videos-cloudflare.jwpsrv.com	2 MB
8	aniview.com vast.aniview.com player.aniview.com track1.aniview.com gov.aniview.com	97 KB
8	spotxchange.com 6 redirects sync.search.spotxchange.com	5 KB
7	gstatic.com fonts.gstatic.com csi.gstatic.com	53 KB
7	yahoo.com 5 redirects ads.yahoo.com ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	5 KB
7	openx.net 4 redirects us-u.openx.net streamlyn-d.openx.net	2 KB
7	google-analytics.com www.google-analytics.com	56 KB
7	jwpcdn.com ssl.p.jwpcdn.com	230 KB
7	onthe.io cdn.onthe.io tt.onthe.io	20 KB
5	conrad.ch 1 redirects www.conrad.ch	7 KB
5	adnxs.com 4 redirects ib.adnxs.com	5 KB
5	google.de adservice.google.de www.google.de	2 KB
5	jwplayer.com 2 redirects cdn.jwplayer.com entitlements.jwplayer.com	7 KB
5	googletagmanager.com www.googletagmanager.com	185 KB
5	dugout.com embed.dugout.com perf.dugout.com	50 KB
4	bidswitch.net 3 redirects x.bidswitch.net grid.bidswitch.net	3 KB
4	rubiconproject.com 1 redirects pixel.rubiconproject.com video-ads.rubiconproject.com optimized-by.rubiconproject.com	23 KB
4	adtracker.ch www.adtracker.ch	62 KB
4	dable.io static.dable.io api.dable.io adx.dable.io	31 KB
4	yomedia.vn 1 redirects ss.yomedia.vn analytics.yomedia.vn	236 KB
3	instana.io eum.instana.io eum-eu-west-1.instana.io	10 KB
3	elitepartner.ch www.elitepartner.ch	14 KB
3	smartadserver.com 1 redirects rtb-csync.smartadserver.com	2 KB
3	advertising.com 3 redirects pixel.advertising.com	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com	947 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	721 B
2	sportradarserving.com 2 redirects a.sportradarserving.com	1 KB
2	adform.net 2 redirects c1.adform.net	824 B
2	adsrvr.org 2 redirects match.adsrvr.org	990 B
2	fiftyt.com 2 redirects visitor.fiftyt.com	997 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	360yield.com 2 redirects match.360yield.com	789 B
2	adhigh.net 2 redirects px.adhigh.net	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	linsenkontakt.ch www.linsenkontakt.ch	120 KB
2	greatviews.de 2 redirects trf.greatviews.de	2 KB
2	zenaps.com 2 redirects www.zenaps.com	1 KB
2	cloudflare.com cdnjs.cloudflare.com	43 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com	1 KB
2	teads.tv 1 redirects sync.teads.tv	414 B
2	taboola.com cdn.taboola.com	124 KB
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	turn.com 1 redirects ad.turn.com	518 B
1	quantserve.com 1 redirects pixel.quantserve.com	543 B
1	mathtag.com 1 redirects sync.mathtag.com	679 B
1	simpli.fi um.simpli.fi	611 B
1	zeotap.com mwzeom.zeotap.com	596 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	criteo.com dis.criteo.com	284 B
1	googleadservices.com www.googleadservices.com	12 KB
1	media.net 1 redirects cs.media.net	1 KB
1	impdesk.com pix.impdesk.com	86 B
1	daum.net analytics.ad.daum.net	571 B
1	toast.com ace-sync.toast.com	650 B
1	tremorhub.com partners.tremorhub.com	183 B
600	72

	Domain	Requested by
60	pagead2.googlesyndication.com	www.tinthethao.com.vn 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com securepubads.g.doubleclick.net imasdk.googleapis.com
59	media.tinthethao.com.vn	www.tinthethao.com.vn
49	s0.2mdn.net	imasdk.googleapis.com 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com www.tinthethao.com.vn s0.2mdn.net
47	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.tinthethao.com.vn 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net player.aniview.com imasdk.googleapis.com
37	cm.g.doubleclick.net	20 redirects googleads.g.doubleclick.net www.tinthethao.com.vn 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
36	www.tinthethao.com.vn	1 redirects www.tinthethao.com.vn
21	googleads.g.doubleclick.net	0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com www.tinthethao.com.vn googleads.g.doubleclick.net www.googleadservices.com imasdk.googleapis.com
17	imasdk.googleapis.com	embed.dugout.com imasdk.googleapis.com player.aniview.com
16	www.parship.ch	hal900012.redintelligence.net www.parship.ch eum.instana.io
15	dsum-sec.casalemedia.com	9 redirects googleads.g.doubleclick.net
13	www.googletagservices.com	www.tinthethao.com.vn securepubads.g.doubleclick.net 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
12	prd.jwpltx.com
12	cct.connects.ch	8 redirects 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com hal900017.redintelligence.net
12	www.awin1.com	8 redirects hal900028.redintelligence.net 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com hal90001.redintelligence.net
12	googleads4.g.doubleclick.net	www.tinthethao.com.vn
11	0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
10	pubads.g.doubleclick.net	imasdk.googleapis.com
9	videos-cloudflare.jwpsrv.com	ssl.p.jwpcdn.com
9	www.google.com	www.tinthethao.com.vn 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
9	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.tinthethao.com.vn
8	simage2.pubmatic.com	image6.pubmatic.com ads.pubmatic.com
8	hal9000.redintelligence.net	0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com hal900028.redintelligence.net hal90001.redintelligence.net hal900012.redintelligence.net hal900017.redintelligence.net
8	sync.search.spotxchange.com	6 redirects googleads.g.doubleclick.net
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.tinthethao.com.vn
7	ssl.p.jwpcdn.com	embed.dugout.com
6	image2.pubmatic.com	image6.pubmatic.com ads.pubmatic.com
6	tt.onthe.io	cdn.onthe.io
5	track1.aniview.com	player.aniview.com
5	www.conrad.ch	1 redirects hal900012.redintelligence.net hal900017.redintelligence.net
5	hal900012.redintelligence.net	1 redirects 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com hal900012.redintelligence.net
5	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
5	www.googletagmanager.com	www.tinthethao.com.vn embed.dugout.com www.parship.ch www.googletagmanager.com
4	streamlyn-d.openx.net	2 redirects
4	fonts.gstatic.com	fonts.googleapis.com
4	www.adtracker.ch	hal900028.redintelligence.net hal90001.redintelligence.net hal900012.redintelligence.net hal900017.redintelligence.net
4	fonts.googleapis.com	hal900028.redintelligence.net hal90001.redintelligence.net hal900012.redintelligence.net hal900017.redintelligence.net
4	hal900017.redintelligence.net	1 redirects 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com hal900017.redintelligence.net
4	ups.analytics.yahoo.com	3 redirects googleads.g.doubleclick.net
4	www.google.de	www.tinthethao.com.vn
4	perf.dugout.com	embed.dugout.com
4	cdn.jwplayer.com	2 redirects embed.dugout.com ssl.p.jwpcdn.com
3	ade.googlesyndication.com
3	x.bidswitch.net	3 redirects
3	ads.pubmatic.com	vpaid.pubmatic.com ads.pubmatic.com
3	csi.gstatic.com	imasdk.googleapis.com
3	www.elitepartner.ch	hal900017.redintelligence.net www.elitepartner.ch
3	hal90001.redintelligence.net	hal9000.redintelligence.net hal90001.redintelligence.net
3	hal900028.redintelligence.net	hal9000.redintelligence.net hal900028.redintelligence.net
3	rtb-csync.smartadserver.com	1 redirects googleads.g.doubleclick.net image6.pubmatic.com
3	pixel.advertising.com	3 redirects
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com www.tinthethao.com.vn
3	assets-jpcust.jwpsrv.com	www.tinthethao.com.vn
3	ss.yomedia.vn	1 redirects www.tinthethao.com.vn ss.yomedia.vn
2	video-ads.rubiconproject.com	imasdk.googleapis.com
2	pixel-sync.sitescout.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	a.sportradarserving.com	2 redirects
2	c1.adform.net	2 redirects
2	match.adsrvr.org	2 redirects
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	vpaid.pubmatic.com	player.aniview.com
2	eum-eu-west-1.instana.io	eum.instana.io
2	match.360yield.com	2 redirects
2	px.adhigh.net	2 redirects
2	pm.w55c.net	2 redirects
2	www.linsenkontakt.ch	hal900028.redintelligence.net hal90001.redintelligence.net
2	trf.greatviews.de	2 redirects
2	www.zenaps.com	2 redirects
2	cdnjs.cloudflare.com	s0.2mdn.net
2	ads.stickyadstv.com	1 redirects googleads.g.doubleclick.net
2	ads.yahoo.com	2 redirects
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	api.dable.io	static.dable.io
2	stats.g.doubleclick.net	www.google-analytics.com
2	cdn.taboola.com	www.tinthethao.com.vn cdn.taboola.com
1	analytics.yomedia.vn	ss.yomedia.vn
1	optimized-by.rubiconproject.com	video-ads.rubiconproject.com
1	grid.bidswitch.net	imasdk.googleapis.com
1	aktrack.pubmatic.com
1	vid.pubmatic.com	vpaid.pubmatic.com
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	match.adsby.bidtheatre.com	1 redirects
1	ad.turn.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	sync.mathtag.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	image6.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	gov.aniview.com	player.aniview.com
1	player.aniview.com	imasdk.googleapis.com
1	vast.aniview.com	imasdk.googleapis.com
1	www.googleadservices.com	www.googletagmanager.com
1	tms.parship.ch	www.parship.ch
1	eum.instana.io	www.parship.ch
1	cs.media.net	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	pix.impdesk.com	0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
1	adx.dable.io	www.tinthethao.com.vn
1	analytics.ad.daum.net	www.tinthethao.com.vn
1	ace-sync.toast.com	www.tinthethao.com.vn
1	partners.tremorhub.com	googleads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	entitlements.jwplayer.com	embed.dugout.com
1	static.dable.io	www.tinthethao.com.vn
1	embed.dugout.com	www.tinthethao.com.vn
1	cdn.onthe.io	www.tinthethao.com.vn
0	image4.pubmatic.com Failed	ads.pubmatic.com
600	115

This site contains links to these domains. Also see Links.

Domain
www.bongda.com.vn
www.youtube.com
plus.google.com
www.facebook.com

Subject Issuer	Validity	Valid
*.tinthethao.com.vn Sectigo RSA Domain Validation Secure Server CA	`2020-12-05` - `2021-12-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.onthe.io Sectigo RSA Domain Validation Secure Server CA	`2020-04-07` - `2021-06-06`	a year	crt.sh
dugout.com Amazon	`2020-07-02` - `2021-08-02`	a year	crt.sh
*.yomedia.vn Go Daddy Secure Certificate Authority - G2	`2020-09-10` - `2021-10-12`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
static.dable.io R3	`2021-01-12` - `2021-04-12`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
jwplayer.com Amazon	`2021-01-29` - `2022-02-26`	a year	crt.sh
jwplayer.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-24` - `2021-04-25`	a year	crt.sh
entitlements.jwplayer.com GeoTrust RSA CA 2018	`2020-04-27` - `2022-04-28`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
videos-cloudflare.jwpsrv.com Cloudflare Inc ECC CA-3	`2020-07-05` - `2021-07-05`	a year	crt.sh
*.dable.io Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
teads.tv R3	`2021-02-12` - `2021-05-13`	3 months	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2019-03-20` - `2021-04-21`	2 years	crt.sh
*.toast.com Sectigo RSA Organization Validation Secure Server CA	`2020-05-12` - `2022-08-10`	2 years	crt.sh
ad.daum.net Thawte TLS RSA CA G1	`2021-01-07` - `2022-02-07`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-24` - `2021-04-20`	6 months	crt.sh
ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
redintelligence.net R3	`2020-12-21` - `2021-03-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
www.awin1.com DigiCert Secure Site ECC CA-1	`2020-04-21` - `2021-07-21`	a year	crt.sh
cct.connects.ch R3	`2021-01-10` - `2021-04-10`	3 months	crt.sh
www.conrad.ch Cloudflare Inc ECC CA-3	`2020-06-17` - `2021-06-17`	a year	crt.sh
www.parship.ch Cloudflare Inc ECC CA-3	`2020-07-05` - `2021-07-05`	a year	crt.sh
www.elitepartner.ch Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
adtracker.ch R3	`2021-01-25` - `2021-04-25`	3 months	crt.sh
www.linsenkontakt.ch Thawte RSA CA 2018	`2020-07-28` - `2021-07-29`	a year	crt.sh
pix.impdesk.com GTS CA 1D2	`2021-01-04` - `2021-04-04`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.instana.io DigiCert TLS RSA SHA256 2020 CA1	`2020-11-24` - `2021-12-25`	a year	crt.sh
tms.parship.de GeoTrust RSA CA 2018	`2020-11-10` - `2021-12-11`	a year	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2020-01-22` - `2021-04-22`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.semasio.net Sectigo ECC Domain Validation Secure Server CA	`2020-03-09` - `2021-03-27`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
grid.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-15` - `2021-10-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh

This page contains 66 frames:

Primary Page: https://www.tinthethao.com.vn/
Frame ID: 4C6F2F59305C20380697926A1B326A62
Requests: 194 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-80588940-15
Frame ID: 137049218DB37FB342A7E91217BDAE54
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
Frame ID: 6F8879272C4CB8EBC810A5392C96F27A
Requests: 20 HTTP requests in this frame

Frame: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 4F4B501114061ED7CEC26D1FF05A2CDD
Requests: 12 HTTP requests in this frame

Frame: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 74896511DE1A5FE13F44F18CA9D9DF54
Requests: 12 HTTP requests in this frame

Frame: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 40E2B1E65DBE54AA56DFC697D67D9A7C
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJ7_-ZYBMAE&v=APEucNVlYOqG7dSUWV_-ge2ob1ZlZvcrqNyMTw8oPHaVHPTmnXbNuJFemYApzWwQ7Cw9i5taIsO_Iuy7tQUptB9qc6K0s3QL1g
Frame ID: 280EE3822C8AD9EE3E9839DDC8882A92
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJ7_-ZYBMAE&v=APEucNVy0pebbuwKxQiFVcB8IxaXQynWSdJUWBWsL9cCeQr0nbt4HiHbyHb12LrgSzyWQl2Ob1F6wrQOgapWiNEPui4l0xvWvg
Frame ID: B90901AA07D18673E96F4E957676F62B
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJryqpcBMAE&v=APEucNXh4dxzs9YA_8mGaPANhL0Tp6dtV2SwIZIIDHrxjMo6pxIsc7kwJXXO0fWnzcVvM9fvqsBaK9SpsGQkCiC3LVbYzQlqDA
Frame ID: 600A4A2AEDE91F89D7F023CF4EAB5CD0
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A73DC0D2D86C881D1AC57834CA2E4F48
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1F3B919CB2E9FBF1A1A00B9A0E9AF34F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 52592F9B869363B2CC91EB1A30BB7381
Requests: 3 HTTP requests in this frame

Frame: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 91121134A5C5A51BE070660DFE97213A
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumqnvez4DyBBPpJSHDHoz7ttbyCftrAqKhW6VsjwdlQla7rNK8VGIObKwU61GMmWxmQa5w7OHVV6ZOFSrYYR6ca-eyUgxtdagSLU67r9WA7mBGIHNAlagv-lZOloP56_rAE723HAG8vzEIPylPA5ozDlfVehPTgR5RatMwbWrhsK-DLFatH4RbrVnjmJnlrtz4rkIN42cRkHuk5tZnbtAZflOnKkvl6lQfVyj3jDOkrferSQg-2VTQmFKNURnsPrdjGxxJRKbvbar2Tl25IsvlbZZMq97Nu2lKVItnr-ljWEsxmQFAQkurKAnpbnJQ8QV7qZB3AiGXEaM28XFdKxv9ovcBpmg&sai=AMfl-YSsKB5Btsm97-Co82-lOjPVp2jyJQyY6qN-BKAe7qOv3oE-Ol_SOCqqmDShsqS5IvNXkaUl-3VoBQFWYvNoc64nvmzi_sixT8fHfLrLyzGWBRG78B-Y625_aLOCvJQu&sig=Cg0ArKJSzNhKOR68R9HBEAE&urlfix=1&adurl=
Frame ID: 6B54AFE506B45888604F50955B222EB8
Requests: 5 HTTP requests in this frame

Frame: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: A918B7C5FFCB48C183C06A3A5DB1275B
Requests: 14 HTTP requests in this frame

Frame: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 995142006B5AAD59D4897BE4F73875F8
Requests: 12 HTTP requests in this frame

Frame: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 12B763C1E897F1765EB8914957244347
Requests: 14 HTTP requests in this frame

Frame: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: E8711A3B90425E9B679213C810CCC0C4
Requests: 13 HTTP requests in this frame

Frame: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 9D1C1C26A1EAB765EF29CB35AE9842F3
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNWSpFDJ94xP1zIDJCsFkvp-Ini73g04FDSUcTDU8BE5dHKCdttHeLOXEjzSUtJNEIp1Z6e27X62wYG8gIMO3R6PFqfaKw
Frame ID: 911592CE8FB7E663BEEDDAB9FC3C3CC0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDai_6TAhi5192cATAB&v=APEucNU6rtL0A1Fjaqiz81alXWUTBcEeze6ytO4Xv7fPn9ccUuKiHK-RMLQHjcJDEUaMdITsLGxGIMxS7hXydh0CT9wuwnNSTw
Frame ID: 74FE44F4D4295D4157732A65BF5F9563
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY4aXhOjAB&v=APEucNX1EFe27ZIXX2tExNdS0V89WX_vy5JsJ0oukRfi2l9eglTOkjOiVZRhE-034nJZhCLb1QNE2eMKwi15M6q6UpWR5l1axg
Frame ID: 55D8880FFFADF900E7A4EF1105C79F93
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDai_6TAhiMgNycATAB&v=APEucNWe8lUXcpAX0eaQCqV72rtBTBW571II1UcJrmuqbNkU4AIudgvpGtdZUSzhz0BH_yHEvaLY6KV2CeH-eozvBwZzqjugrw
Frame ID: 49CAF536F9D74E6555B9AED5A41AA2FC
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYn5PhOjAB&v=APEucNXHdkxyAuWTFXKcKBu0YgDhjyTd5b7Pga5vKeUOEMKKKtWQx9pgMGyp3fyfo71o1And6kTPb6DdGopBoRTUnDBKCRQBLg
Frame ID: 20FADE8219DC9109937B07A1F73276D7
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNXdN9NXrXeI-563NJuY2O4PTMyfv2V5yo3NuFS2bhiP2yA2byC3t-VIQQHuO4npZjr1lG2nK0B5OKWxRqTbMcDBnK8Ocw
Frame ID: 3D97112334117284613AA31980871053
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html
Frame ID: D32B727F9139B8D2B58615781E818E2D
Requests: 16 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html
Frame ID: 0A33FEA1DDFE9995C33D2949990E75B7
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D9446734B11CAF5B21CE70F6198B8BC8
Requests: 3 HTTP requests in this frame

Frame: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: F31BA918EE2E28D16ADC42550360852F
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F94D39334A941EF1180B4CDF33E79D8C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C326714646ACDC7FFC473062650A2D94
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 68349D03B7F402928FC842207DF38714
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F87F99F9D6A71BB3494F2D896A7E4064
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EDDF19517944CEF1E20E5CA8461CA79F
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIYBEOSudBj2xfyWATAB&v=APEucNUafwMRva5pKEMF4NFArGtxOHFekB_AuHqmgdyNouAm96AoJf5kkkHlx0kBaYs5a0jIVbVJu8Gxj32ajRyW6xl0fqEmKQ
Frame ID: 3BBC5E6A5022BB52067A8D86A9BCD9BE
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/4720433/1607533449862/index.html
Frame ID: CEB65BEACF0C5A659429F36CBB0B8611
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EADB8818D225B9A858BE1F0D16F19130
Requests: 8 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2347560&v=14114&q=358322&r=414915&pref1=86781900196382800710164011506028&pv=1
Frame ID: BBB57FE66F13C7BF8E5A23495760B102
Requests: 1 HTTP requests in this frame

Frame: https://hal900028.redintelligence.net/request_content.php?s=86781900196382800710164011506028&a=3cf9cfc5
Frame ID: F87D73B61639F4E47244DC93DED3DD51
Requests: 8 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2347560&v=14114&q=358322&r=414915&pref1=15486100244936000710152011506001&pv=1
Frame ID: EEB39370D154A6C98284ED6A802BC05C
Requests: 1 HTTP requests in this frame

Frame: https://hal90001.redintelligence.net/request_content.php?s=15486100244936000710152011506001&a=a495ecc0
Frame ID: 75D2D90EFD378FEF371A3E01D49D908C
Requests: 6 HTTP requests in this frame

Frame: https://www.conrad.ch/ztpv.php?insert=AW
Frame ID: EEE5142DFD1CBE6B04F836CA5A4B05DC
Requests: 1 HTTP requests in this frame

Frame: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
Frame ID: BE2F5DE984E1C8E034418AA9832CA9C4
Requests: 31 HTTP requests in this frame

Frame: https://hal900012.redintelligence.net/request_content.php?s=31603600207147300710152011506012&a=91dcff08
Frame ID: 5188984538B9FCC2E9BAC2E740975CF1
Requests: 7 HTTP requests in this frame

Frame: https://cct.connects.ch/public/12/images/1x1.gif?x=1&lea_source=2021021518503145075879447X116827V1507143201MS71761100242143300710156011506017
Frame ID: 08C9A1811B92E1B6714EADBB9880A449
Requests: 1 HTTP requests in this frame

Frame: https://www.elitepartner.ch/cms_lp/16/u/ht/index.html?pscode=03_120_60078_0001_0001_0001_empty_AF9306_414915_1613411431_4bec7211-6fb6-11eb-b15c-692d064d6d31ID_GV1613411424.5564004.47fb4834-6fb6-11eb-9148-00155d53a129ID
Frame ID: D329AEB26A8DFB879D303AB7E0517732
Requests: 3 HTTP requests in this frame

Frame: https://www.conrad.ch/ztpv.php?insert=AW
Frame ID: FF2114B983ABB88042D187A038AC1B07
Requests: 1 HTTP requests in this frame

Frame: https://hal900017.redintelligence.net/request_content.php?s=71761100242143300710156011506017&a=cdb2c97d
Frame ID: 4D722EB7757AFC62E569C35A970CA376
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 376A4A9038C4ACC0EF3852AF504F0C06
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 9E0F42C430E98852710BFF77F73CB8E9
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 2EA87AC7DDE4FAF78B35F86C9F0B8A6D
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/21871596757/VID-3bongda.com.vn-640x360%26description_url%3Dhttp%253A%252F%252Fbongda.com.vn%26tfcd%3D0%26npa%3D0%26sz%3D640x360%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3Dclick%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp&correlator=201168404241949151
Frame ID: 34BF0214474573DDA6133521438ACB04
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-video-pub-6968738577620513%26slotname%3DSPM_Streamlyn_bongda.com.vn_Desktop_Video_High_VAST%26ad_type%3Dvideo_text_image%26description_url%3Dhttp%253A%252F%252Fbongda.com.vn%26max_ad_duration%3D30000%26videoad_start_delay%3D0%26vpmute%3D0%26vpa%3Dclick%26channel%3Dvastadp
Frame ID: DD7A73463ADDB39C12CBDB9561EFFA83
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html
Frame ID: 761F73E5A013097DB6D392241F7FC31C
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html
Frame ID: 79A9D02602D90C734FC9F2E0D6684CAE
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-video-pub-9035087792692775%26slotname%3Dsl_bongda.com.vn_vast_dsk%26ad_type%3Dvideo_text_image%26description_url%3Dhttps%253A%252F%252Fwww.bongda.com.vn%252F%26max_ad_duration%3D30000%26sdmax%3D30000%26videoad_start_delay%3D0%26vpmute%3D0%26vpa%3Dclick%26channel%3Dvastadp
Frame ID: C6DF5DFE61FE70C7CDE12F6105E587ED
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821
Frame ID: 508D2110ECE94938AD3490BA8E779B7E
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 8A903389BF91137D3463D148A4672CFD
Requests: 22 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html
Frame ID: 501596ED3713BC89CC2AFD6050FD32DA
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 77CDF02F00EAA4EA424C77977A1C7895
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9201024776293087844
Frame ID: 417FEEBD47573614976C4D197A252CD0
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABdJU7AVWkAABBRG0gBmA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: 41968581C540488F3EBF29342F62A3EC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6929549352618293398
Frame ID: C868CBE8850E833DC5E1BE447C9A4346
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 178BB18C625FF2681F3ACB60BB50CB23
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: E80A28EC21080C98263AB3696954F2B4
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html
Frame ID: 376628CFA67F7F9504CBB38338AF54F5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.tinthethao.com.vn/ HTTP 301
https://www.tinthethao.com.vn/ Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

FancyBox (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery\.fancybox(?:\.pack|\.min)?\.js(?:\?v=([\d.]+))?$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i
script /owl\.carousel.*\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery\.fancybox(?:\.pack|\.min)?\.js(?:\?v=([\d.]+))?$/i
html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i
script /owl\.carousel.*\.js/i

Page Statistics

600
Requests

99 %
HTTPS

32 %
IPv6

72
Domains

115
Subdomains

81
IPs

13
Countries

8647 kB
Transfer

18637 kB
Size

36
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://www.bongda.com.vn/
Title: Báo bóng đá

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCUrfCMHWF5VE_UkM7PDzwUg
Title:

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/+B%C3%B3ng%C4%90%C3%A1Community/posts
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TinTheThao.com.vn
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.tinthethao.com.vn/ HTTP 301
https://www.tinthethao.com.vn/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://ss.yomedia.vn/js/1/160/ads.js HTTP 301
https://ss.yomedia.vn/js/ads.js

Request Chain 111

https://cdn.jwplayer.com/strips/AwMtC3La-120.vtt HTTP 301
https://assets-jpcust.jwpsrv.com/strips/AwMtC3La-120.vtt

Request Chain 115

https://cdn.jwplayer.com/v2/media/AwMtC3La/poster.jpg?width=720 HTTP 302
https://assets-jpcust.jwpsrv.com/thumbnails/dcm4cf32-720.jpg

Request Chain 141

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1613411428557&ns_c=UTF-8&cv=3.5&c8=TinTheThao.com.vn%20-%20Tin%20t%E1%BB%A9c&c7=https%3A%2F%2Fwww.tinthethao.com.vn%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1613411428557&ns_c=UTF-8&cv=3.5&c8=TinTheThao.com.vn%20-%20Tin%20t%E1%BB%A9c&c7=https%3A%2F%2Fwww.tinthethao.com.vn%2F&c9=&cs_ak_ss=1

Request Chain 208

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1&C=1

Request Chain 209

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_hm=YCq0ZaIjSqRWhfO7Y2KxQwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1

Request Chain 211

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1&C=1

Request Chain 212

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_hm=YCq0ZaIjSqRWhfO7Y2KxQwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1

Request Chain 214

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1&C=1

Request Chain 215

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_hm=YCq0ZaIjSqRWhfO7Y2KxQwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1

Request Chain 276

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_sc&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFK9XOv1YPQX_aftf10p4r0&google_cver=1

Request Chain 277

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkyNjkzNDI1NjYwODQyOTY2OA%3D%3D

Request Chain 278

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE5R2gxs9lv3Gq4LBOKCcL0&google_cver=1

Request Chain 279

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjA0MzNkMmQtNjQwNi0yMzFmLWYyNWYtYjcxNjM1MGYyOGFi

Request Chain 288

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_sc&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEIycXJ0tal-tgfHRoheoRhw&google_cver=1

Request Chain 289

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjZhNTgxYzJiZDM2Y2UwNTdjYzU3MDg5ZWQ2OTVjZWFmMWE5N2U0Yg==

Request Chain 290

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_sc&google_dbm HTTP 302
https://partners.tremorhub.com/sync?UIGL=CAESEIOfOxDk5a92TJgvYesp7yE&google_cver=1

Request Chain 293

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELpVw0RMD7rLADR8qYA-BPc&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELpVw0RMD7rLADR8qYA-BPc&google_cver=1&__user_check__=1&sync_id=4b6808a0-6fb6-11eb-9490-197e22df1606

Request Chain 294

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=4b35009f-6fb6-11eb-a89f-1f0541443006 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NGIzNzVhM2QtNmZiNi0xMWViLWFmNGMtMTQxNDg0MzMzOTA2

Request Chain 295

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1 HTTP 302
https://googleads.g.doubleclick.net/xbbe/match?xid=E0

Request Chain 296

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELpVw0RMD7rLADR8qYA-BPc&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELpVw0RMD7rLADR8qYA-BPc&google_cver=1&__user_check__=1&sync_id=4b440226-6fb6-11eb-9849-14e583301806

Request Chain 297

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=4b375a8a-6fb6-11eb-af4c-141484333906 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NGIzNzVhM2QtNmZiNi0xMWViLWFmNGMtMTQxNDg0MzMzOTA2

Request Chain 298

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1 HTTP 302
https://googleads.g.doubleclick.net/xbbe/match?xid=E0

Request Chain 302

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm HTTP 302
https://adx.dable.io/pixel/google?google_gid=CAESEG1oa9ForBYFgMMd5zm1EEQ&google_cver=1

Request Chain 304

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_sc&google_dbm&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESEPPIUcPCUYudC2uNXMWUOug&_origin=1&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEPPIUcPCUYudC2uNXMWUOug&_origin=1&google_cver=1&apid=UP4b33a9a5-6fb6-11eb-a202-062a41297586

Request Chain 305

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP4b33a9a5-6fb6-11eb-a202-062a41297586 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA0YjMzYTlhNS02ZmI2LTExZWItYTIwMi0wNjJhNDEyOTc1ODY%3D

Request Chain 306

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0xR1FhSGxOMWwyWXJkSU5saTV0bGpDbWJiWlhkVFg0dA%3D%3D

Request Chain 310

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_sc&google_dbm HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEAsPkHGG6zK62MHiRA7aGtQ&google_cver=1

Request Chain 311

https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YmMxM2Y3NTc2OGM0OTM3MGEzODg4NGZlMjdhMzIzOTM=&gdpr=0&gdpr_consent=

Request Chain 312

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_dbm HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEAEBLmwGsLEjYHJPPIv7CWA&google_cver=1

Request Chain 313

https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_hm=ODk0MTQxMTIxMzU5NTM4MTQ0MQ== HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEAEBLmwGsLEjYHJPPIv7CWA&google_cver=1

Request Chain 359

https://hal900012.redintelligence.net/request.php?zone=jaca9pdc7b7l&nw=20&renderingType=javascript&namespace=bfebb1a4ac&subid=&uid=bfe1da1287ec4494&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCBt5eZLQqYPyVGcWo7gOe75TACOS0qoNXl8qo_64H8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBNYBT9B9BwHGGnsrVgL7gyhkDFBPOWav5TLkRP6SD_7IMYZ8cIrSrW0caJY_3sXX-SaI3AFYUq7KdRTh9Cw0HWM9BJKcFn51OEey4gTSAcz-hdBWDcxs0OUZW7BluIAJcfgBVOHGHs0GgdBmxbNHN97eE6Fz2A4sxcswIkZPiOhVT6FS2EdtrdAexO_JaY6eCkIDrGdpmr4lLv6MT48_gf2kjPBhck8letdpX1Ldi_8ZT_4Zm-qE-HLUKqUlZBSf8u0i3YT7IEIHqFqgqTZuREbY9xKiQkhgBcAE5ZTf0c4B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00MTk3ODQ0NzAyMDE3MzA1gAoDmAsByAsBgAwBsBOFwLUK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoVRkKb1TiSC-RlGAHCVDfynMw_glRGLHcdz59eagE6lHUwWYvm2EB7168jpSVKxMU7Jb8B9Y0cuH-to0%26sig%3DAOD64_0z9xxZq8mN4TWob0fn_w92_0mOsA%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-DVFne3XLMnBjHM9doZ87gonMY81WF8YclE8CjHhKFn0D_EfsnmzGz9MshIWkg1GCNKuqa655IllzsY5UnzFThaazaQfkbDquy_FNCRuYpf3pIh0j00FlrGnCEvtOI4PsGTNNVO9CXS_vcovEOyzxT8FcUUwQ%26cry%3D1%26dbm_d%3DAKAmf-CCi3I3W6Nmk4421_vEyryeqIUcl6VsXRpzWYE2_BN-ysiQtHqsXb-DBxbfA7KYgW9VsmCSE6qOtkrUGV-iTrruhL6MF0bUMnN6BVGCfSshDosEE0XPXhtV9qd5pSdpwaC7BCZzcynUAUhUs0szDqLhcKrlvEo-FJQmtFoKFSgihKxtBAAUfr3xlL0ZRlW0LsTkIPJxIUU69lYndQ_QtwFyc_YHemJVvpkSgAORfyB505Lt9RkzK1Xmo3lx_GX0sLeNnv8aijf9rxjwyQT4my7t-iB5fEp1MlEKQeE7-ABVRLiWJtDkGEszZqdr3OjrOBbWB_Aj6DW5Ex_OlFzKuaWpP3pTRI6sz-xYV31NFF1bJygUqy2gc0uqFZeJi6_pLjCiC4k5sKcK9Cb4HUMWNehoNOUEe7cuHXrErj15u46LxHfwXupvS_qSUvkBNBGOMVz4C5D4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tinthethao.com.vn%2F&ancestorOrigins=https%3A%2F%2Fwww.tinthethao.com.vn&random=3765720953986&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
https://hal900012.redintelligence.net/request.php?zone=jaca9pdc7b7l&nw=20&renderingType=javascript&namespace=bfebb1a4ac&subid=&uid=bfe1da1287ec4494&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCBt5eZLQqYPyVGcWo7gOe75TACOS0qoNXl8qo_64H8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBNYBT9B9BwHGGnsrVgL7gyhkDFBPOWav5TLkRP6SD_7IMYZ8cIrSrW0caJY_3sXX-SaI3AFYUq7KdRTh9Cw0HWM9BJKcFn51OEey4gTSAcz-hdBWDcxs0OUZW7BluIAJcfgBVOHGHs0GgdBmxbNHN97eE6Fz2A4sxcswIkZPiOhVT6FS2EdtrdAexO_JaY6eCkIDrGdpmr4lLv6MT48_gf2kjPBhck8letdpX1Ldi_8ZT_4Zm-qE-HLUKqUlZBSf8u0i3YT7IEIHqFqgqTZuREbY9xKiQkhgBcAE5ZTf0c4B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00MTk3ODQ0NzAyMDE3MzA1gAoDmAsByAsBgAwBsBOFwLUK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoVRkKb1TiSC-RlGAHCVDfynMw_glRGLHcdz59eagE6lHUwWYvm2EB7168jpSVKxMU7Jb8B9Y0cuH-to0%26sig%3DAOD64_0z9xxZq8mN4TWob0fn_w92_0mOsA%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-DVFne3XLMnBjHM9doZ87gonMY81WF8YclE8CjHhKFn0D_EfsnmzGz9MshIWkg1GCNKuqa655IllzsY5UnzFThaazaQfkbDquy_FNCRuYpf3pIh0j00FlrGnCEvtOI4PsGTNNVO9CXS_vcovEOyzxT8FcUUwQ%26cry%3D1%26dbm_d%3DAKAmf-CCi3I3W6Nmk4421_vEyryeqIUcl6VsXRpzWYE2_BN-ysiQtHqsXb-DBxbfA7KYgW9VsmCSE6qOtkrUGV-iTrruhL6MF0bUMnN6BVGCfSshDosEE0XPXhtV9qd5pSdpwaC7BCZzcynUAUhUs0szDqLhcKrlvEo-FJQmtFoKFSgihKxtBAAUfr3xlL0ZRlW0LsTkIPJxIUU69lYndQ_QtwFyc_YHemJVvpkSgAORfyB505Lt9RkzK1Xmo3lx_GX0sLeNnv8aijf9rxjwyQT4my7t-iB5fEp1MlEKQeE7-ABVRLiWJtDkGEszZqdr3OjrOBbWB_Aj6DW5Ex_OlFzKuaWpP3pTRI6sz-xYV31NFF1bJygUqy2gc0uqFZeJi6_pLjCiC4k5sKcK9Cb4HUMWNehoNOUEe7cuHXrErj15u46LxHfwXupvS_qSUvkBNBGOMVz4C5D4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tinthethao.com.vn%2F&ancestorOrigins=https%3A%2F%2Fwww.tinthethao.com.vn&random=3765720953986&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1

Request Chain 360

https://hal900017.redintelligence.net/request.php?zone=fmcs5wnh4tfi&nw=20&renderingType=javascript&namespace=b4e946282d&subid=&uid=c07f69f3a765c901&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKZlOZLQqYP-VGcWo7gOe75TACOS0qoNXmuHOw60K8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBN0BT9Bw9zE5nenPqPRlffpUQSyowuEL1CDoxETDNt2bOaFW1tmN19JAK0eLO9ot2GlXlFIojybiUm5RG5j33ssxWeKq0QRJr4y1x9MIqKxNmeI41AtuhcdUS92n92L7QpjPF1RgSCUb67SuoQEvaDRONm1oauN6tjFhP7ioSlnyzQI7tEWbN1315ef7yAfz7xgHb_FgHq5w8QX6r4Hubla3kfGN1lPdfexV77uv504-gUXEUnY1ASGCcXMVrrTD-UUZqCK5KOjqxdX6JynEKw4wS7HpBhQH4Z22NvezFdbABOWU39HOAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBAEAEYHfIIG2FkeC1zdWJzeW4tNDE5Nzg0NDcwMjAxNzMwNYAKA5gLAcgLAYAMAbAThcC1CtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoRSCA6VJYeKpENUvMvhFGu0L7lAYgeOjM69wY5qPrO_WIZdii0VZW5H8DZjEP-8HmqV3Zp_FFNq1FyNg%26sig%3DAOD64_32D9-Cj8UiRvYY12yT2TOlDyzqNQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-CGVXe5fYh_qkecv1He4Usl87lzY_we1Dz-cbzsb470UtATWi18dfE-ZqDpuqAKZM2cNv0fFQg6iQmpom45wEkIHMX3OWLb8e84Q6hnTdBbBoLn9B604lOPHO5FmUbaiiH-gA1XXbfnhkYQWkPNZOvLVtBwqg%26cry%3D1%26dbm_d%3DAKAmf-BsvvcDxMPBtcpClkDfkTqOmFObHS4BsEXdzR26913Qw_ktkfWgfIo7mbL0XEcnu-GHYsARhUDJeMU6Z22VnqknaJnR0QDGpKrMEWL8SGMSrOMo1wuxEjpACYAAAkvv21GGAC2l9m_I_7szQa0_kwzFzXvjumrW-jak4Vo28ALnwS8_SI26u5Ex9Wge_PJEl18hs2YEsZWw54xvfcDBfV4z8TTpUvIQsOX4eOBbwetzgmWzyhw3Rs8vVh-3MAjqTyzCkuaQ_NNmouuLt0qgHvN7BaylUwN6onl1gg3gWuVWMzr87eLf5UBAp2QNpQNxNmoEVlh5MKDzwSotRW2MKEyoMY6vuvk_rKBX0P8yC1f6TddBkOlAqQhBEqUaOIC0JZRpafKlrXJ6ho64iTVhUdNqqMV9S0LTV619R5ieicHCDJO_la4rkKJaWQYO3xg-xpObU7ba%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tinthethao.com.vn%2F&ancestorOrigins=https%3A%2F%2Fwww.tinthethao.com.vn&random=8847694358455&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
https://hal900017.redintelligence.net/request.php?zone=fmcs5wnh4tfi&nw=20&renderingType=javascript&namespace=b4e946282d&subid=&uid=c07f69f3a765c901&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKZlOZLQqYP-VGcWo7gOe75TACOS0qoNXmuHOw60K8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBN0BT9Bw9zE5nenPqPRlffpUQSyowuEL1CDoxETDNt2bOaFW1tmN19JAK0eLO9ot2GlXlFIojybiUm5RG5j33ssxWeKq0QRJr4y1x9MIqKxNmeI41AtuhcdUS92n92L7QpjPF1RgSCUb67SuoQEvaDRONm1oauN6tjFhP7ioSlnyzQI7tEWbN1315ef7yAfz7xgHb_FgHq5w8QX6r4Hubla3kfGN1lPdfexV77uv504-gUXEUnY1ASGCcXMVrrTD-UUZqCK5KOjqxdX6JynEKw4wS7HpBhQH4Z22NvezFdbABOWU39HOAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBAEAEYHfIIG2FkeC1zdWJzeW4tNDE5Nzg0NDcwMjAxNzMwNYAKA5gLAcgLAYAMAbAThcC1CtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoRSCA6VJYeKpENUvMvhFGu0L7lAYgeOjM69wY5qPrO_WIZdii0VZW5H8DZjEP-8HmqV3Zp_FFNq1FyNg%26sig%3DAOD64_32D9-Cj8UiRvYY12yT2TOlDyzqNQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-CGVXe5fYh_qkecv1He4Usl87lzY_we1Dz-cbzsb470UtATWi18dfE-ZqDpuqAKZM2cNv0fFQg6iQmpom45wEkIHMX3OWLb8e84Q6hnTdBbBoLn9B604lOPHO5FmUbaiiH-gA1XXbfnhkYQWkPNZOvLVtBwqg%26cry%3D1%26dbm_d%3DAKAmf-BsvvcDxMPBtcpClkDfkTqOmFObHS4BsEXdzR26913Qw_ktkfWgfIo7mbL0XEcnu-GHYsARhUDJeMU6Z22VnqknaJnR0QDGpKrMEWL8SGMSrOMo1wuxEjpACYAAAkvv21GGAC2l9m_I_7szQa0_kwzFzXvjumrW-jak4Vo28ALnwS8_SI26u5Ex9Wge_PJEl18hs2YEsZWw54xvfcDBfV4z8TTpUvIQsOX4eOBbwetzgmWzyhw3Rs8vVh-3MAjqTyzCkuaQ_NNmouuLt0qgHvN7BaylUwN6onl1gg3gWuVWMzr87eLf5UBAp2QNpQNxNmoEVlh5MKDzwSotRW2MKEyoMY6vuvk_rKBX0P8yC1f6TddBkOlAqQhBEqUaOIC0JZRpafKlrXJ6ho64iTVhUdNqqMV9S0LTV619R5ieicHCDJO_la4rkKJaWQYO3xg-xpObU7ba%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tinthethao.com.vn%2F&ancestorOrigins=https%3A%2F%2Fwww.tinthethao.com.vn&random=8847694358455&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1

Request Chain 381

https://cct.connects.ch/tpv.php?t=116827V1869151989B&subid=86781900196382800710164011506028 HTTP 302
https://cct.connects.ch/images/spacer.gif

Request Chain 386

https://cct.connects.ch/tpv.php?t=116827V1869151989B&subid=15486100244936000710152011506001 HTTP 302
https://cct.connects.ch/images/spacer.gif

Request Chain 389

https://www.awin1.com/cshow.php?s=2246541&v=11482&q=346449&r=414915&pref1=31603600207147300710152011506012&pv=1 HTTP 302
https://www.zenaps.com/cshow.php?pvr=4bdae5e0-6fb6-11eb-975f-692d0f3afe45&v=11482&r=414915&q=346449&s=2246541&viewref=31603600207147300710152011506012&pv=1 HTTP 302
https://www.conrad.ch/ztpv.php?insert=AW

Request Chain 390

https://www.awin1.com/cshow.php?s=2524213&v=11690&q=377451&r=414915&pref1=31603600207147300710152011506012&pv=1 HTTP 302
https://www.zenaps.com/cshow.php?pvr=4bdabed0-6fb6-11eb-b15c-692d064d6d31&v=11690&r=414915&q=377451&s=2524213&viewref=31603600207147300710152011506012&pv=1 HTTP 302
https://trf.greatviews.de/cl?m315=c&q=bcFmSNwtSyFj8cl6fn8v8CX8&pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV00ID HTTP 302
https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID

Request Chain 392

https://cct.connects.ch/tpv.php?t=116827V1410150335B&subid=31603600207147300710152011506012 HTTP 302
https://cct.connects.ch/images/spacer.gif

Request Chain 395

https://cct.connects.ch/tpv.php?t=116827C1507143201M&subid=71761100242143300710156011506017 HTTP 302
https://cct.connects.ch/public/12/images/1x1.gif?x=1&lea_source=2021021518503145075879447X116827V1507143201MS71761100242143300710156011506017

Request Chain 396

https://www.awin1.com/cshow.php?s=2520058&v=9306&q=377095&r=414915&pref1=71761100242143300710156011506017&pv=1 HTTP 302
https://trf.greatviews.de/cl?m315=c&q=Grv3XWaQiME2c3i18P5mgkhg&pscode=03_120_60078_0001_0001_0001_empty_AF9306_414915_1613411431_4bec7211-6fb6-11eb-b15c-692d064d6d31ID_GV00ID HTTP 302
https://www.elitepartner.ch/cms_lp/16/u/ht/index.html?pscode=03_120_60078_0001_0001_0001_empty_AF9306_414915_1613411431_4bec7211-6fb6-11eb-b15c-692d064d6d31ID_GV1613411424.5564004.47fb4834-6fb6-11eb-9148-00155d53a129ID

Request Chain 397

https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=71761100242143300710156011506017&pv=1 HTTP 302
https://www.conrad.ch/ztpv.php?insert=AW

Request Chain 411

https://cct.connects.ch/tb.php?t=116827V1869151989B&subid=86781900196382800710164011506028 HTTP 302
https://www.adtracker.ch/upload/modissa/chunky/CHUNKY_120x60.jpg

Request Chain 412

https://www.awin1.com/cshow.php?s=2347560&v=14114&q=358322&r=414915&pref1=86781900196382800710164011506028&pv=0 HTTP 302
https://www.linsenkontakt.ch/banner/120x60px_Linsenkontakt_a.png

Request Chain 418

https://cct.connects.ch/tb.php?t=116827V1869151989B&subid=15486100244936000710152011506001 HTTP 302
https://www.adtracker.ch/upload/modissa/chunky/CHUNKY_120x60.jpg

Request Chain 419

https://www.awin1.com/cshow.php?s=2347560&v=14114&q=358322&r=414915&pref1=15486100244936000710152011506001&pv=0 HTTP 302
https://www.linsenkontakt.ch/banner/120x60px_Linsenkontakt_a.png

Request Chain 422

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFwVDN0s0RxxjeC0L4Nj4hU&google_cver=1&google_push=AQvitUISxN53o94uqgNOGEK5ZAA41xD9LVDByCStrtSrEm64l95latdHfk6j0046HkZ6QTKFc4e2xwnztHyn1NbCAWA3rMIDZTL0 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFwVDN0s0RxxjeC0L4Nj4hU&google_cver=1&google_push=AQvitUISxN53o94uqgNOGEK5ZAA41xD9LVDByCStrtSrEm64l95latdHfk6j0046HkZ6QTKFc4e2xwnztHyn1NbCAWA3rMIDZTL0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S2FYTTg1c3ExTGJJMTE1&google_gid=CAESEFwVDN0s0RxxjeC0L4Nj4hU&google_cver=1&google_push=AQvitUISxN53o94uqgNOGEK5ZAA41xD9LVDByCStrtSrEm64l95latdHfk6j0046HkZ6QTKFc4e2xwnztHyn1NbCAWA3rMIDZTL0

Request Chain 423

https://px.adhigh.net/p/gm/rub?google_gid=CAESEFcTLuqCOUiNYnKVNYxadOA&google_cver=1&google_push=AQvitUKBhpEoaxgFsjeoRMopaOgy8K1_Ai4HwpgEQHZ7j7dBBdHmJ9Zi6nnYLb_qQ95lYEJZiPiqYWs7373dw3tN84a0wgDeHx3-4g HTTP 302
https://px.adhigh.net/p/gm/rub?google_gid=CAESEFcTLuqCOUiNYnKVNYxadOA&google_cver=1&google_push=AQvitUKBhpEoaxgFsjeoRMopaOgy8K1_Ai4HwpgEQHZ7j7dBBdHmJ9Zi6nnYLb_qQ95lYEJZiPiqYWs7373dw3tN84a0wgDeHx3-4g&bounced=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AQvitUKBhpEoaxgFsjeoRMopaOgy8K1_Ai4HwpgEQHZ7j7dBBdHmJ9Zi6nnYLb_qQ95lYEJZiPiqYWs7373dw3tN84a0wgDeHx3-4g&google_hm=ZOjq8bM-LosAAikABlF3ptB3Gw%3D%3D

Request Chain 425

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDtFaHDKME7Ba6h4pmfdt_M&google_cver=1&google_push=AQvitUKZzCVbQHTsffUAcYKma-M5AGEg1ZDnIR0_c4Hk6e7ny2i-xGvlkJYGouQOEl_TBRb_hkMTaF3hnZgatqgYMZtMN2IJoOQ-kA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0w2VklDN08tRS1NRTVI&google_push=AQvitUKZzCVbQHTsffUAcYKma-M5AGEg1ZDnIR0_c4Hk6e7ny2i-xGvlkJYGouQOEl_TBRb_hkMTaF3hnZgatqgYMZtMN2IJoOQ-kA

Request Chain 426

https://match.360yield.com/match/ebda?google_gid=CAESEPbI5MCkxqK2ySSVVd4ormI&google_cver=1&google_push=AQvitULssGrKtVa31M5ovMY0fjfdNhKWjRy_H4HNlIV__oixv62Atu_qBlXkmNvd5QjA80yEvtnyeNTV_Pr1nTyEtzT6QNpdiFVblw HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEPbI5MCkxqK2ySSVVd4ormI&google_cver=1&google_push=AQvitULssGrKtVa31M5ovMY0fjfdNhKWjRy_H4HNlIV__oixv62Atu_qBlXkmNvd5QjA80yEvtnyeNTV_Pr1nTyEtzT6QNpdiFVblw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=EhMl2MiPSO66QQkxHymHbA&google_push=AQvitULssGrKtVa31M5ovMY0fjfdNhKWjRy_H4HNlIV__oixv62Atu_qBlXkmNvd5QjA80yEvtnyeNTV_Pr1nTyEtzT6QNpdiFVblw

Request Chain 427

https://cs.media.net/cksync?type=g&google_gid=CAESEAixW4KEfoAwMR9WHUqkhBc&google_cver=1&google_push=AQvitUJnDIGpGaD_u95MB0Nfi_FicvAL9uSEMq8uZKIwXAcmTqCo9UqEqnoE4jx7Ys78kjjbcgWksXq8H0RsV6ZY2tdKJEi_9tUG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjU2NDEzMDMxNTM0ODMyMzAwMFYxMA%3d%3d&mn_hm=MjU2NDEzMDMxNTM0ODMyMzAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUJnDIGpGaD_u95MB0Nfi_FicvAL9uSEMq8uZKIwXAcmTqCo9UqEqnoE4jx7Ys78kjjbcgWksXq8H0RsV6ZY2tdKJEi_9tUG

Request Chain 430

https://cct.connects.ch/tb.php?t=116827V1410150335B&subid=31603600207147300710152011506012 HTTP 302
https://www.adtracker.ch/upload/Zizzz/Bilder/pied120x60.jpg

Request Chain 431

https://www.awin1.com/cshow.php?s=2246541&v=11482&q=346449&r=414915&pref1=31603600207147300710152011506012&pv=0 HTTP 302
https://www.conrad.ch/affiliate/scripts/aktionsbanner/cch_initialise_affiliate_banner.php?width=120&height=060&language=fr HTTP 302
https://www.conrad.ch/affiliate/banner/classic/120x060fr.gif

Request Chain 434

https://cct.connects.ch/tb.php?t=116827V1507143181B&subid=71761100242143300710156011506017 HTTP 302
https://www.adtracker.ch/upload/haushobby/banner/Logo/Logo120x60.jpg

Request Chain 436

https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=71761100242143300710156011506017&pv=0 HTTP 302
https://www.conrad.ch/affiliate/banner/logos_b2c/Conrad_Logo_120x60.jpg

Request Chain 512

https://streamlyn-d.openx.net/v/1.0/av?auid=543846815&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821&vwd=640&vht=480 HTTP 302
https://streamlyn-d.openx.net/v/1.0/av?cc=1&auid=543846815&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821&vwd=640&vht=480 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Request Chain 514

https://streamlyn-d.openx.net/v/1.0/av?auid=543846812&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821&vwd=640&vht=480 HTTP 302
https://streamlyn-d.openx.net/v/1.0/av?cc=1&auid=543846812&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821&vwd=640&vht=480 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTE1YzA3NzUtNjgyNi02MjE1LTYzZDEtYWU2YTZjZjk3MGYx

Request Chain 516

https://streamlyn-d.openx.net/v/1.0/av?auid=543846812&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821&vwd=640&vht=480 HTTP 302
https://streamlyn-d.openx.net/v/1.0/av?cc=1&auid=543846812&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821&vwd=640&vht=480

Request Chain 517

https://streamlyn-d.openx.net/v/1.0/av?auid=543846815&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821&vwd=640&vht=480 HTTP 302
https://streamlyn-d.openx.net/v/1.0/av?cc=1&auid=543846815&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821&vwd=640&vht=480

Request Chain 545

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9201024776293087844

Request Chain 546

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCZEpVN0FWV2tBQUJCUkcwZ0JtQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABdJU7AVWkAABBRG0gBmA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABdJU7AVWkAABBRG0gBmA&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABdJU7AVWkAABBRG0gBmA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID

Request Chain 547

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6929549352618293398

Request Chain 548

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HBzvPTt8Tfqcm63NPvXxbw%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 550

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 551

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F&addseg=31

Request Chain 552

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUMxQ0VGM0QtM0I3Qy00REZBLTlDOUItQURDRDNFRjVGMTZG&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 553

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKax3F9Oa0mYOvoMTJf4TFg&google_cver=1

Request Chain 555

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ede5ef4c-7e32-4781-8c9f-a65a1f047f64

Request Chain 556

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3746267366854243092

Request Chain 557

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:0b79602a-b46b-4100-a815-f1e6342bbdfa&gdpr=0&gdpr_consent=

Request Chain 558

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=145551011583213373&gdpr=0&gdpr_consent=

Request Chain 559

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-PuzSzyh1l2Kqf..48L0VF1Zd9bTsIbU-&gdpr=0&gdpr_consent=

Request Chain 561

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Qh5PTRYaS09ZH0VJQRpQHUxLHkhZGUkUEUhQxR_j

Request Chain 562

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=9808dcd5-dd83-4dd4-9bf9-324caedc58e5&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d7c38010-3261-4f3a-9b5a-f4ec7ea9bf60&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 563

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3211985724993871071&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 564

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YCq0bAAAAI6NojoG HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YCq0bAAAAI6NojoG&gdpr=0&gdpr_consent=&_test=YCq0bAAAAI6NojoG

Request Chain 565

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=356e956c-836d-428c-a81a-a80a3f2509ed-602ab46c-4348&gdpr=0&gdpr_consent=

Request Chain 566

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:6ab9927d-b837-4e39-a30a-5d8abb85ea46&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

600 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.tinthethao.com.vn/
Redirect Chain

http://www.tinthethao.com.vn/
https://www.tinthethao.com.vn/

146 KB
24 KB

1182ms
470ms

Document
text/html

203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15 / Explus.vn
Resource Hash: f9bad6acca2c3aef0c73a337cd6d0cd25436e3eddf6fd420658397466d336446

Request headers

Host: www.tinthethao.com.vn
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: PEN PEN/1.9.15
Date: Mon, 15 Feb 2021 17:50:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Pragma: no-cache
Expires: Tue, 16 Feb 2021 17:50:26 GMT
Cache-Control: max-age=86400 public
User-Cache-Control: max-age=1800
X-Fastcgi-Cache: HIT
X-Powered-By: Explus.vn
Content-Encoding: gzip

Redirect headers

Server: PEN PEN/1.9.15
Date: Mon, 15 Feb 2021 17:50:25 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://www.tinthethao.com.vn/

GET
H/1.1 200
OK explus.css
www.tinthethao.com.vn/lib/explus/ 13 KB
3 KB 238ms
237ms Stylesheet
text/css 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/lib/explus/explus.css?v=4
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 6ef81792f7482dd06ba78037c906acd84db33cd53928b7d19c40386ecec79134

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:26 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-3571"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK style.css
www.tinthethao.com.vn/templates/themes/css/ 101 KB
25 KB 489ms
250ms Stylesheet
text/css 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/templates/themes/css/style.css?v=2.1
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 89d200bef78ea86afd351013402e0904f5bd2bec56baf3422d16f98c66d33b80

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:26 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-193f0"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK font-awesome.min.css
www.tinthethao.com.vn/templates/themes/css/ 23 KB
6 KB 711ms
239ms Stylesheet
text/css 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/templates/themes/css/font-awesome.min.css
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 8bb541b69554c2b30196543bcc5d263f297473bb0737a535c6c5872f9cba5772

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-5ca9"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.bxslider.css
www.tinthethao.com.vn/templates/themes/css/ 4 KB
2 KB 711ms
239ms Stylesheet
text/css 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/templates/themes/css/jquery.bxslider.css
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 8d895000ee1ba62251ceeab5a1d3ab5e0fac8608079a8a0f99d6970f8ec6d1fd

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-113f"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.fancybox.css
www.tinthethao.com.vn/templates/themes/css/ 5 KB
2 KB 711ms
238ms Stylesheet
text/css 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/templates/themes/css/jquery.fancybox.css
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 2ee19371ad012893f5e8c4fb41fdcf514f467616c7f998a075dee344a48e4f4a

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-133e"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.countdown.css
www.tinthethao.com.vn/templates/themes/css/ 2 KB
1 KB 715ms
238ms Stylesheet
text/css 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/templates/themes/css/jquery.countdown.css
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: efb06d2d48721404d23c1f20df010d1a12762ccc2811241a2c79fd586441fb66

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-67d"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK exp.custom.css
www.tinthethao.com.vn/templates/themes/css/ 3 KB
2 KB 720ms
237ms Stylesheet
text/css 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/templates/themes/css/exp.custom.css
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: bf460d887a61227ff59744f65646ae69afb33bbb2ab46898e7bef4b39337dcc6

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-be8"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.min.js Show response
www.tinthethao.com.vn/templates/themes/js/ 91 KB
33 KB 1177ms
465ms Script
application/javascript 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/templates/themes/js/jquery.min.js
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-16bac"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.bxslider.js Show response
www.tinthethao.com.vn/templates/themes/js/ 49 KB
12 KB 956ms
244ms Script
application/javascript 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/templates/themes/js/jquery.bxslider.js
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 745743a8a9e6474567849bf25a3aff52237b09f6fd04047ce46c5cb606ca62fa

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-c514"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.slimscroll.js Show response
www.tinthethao.com.vn/templates/themes/js/ 13 KB
4 KB 962ms
247ms Script
application/javascript 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/templates/themes/js/jquery.slimscroll.js
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 83f62928f16953d39e36ac4b5d9802c3bf4db5b295fbce8fd4cf10992738c0bd

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-3558"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.marquee.min.js Show response
www.tinthethao.com.vn/templates/themes/js/ 5 KB
2 KB 956ms
237ms Script
application/javascript 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/templates/themes/js/jquery.marquee.min.js
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 212a5e44ca5b6b55efb74cfa9c1b557faa09036b54aa8c094558d924ae15c8f9

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-122e"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.fancybox.js Show response
www.tinthethao.com.vn/templates/themes/js/ 48 KB
14 KB 976ms
247ms Script
application/javascript 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/templates/themes/js/jquery.fancybox.js
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 84216ef05b22b7d3e24aa42d78e774b0e28fdb6c759637d0da1d18cc659da02d

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-be42"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.countdown.js Show response
www.tinthethao.com.vn/templates/themes/js/ 3 KB
2 KB 1187ms
235ms Script
application/javascript 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/templates/themes/js/jquery.countdown.js
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 31ee2543aa4d659fe783017c93f7a40d58faf6c3972ebbbaae9070e34d0c9dba

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-b33"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main.js Show response
www.tinthethao.com.vn/templates/themes/js/ 4 KB
2 KB 1192ms
235ms Script
application/javascript 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/templates/themes/js/main.js?v=0.0.96
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 3dfcf076a896cba9d38603c426c463afbd39d0651a752eb787e5a5908297f541

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-10bf"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK owl.carousel.min.css
www.tinthethao.com.vn/templates/themes/js/owlcarousel/ 3 KB
1 KB 727ms
236ms Stylesheet
text/css 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/templates/themes/js/owlcarousel/owl.carousel.min.css?v=0.0.96
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-b78"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK owl.theme.default.min.css
www.tinthethao.com.vn/templates/themes/js/owlcarousel/ 936 B
945 B 950ms
240ms Stylesheet
text/css 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/templates/themes/js/owlcarousel/owl.theme.default.min.css?v=0.0.96
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 296b3d8e9fa36733999a69d6e630bc6361ea23dada8c98a0e48d34ba7f7d0ed2

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-3a8"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK owl.carousel.min.js Show response
www.tinthethao.com.vn/templates/themes/js/owlcarousel/ 42 KB
11 KB 1198ms
241ms Script
application/javascript 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/templates/themes/js/owlcarousel/owl.carousel.min.js?v=0.0.96
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-a70e"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 56 KB
20 KB 42ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac7ce960fd46569a2ef11c8b430f34117a6019595bebbc5ba7390338815836e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "784 / 264 of 1000 / last-modified: 1613171627"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 19505
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:27 GMT

GET
H/1.1 200
OK wssayomUPpbx Show response
cdn.onthe.io/io.js/ 58 KB
18 KB 143ms
54ms Script
text/javascript 116.203.211.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/wssayomUPpbx
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.203.211.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.59.211.203.116.clients.your-server.de
Software: nginx /
Resource Hash: 0cc21f9a374b591dff2869c4188e7fe2e57cfdd1785887d19e975a018430d4ef

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Dec 2020 09:33:06 GMT
Server: nginx
ETag: W/"5fc75f52-e983"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Tue, 16 Feb 2021 17:50:27 GMT

GET
H2 200 bongda.js Show response
embed.dugout.com/v3.1/ 152 KB
49 KB 256ms
225ms Script
text/javascript 2600:9000:2127:4400:18:681:2880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.dugout.com/v3.1/bongda.js
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:4400:18:681:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 989a6a36d38997489d25ae66914d6378576296718749f4b36e96707b07a9d58c

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:26 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: PRG50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
x-amz-cf-id: iCSd7Nj5RVE9u9eKyapcY-g1eX4OyBxHGBfK_7tXl5wQyho1S8Vefg==
via: 1.1 2a5c925255bb252ff0ed65977311f74f.cloudfront.net (CloudFront)

GET
H/1.1 200
OK logo.png
www.tinthethao.com.vn/templates/themes/images/ 40 KB
40 KB 923ms
497ms Image
image/png 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tinthethao.com.vn/templates/themes/images/logo.png
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 170de5647ae37bbc876f8ab220d3d7d3a8ba02acb9eea4418cbe824bc851a2b0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:28 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-a1be"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK logo_mobile.png
www.tinthethao.com.vn/templates/themes/images/ 46 KB
44 KB 238ms
238ms Image
image/png 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tinthethao.com.vn/templates/themes/images/logo_mobile.png
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 68554b471617d6d1cba3574508a526053a358cb7116c682a72e3e6cdc7d86b38

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:28 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-b6a0"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hau-truong-crystal-palace-0-7-liverpool-144147jpg.jpg
media.tinthethao.com.vn/resize/186x106/files/bongda/2020/12/24/ 10 KB
10 KB 989ms
566ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/186x106/files/bongda/2020/12/24/hau-truong-crystal-palace-0-7-liverpool-144147jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 1a660d77e7cab82d4f18bed0366339657fa4d6df6c16a6d63920b65b5e774cf0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Thu, 24 Dec 2020 07:42:03 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"5fe4464b-c4eb"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 khoanh-khac-dang-nho-cua-mourinho-trong-ngay-spurs-quat-nga-man-city-111418jpg.jpg
media.tinthethao.com.vn/resize/186x106/files/bongda/2020/11/28/ 8 KB
8 KB 807ms
384ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/186x106/files/bongda/2020/11/28/khoanh-khac-dang-nho-cua-mourinho-trong-ngay-spurs-quat-nga-man-city-111418jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 80b51edc9434a7bdfdab82f59656de7d56f95c0512a98bc27e833df790c81bf6

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Sat, 28 Nov 2020 04:14:19 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"5fc1ce9b-f722"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 nhung-khoanh-khac-an-tuong-nhat-cua-maradona-tai-barcelona-064141jpg.jpg
media.tinthethao.com.vn/resize/186x106/files/bongda/2020/11/26/ 13 KB
14 KB 589ms
214ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/186x106/files/bongda/2020/11/26/nhung-khoanh-khac-an-tuong-nhat-cua-maradona-tai-barcelona-064141jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 13d8399e7533f80b63ff5d6e27c8ba3c282463902291fe0f8bcbaba76266dea2

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Wed, 25 Nov 2020 23:41:44 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"5fbeebb8-b3b9"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 nhung-ban-thang-dep-nhat-cua-diego-maradona-o-napoli-063228jpg.jpg
media.tinthethao.com.vn/resize/186x106/files/bongda/2020/11/26/ 13 KB
13 KB 548ms
532ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/186x106/files/bongda/2020/11/26/nhung-ban-thang-dep-nhat-cua-diego-maradona-o-napoli-063228jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 3ce16951ea7f0e31cba5511bd917e4e9839de2f3bf0a6f4cd34d3466fa72daf6

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Wed, 25 Nov 2020 23:32:40 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"5fbee998-13832"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 tay-ban-nha-an-mung-sau-man-huy-diet-duc-055153png.png
media.tinthethao.com.vn/resize/186x106/files/bongda/2020/11/19/ 46 KB
46 KB 549ms
533ms Image
image/png 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/186x106/files/bongda/2020/11/19/tay-ban-nha-an-mung-sau-man-huy-diet-duc-055153png.png
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 4433714910f3c322cde48fd16b6bfa477a5a38ce803a3c9dd59b4babe00c8085

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Wed, 18 Nov 2020 22:51:56 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"5fb5a58c-24f8f4"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/png
cache-control: max-age=315360000
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 man-nhay-flashmob-nong-bong-cua-sinh-vien-hoc-vien-hang-khong-viet-nam-120221.jpg
media.tinthethao.com.vn/resize/186x106/files/news/2020/11/18/ 11 KB
11 KB 548ms
532ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/186x106/files/news/2020/11/18/man-nhay-flashmob-nong-bong-cua-sinh-vien-hoc-vien-hang-khong-viet-nam-120221.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 92ec1bacc8ef133fa936d016ddb3799edaab93f68246fd01ed3927e8cb317240

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Wed, 18 Nov 2020 05:02:22 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"5fb4aade-f8ae"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 henderson-ra-mat-maguire-va-sancho-lap-cong-tuyen-anh-thang-de-ireland-053648jpg.jpg
media.tinthethao.com.vn/resize/186x106/files/bongda/2020/11/13/ 13 KB
13 KB 548ms
533ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/186x106/files/bongda/2020/11/13/henderson-ra-mat-maguire-va-sancho-lap-cong-tuyen-anh-thang-de-ireland-053648jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 18587f12cd72ab563f2e7aa90bdeda9b0ce1d9b196f32a9c459725664c73d19d

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Thu, 12 Nov 2020 22:36:51 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"5fadb903-ab62"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 wayne-rooney-lap-sieu-pham-da-phat-vao-luoi-norwich-074449jpg.jpg
media.tinthethao.com.vn/resize/186x106/files/bongda/2020/10/05/ 13 KB
13 KB 548ms
533ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/186x106/files/bongda/2020/10/05/wayne-rooney-lap-sieu-pham-da-phat-vao-luoi-norwich-074449jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 890ce805150809a6528f142a3475d83e14b8216f3beccfe0bfd94ba8a202da45

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 05 Oct 2020 00:44:52 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"5f7a6c84-24152"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 hoa-ra-man-utd-van-dang-so-huu-mot-lionel-messi-tai-old-trafford-194027jpg.jpg
media.tinthethao.com.vn/resize/550x300/files/bongda/2021/02/15/ 52 KB
53 KB 925ms
566ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/550x300/files/bongda/2021/02/15/hoa-ra-man-utd-van-dang-so-huu-mot-lionel-messi-tai-old-trafford-194027jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 8aa540c1f7efefb32d013bcb5ba31dc24f4fa8e33cc42d7ec75ad365db5f9fbb

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 12:40:29 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"602a6bbd-12b9c"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H/1.1 200
OK blank.png
www.tinthethao.com.vn/lib/explus/ 3 KB
3 KB 424ms
239ms Image
image/png 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tinthethao.com.vn/lib/explus/blank.png
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: c67fc26eb61a9d0377f6f375864151ee5dad1c6a130eb953bf68851c721467dd

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:28 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-ae8"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 0_fbl-eng-pr-man-city-tottenham-2138jpg.jpg
media.tinthethao.com.vn/resize/260x160/files/bongda/2021/02/15/ 18 KB
18 KB 801ms
459ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/260x160/files/bongda/2021/02/15/0_fbl-eng-pr-man-city-tottenham-2138jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: bed4879365b0815d9418e3b4e0fed253962293362fa41dff7ebd06354c9d5559

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 14:41:29 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"602a8819-8798"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 0_fbl-eng-pr-man-city-tottenham-2138jpg.jpg
media.tinthethao.com.vn/resize/261x165/files/bongda/2021/02/15/ 18 KB
18 KB 878ms
566ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/261x165/files/bongda/2021/02/15/0_fbl-eng-pr-man-city-tottenham-2138jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: c0320f0b1e487888522b44765af4556ef289e22af7bf841242970f216c4a5a83

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 14:41:29 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"602a8819-8798"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 quyet-va-hang-thu-man-utd-giat-da-tang-tuong-lai-11-trieu-voi-milan-184230jpg.jpg
media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/15/ 4 KB
4 KB 821ms
509ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/15/quyet-va-hang-thu-man-utd-giat-da-tang-tuong-lai-11-trieu-voi-milan-184230jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 3e8c12fcb762598984ad186c27da4ab7c4d6c3813416ddb9b0c754819739e3bb

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 11:42:31 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"602a5e27-2b57d"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 do-la-vi-tri-yeu-nhat-cua-arsenal-182922jpg.jpg
media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/15/ 3 KB
3 KB 821ms
509ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/15/do-la-vi-tri-yeu-nhat-cua-arsenal-182922jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 4e7675e0d22d3ae99502b08762265f77c83073848d9682d3a29a66bbb31a701a

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 11:29:24 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"602a5b14-28d76"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 chuyen-nhuong-15-02-172806jpg.jpg
media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/15/ 4 KB
4 KB 822ms
509ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/15/chuyen-nhuong-15-02-172806jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 5c7100186822f0edc0758527b6d020fa7ad352dedc61a4720bd331f1dd7e7edf

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 11:24:34 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"602a59f2-3f94d"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 da-chinh-tran-dau-odegaard-noi-luon-ve-tuong-lai-o-arsenal-180017jpg.jpg
media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/15/ 3 KB
3 KB 877ms
565ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/15/da-chinh-tran-dau-odegaard-noi-luon-ve-tuong-lai-o-arsenal-180017jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 280e124ea35e5b0b98c7f71e9d5e516cfd6ce96ea30e42a92c49eb41e975dd86

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 11:00:18 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"602a5442-e7f2"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 gary-neville-chi-ra-cai-ten-choi-te-nhat-man-utd-o-tran-hoa-west-brom-172242png.png
media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/15/ 9 KB
10 KB 548ms
533ms Image
image/png 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/15/gary-neville-chi-ra-cai-ten-choi-te-nhat-man-utd-o-tran-hoa-west-brom-172242png.png
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 361af67dd8fb835b31ec8c810809a4ea07c4dacbf8571b3387cb637429e3c12b

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 10:24:23 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"602a4bd7-988e5"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/png
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 ho-tan-tai-len-tieng-ve-co-hoi-sang-chau-au-thi-dau-181450jpg.jpg
media.tinthethao.com.vn/resize/261x165/files/bongda/2021/02/15/ 16 KB
16 KB 548ms
533ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/261x165/files/bongda/2021/02/15/ho-tan-tai-len-tieng-ve-co-hoi-sang-chau-au-thi-dau-181450jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: cb3caabc3addd6eaedc8f1561e985e4db366dfdd7a598b48bd6d30e27156ead9

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 11:14:52 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"602a57ac-fe0c"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 chua-nhan-duoc-tien-hlv-fabio-lopez-goi-bau-de-la-ke-doi-tra-181955jpg.jpg
media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/09/ 3 KB
3 KB 549ms
533ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/09/chua-nhan-duoc-tien-hlv-fabio-lopez-goi-bau-de-la-ke-doi-tra-181955jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 4277f5dc049283ecf5e33814c38c88d18b2c5d059b481123b28829747a383c78

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Tue, 09 Feb 2021 11:19:56 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"60226fdc-de51"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 hlv-kiatisak-tiet-lo-2-ly-do-dua-den-quyet-dinh-dan-dat-hagl-072534jpg.jpg
media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/09/ 3 KB
3 KB 550ms
535ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/09/hlv-kiatisak-tiet-lo-2-ly-do-dua-den-quyet-dinh-dan-dat-hagl-072534jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: a6172f0b9ed4814026427819a791a90c3a8043b1f77c9b875000f555ceb8aab5

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Tue, 09 Feb 2021 00:25:35 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"6021d67f-14f79"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 thuc-hu-chuyen-cerezo-osaka-cheo-keo-cong-phuong-181700jpg.jpg
media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/08/ 4 KB
4 KB 549ms
534ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/08/thuc-hu-chuyen-cerezo-osaka-cheo-keo-cong-phuong-181700jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 3187ad8dd92a7b9980b5a871f1eaa4d1a0a52deaaa04d7ddf83e4fe839467f4e

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 08 Feb 2021 11:17:01 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"60211dad-159b5"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 lee-nguyen-neu-quay-nguoc-thoi-gian-toi-se-chon-khoac-ao-dt-viet-nam-073255jpg.jpg
media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/08/ 3 KB
3 KB 548ms
533ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/08/lee-nguyen-neu-quay-nguoc-thoi-gian-toi-se-chon-khoac-ao-dt-viet-nam-073255jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: b60bf26093b15366e1cb4094084696ac6dedc9e185dc1980a6f7bfd2e2c45abf

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 08 Feb 2021 00:32:57 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"602086b9-116b3"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 thua-kien-clb-thanh-hoa-phai-den-bu-hon-4-ty-dong-cho-2-hlv-italia-174950jpg.jpg
media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/06/ 3 KB
3 KB 549ms
534ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/06/thua-kien-clb-thanh-hoa-phai-den-bu-hon-4-ty-dong-cho-2-hlv-italia-174950jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 54cb4462aaa70faf025828b8836cbadac37add5f7c78864e4f8d965049d5f2a5

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Sat, 06 Feb 2021 10:49:51 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"601e744f-12c94"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 gettyimages-1301046252-2107jpg.jpg
media.tinthethao.com.vn/resize/261x165/files/bongda/2021/02/15/ 17 KB
17 KB 549ms
534ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/261x165/files/bongda/2021/02/15/gettyimages-1301046252-2107jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 1f559aa135d5a63964e812c857e7faea321d9f40948eb4188a1e270d3f198d7f

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 14:08:48 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"602a8070-104d8"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 chinh-thuc-ke-upamecano-rb-leipzig-mua-dut-ke-phuc-sinh-thanh-manchester-235918jpg.jpg
media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/14/ 3 KB
3 KB 590ms
575ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/14/chinh-thuc-ke-upamecano-rb-leipzig-mua-dut-ke-phuc-sinh-thanh-manchester-235918jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: a7ce4512e02fd219e86c8a410b90432c90bd8657fdd8fe405b268c683a9bd20e

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Sun, 14 Feb 2021 16:59:20 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"602956e8-18d4c"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 sandro-1-2342jpg.jpg
media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/14/ 3 KB
3 KB 592ms
578ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/14/sandro-1-2342jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 15e4676d8a2d96ab6bd8192d7bd6b01364d2aa44763927eea2aefc2a362120c9

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Sun, 14 Feb 2021 16:48:44 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"6029546c-577ad"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 gettyimages-1300898527-2048x2048-2241jpg.jpg
media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/14/ 3 KB
3 KB 592ms
577ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/14/gettyimages-1300898527-2048x2048-2241jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 8f3055562da52f96e131e0501b3d1f4aa87ab9a375f79c5a9d76f4a9dcb11493

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Sun, 14 Feb 2021 15:46:20 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"602945cc-2b716"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 wenger-toi-da-de-nghi-vardy-rat-nhieu-tien-224545jpg.jpg
media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/14/ 3 KB
3 KB 593ms
578ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/14/wenger-toi-da-de-nghi-vardy-rat-nhieu-tien-224545jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 270487837b123af09a5708fb9aecc1de75caec58291f0644971f6c457fa9d391

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Sun, 14 Feb 2021 15:45:46 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"602945aa-12279"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 bayerns-record-signings-164144jpg.jpg
media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/14/ 3 KB
3 KB 548ms
534ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/14/bayerns-record-signings-164144jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 52ef88ab52addcc358dc551f2e36416ef1a8b80bd2016319aa559040ec8fa2c3

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Sun, 14 Feb 2021 13:15:37 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"60292279-180e4"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 nadal-01-2041.jpg
media.tinthethao.com.vn/resize/325x205/files/quan.le/2021/02/15/ 17 KB
17 KB 591ms
577ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/325x205/files/quan.le/2021/02/15/nadal-01-2041.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 36a6262efaaa8946f2468eaa165c96c06aa520b6eb3d7fd2130b63b925020925

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 13:41:19 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"602a79ff-ee07"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 phong-do-huy-diet-cua-nadal-tai-phap-mo-rong-110839.png
media.tinthethao.com.vn/resize/60x60/files/news/2020/10/03/ 8 KB
9 KB 549ms
534ms Image
image/png 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/news/2020/10/03/phong-do-huy-diet-cua-nadal-tai-phap-mo-rong-110839.png
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 573241f7831e15a26c6445601a2efbcb5cbf5106db270ee7dc68d5fa1d5eb041

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Sat, 03 Oct 2020 04:08:40 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"5f77f948-12aca7"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/png
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 djokovic-nhan-bai-hoc-dat-gia-vi-tinh-khi-nong-nay-150021.jpg
media.tinthethao.com.vn/resize/60x60/files/news/2020/09/07/ 3 KB
3 KB 548ms
534ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/news/2020/09/07/djokovic-nhan-bai-hoc-dat-gia-vi-tinh-khi-nong-nay-150021.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: a2f58710ab62b290073188aba214d74efa5b84c4bb5b0f6d46a82d1f93068919

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 07 Sep 2020 08:00:22 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"5f55e896-25307"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 djokovic-xung-dang-bi-loai-khoi-us-open-2020-182703.jpg
media.tinthethao.com.vn/resize/60x60/files/news/2020/11/07/ 3 KB
3 KB 588ms
573ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/news/2020/11/07/djokovic-xung-dang-bi-loai-khoi-us-open-2020-182703.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: f26a1246ce0427931d9a7d6142c6c59a3238cb920996b310b3e023fa9d3628f3

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Sat, 07 Nov 2020 11:27:04 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"5fa68488-11181"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 djokovic-an-han-sau-khi-bi-loai-khoi-us-open-2020-144817.png
media.tinthethao.com.vn/resize/60x60/files/news/2020/09/07/ 8 KB
8 KB 548ms
534ms Image
image/png 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/news/2020/09/07/djokovic-an-han-sau-khi-bi-loai-khoi-us-open-2020-144817.png
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: fa81764522fc5b3f24fc65ff1147012c4b296557b077b4a1a0248899babba4bf

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 07 Sep 2020 07:48:18 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"5f55e5c2-22873e"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/png
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 djokovic-nadal-01-1932.jpeg
media.tinthethao.com.vn/resize/60x60/files/quan.le/2020/07/07/ 4 KB
4 KB 592ms
578ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/quan.le/2020/07/07/djokovic-nadal-01-1932.jpeg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: da383cd0d1854b8c57d5a98ac28db6492422521d7be8b764dafaaef62d0b0e0d

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Tue, 07 Jul 2020 12:32:22 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"5f046b56-c65a"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 lich-thi-dau-nba-16-2-thuong-dinh-dong--tay-clippers-nets-cho-dac-loi-151258.jpg
media.tinthethao.com.vn/resize/325x205/files/news/2021/02/15/ 34 KB
34 KB 589ms
575ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/325x205/files/news/2021/02/15/lich-thi-dau-nba-16-2-thuong-dinh-dong--tay-clippers-nets-cho-dac-loi-151258.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 8af6cb5c3e27168ac25e648bd9434564c6a14cb086464e4b0d7f9ccaf313f511

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 08:12:58 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"602a2d0a-20327"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 ket-qua-nba-13-2-lakers-tiep-da-thang-a-than-lai-guc-nga-024529.jpg
media.tinthethao.com.vn/resize/60x60/files/news/2021/02/14/ 4 KB
4 KB 549ms
535ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/news/2021/02/14/ket-qua-nba-13-2-lakers-tiep-da-thang-a-than-lai-guc-nga-024529.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 24809915b6c3835b11dc7733ef56225b4d0559e40231c3ed30f7e38738444ef9

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Sat, 13 Feb 2021 19:45:30 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"60282c5a-49742"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 lich-thi-dau-nba-13-2-a-than-co-can-duoc-jazz-lakers-ngu-ong-dac-loi-003349.jpg
media.tinthethao.com.vn/resize/60x60/files/news/2021/02/13/ 4 KB
4 KB 592ms
578ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/news/2021/02/13/lich-thi-dau-nba-13-2-a-than-co-can-duoc-jazz-lakers-ngu-ong-dac-loi-003349.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 8ec125d86a1c7ec76fd4f87b08b81281410b8701688e4284c42413246df0ce83

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 17:33:50 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"6026bbfe-1bd7d"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 ket-qua-nba-12-2-76ers-guc-nga-celtics-tim-lai-niem-vui-232427.jpg
media.tinthethao.com.vn/resize/60x60/files/news/2021/02/12/ 3 KB
3 KB 592ms
578ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/news/2021/02/12/ket-qua-nba-12-2-76ers-guc-nga-celtics-tim-lai-niem-vui-232427.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: dc1360d953fefbf534b9cb5f0684934c06b7572679043b3399aaaa480d41b31c

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 16:24:27 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"6026abbb-1a79da"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 lich-thi-dau-nba-12-2-doi-cho-curry-76ers-gap-thach-thuc-161050.jpg
media.tinthethao.com.vn/resize/60x60/files/news/2021/02/11/ 3 KB
3 KB 587ms
574ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/news/2021/02/11/lich-thi-dau-nba-12-2-doi-cho-curry-76ers-gap-thach-thuc-161050.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: d1d0b7954da7a6ea0747050ca2c11a7998f05100a627bbe6c5a35323fde64389

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 09:10:50 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"6024f49a-99bb"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 ket-qua-nba-11-2-vat-va-lakers-bucks-lai-guc-nga-152712.jpg
media.tinthethao.com.vn/resize/60x60/files/news/2021/02/11/ 3 KB
3 KB 587ms
574ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/news/2021/02/11/ket-qua-nba-11-2-vat-va-lakers-bucks-lai-guc-nga-152712.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: c2b800deb2f80985c6afec31b2a0111958cbb223f2181c1a2d6adedeecb63998

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 08:27:13 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"6024ea61-5106b"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 vovinam-quan-doi-chang-duong-25-nam-gian-kho-va-tu-hao-093549.jpg
media.tinthethao.com.vn/resize/261x165/files/news/2020/12/26/ 22 KB
22 KB 590ms
577ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/261x165/files/news/2020/12/26/vovinam-quan-doi-chang-duong-25-nam-gian-kho-va-tu-hao-093549.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: ddb7f60d92b89ceafc1d6a83e672b00e8195e4a4e3028b67315597bc59180168

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Sat, 26 Dec 2020 02:35:50 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"5fe6a186-1ba81"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 taekwondo-vn-01-1935.jpg
media.tinthethao.com.vn/resize/60x60/files/quan.le/2020/07/22/ 3 KB
3 KB 589ms
576ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/quan.le/2020/07/22/taekwondo-vn-01-1935.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: eabfba4bea70cd69f6f08d60e233d051ac02ec3b38e7e2727a7500353420463d

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 12:35:13 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"5f183281-fa6a"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 ufc-01-1714.jpg
media.tinthethao.com.vn/resize/60x60/files/quan.le/2020/07/15/ 4 KB
4 KB 589ms
576ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/quan.le/2020/07/15/ufc-01-1714.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: f2668cd7f0a5b5880cd4b038c30bc4677d6cabaaff4658369ef0cf779b0ae2ca

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 10:14:45 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"5f0ed715-16ff1"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 kamaru-usman-01-2227.jpg
media.tinthethao.com.vn/resize/60x60/files/quan.le/2020/07/14/ 4 KB
4 KB 590ms
576ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/quan.le/2020/07/14/kamaru-usman-01-2227.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 0faea42fd2cf2c8521ff64decf455a422fae2bbcbb402f376b0f1f363fa61d9f

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Tue, 14 Jul 2020 15:27:45 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"5f0dcef1-ba78"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 sangarthit-looksaikongdin-01-2221.jpg
media.tinthethao.com.vn/resize/60x60/files/quan.le/2020/07/14/ 3 KB
3 KB 590ms
576ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/quan.le/2020/07/14/sangarthit-looksaikongdin-01-2221.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: edbc64751c4123ad95fffb524a475689b7a8f3d373b32b21162f6a2f5c25ac06

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Tue, 14 Jul 2020 15:21:03 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"5f0dcd5f-121ea"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 usman-01-1733.jpg
media.tinthethao.com.vn/resize/60x60/files/quan.le/2020/07/12/ 4 KB
4 KB 590ms
577ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/quan.le/2020/07/12/usman-01-1733.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 0faea42fd2cf2c8521ff64decf455a422fae2bbcbb402f376b0f1f363fa61d9f

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Sun, 12 Jul 2020 10:33:51 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"5f0ae70f-ba78"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 bi-dap-vo-kinh-xe-el-shaarawy-truy-duoi-ten-trom-den-cung-153112jpg.jpg
media.tinthethao.com.vn/resize/261x165/files/bongda/2021/02/13/ 22 KB
22 KB 590ms
577ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/261x165/files/bongda/2021/02/13/bi-dap-vo-kinh-xe-el-shaarawy-truy-duoi-ten-trom-den-cung-153112jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 891a3f290e6f010bc48053a7d5c820c8c6e85ba9d4212ea2d55741285e43795f

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Sat, 13 Feb 2021 08:31:13 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"60278e51-a5fd"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 1602-0831-2336jpg.jpg
media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/09/ 3 KB
3 KB 586ms
573ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/09/1602-0831-2336jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: fdf7263a9db74a048052b867fe0408c151c034dd361288d4032b56586eaea321

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Tue, 09 Feb 2021 16:38:18 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"6022ba7a-f977"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 soc-sau-1-quyet-dinh-trong-tai-premier-league-phai-don-ra-khoi-nha-222222jpg.jpg
media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/09/ 4 KB
4 KB 589ms
576ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/09/soc-sau-1-quyet-dinh-trong-tai-premier-league-phai-don-ra-khoi-nha-222222jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: b9b49772e65e0417b6e33e047ee91bc1175bfcfbc7fbd606f23d5a7a5778df4c

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Tue, 09 Feb 2021 15:22:35 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"6022a8bb-3870a"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 ronaldo-va-georgina-tra-tien-dieu-tri-ung-thu-cho-cau-be-7-tuoi-145502jpg.jpg
media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/09/ 4 KB
4 KB 587ms
574ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/09/ronaldo-va-georgina-tra-tien-dieu-tri-ung-thu-cho-cau-be-7-tuoi-145502jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: a6926fbab66c866c87ba8b283e15e25826b4458b2acbd86b546bc03ed050e221

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Tue, 09 Feb 2021 07:55:03 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"60223fd7-14851"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 huyen-thoai-liverpool-bi-cap-huyen-thoai-manchester-danh-hoi-dong-tren-truong-quay-130759png.png
media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/08/ 8 KB
8 KB 589ms
576ms Image
image/png 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/08/huyen-thoai-liverpool-bi-cap-huyen-thoai-manchester-danh-hoi-dong-tren-truong-quay-130759png.png
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: b51f2d8aac7391a43750f8daaca6a0467d572de947c8fb71de1c98ada78c0f08

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 08 Feb 2021 06:08:00 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"6020d540-52933"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/png
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 tu-beckham-den-ronaldo-tai-sao-noi-cac-cau-thu-bong-da-la-dinh-cao-cua-ve-dep-nam-gioi-140306jpg.jpg
media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/06/ 2 KB
2 KB 587ms
574ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/06/tu-beckham-den-ronaldo-tai-sao-noi-cac-cau-thu-bong-da-la-dinh-cao-cua-ve-dep-nam-gioi-140306jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: ad75010e1c621f431c2a1644026c64b4963d48d9260b45366de272815e5e260d

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Sat, 06 Feb 2021 07:03:23 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"601e3f3b-85da"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 gettyimages-1220754459-2048x2048-1039jpg.jpg
media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/06/ 4 KB
4 KB 588ms
575ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/60x60/files/bongda/2021/02/06/gettyimages-1220754459-2048x2048-1039jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 178bf2dca92f3b90869e52828a84b1203fa46fdd7b3fbaf0c9dbeb734b4658bf

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Sat, 06 Feb 2021 03:42:26 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"601e1022-40724"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2

200

ads.js Show response
ss.yomedia.vn/js/
Redirect Chain

https://ss.yomedia.vn/js/1/160/ads.js
https://ss.yomedia.vn/js/ads.js

355 KB
119 KB

1007ms
1006ms

Script
application/javascript

222.255.217.231
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://ss.yomedia.vn/js/ads.js
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 222.255.217.231 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: nginx /
Resource Hash: 0a5affe1a2a77f2900eb0bec4bf56eb3194bf6cd38daadf16072fdef3a5f7338

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:39:47 GMT
content-encoding: gzip
last-modified: Fri, 10 Jan 2020 06:19:34 GMT
server: nginx
etag: W/"5e181776-58c42"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public
expires: Tue, 16 Feb 2021 17:39:47 GMT

Redirect headers

location: https://ss.yomedia.vn/js/ads.js
date: Mon, 15 Feb 2021 17:39:47 GMT
server: nginx, cdn-01
x-robots-tag: noindex
content-length: 162
content-type: text/html

GET
H/1.1 200
OK jquery.cookie.js Show response
www.tinthethao.com.vn/templates/themes/js/ 3 KB
2 KB 237ms
237ms Script
application/javascript 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/templates/themes/js/jquery.cookie.js
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-c44"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.twentytwenty.js Show response
www.tinthethao.com.vn/lib/explus/ 4 KB
2 KB 236ms
235ms Script
application/javascript 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/lib/explus/jquery.twentytwenty.js
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: b4f32f7efa0288c658cda3fb09ec379791531519711d13bc871549243907e8fa

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-e89"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.event.move.js Show response
www.tinthethao.com.vn/lib/explus/ 5 KB
2 KB 244ms
236ms Script
application/javascript 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/lib/explus/jquery.event.move.js
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 0175593691d5cabc8193b916facee8ff24b33d5c9c758e08b65a614f70ff2a05

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-1300"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.exslider.js Show response
www.tinthethao.com.vn/lib/explus/ 2 KB
1010 B 245ms
236ms Script
application/javascript 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/lib/explus/jquery.exslider.js
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 9496ed27ca5b2d8776194a379201b981663f915a3143917dd6a42ce86ce95ab1

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-7a6"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK explus.lazy.js Show response
www.tinthethao.com.vn/lib/explus/ 1 KB
1 KB 245ms
236ms Script
application/javascript 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/lib/explus/explus.lazy.js
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: f7c08a6f1488081a5e7a6999bd734810dbe6e9743773514552acb04412ced2db

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-559"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK explus.dev.js Show response
www.tinthethao.com.vn/lib/explus/ 4 KB
2 KB 246ms
238ms Script
application/javascript 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/lib/explus/explus.dev.js?v=2
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 8d4c814862e6b6d2d0a476465250b9f64f9d756eb5b5d09b07786d4e5237e81d

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-1033"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK profile.js Show response
www.tinthethao.com.vn/templates/themes/js/ 4 KB
2 KB 707ms
236ms Script
application/javascript 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/templates/themes/js/profile.js?v=2
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 6cf61950f521fd400fe34d5bc708dddf700f9eec48a37df60824ca789aaf0018

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:28 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-11f2"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 83 KB
32 KB 42ms
21ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WRHFZQN

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d5a4535e0d039afc2c84ab8a89dd57dcee470cd0f2d6bd92d1fe59782af18320

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32004
x-xss-protection: 0
last-modified: Mon, 15 Feb 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Feb 2021 17:50:28 GMT

GET
H/1.1 200
OK plugin.min.js Show response
static.dable.io/dist/ 90 KB
29 KB 100ms
41ms Script
application/javascript 23.196.202.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.196.202.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-202-183.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 729a5f58e5c687f4b964fdfc06abfff1497bfabf9161ac45f3128cf6b969179f

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 5yZL0UzVF6hWBPv_0jQjkJdQOvLo0ENJ
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 07:27:31 GMT
Server: Apache
x-amz-request-id: 0C43D67B53E80792
ETag: "401aea751d44f52454cb89ba28c970c0"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=10317
Date: Mon, 15 Feb 2021 17:50:28 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29547
x-amz-id-2: dfHgha/yUca+wclGDq1lvpE94wAtr+NehH6MMd0HOZGxxC6qKM1hHGkDU3LhyPwKdBQ8JFmomt8=

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/bongdavn-tinthethao/ 93 KB
20 KB 183ms
128ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/bongdavn-tinthethao/loader.js
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 183be476f6994871bcb37a3f978674e6ba8ae87ce84b9d268ddc298514b15cb5

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: _JMFQE6mtJdhu1AenHKgxugxyT9pzHlX
content-encoding: gzip
etag: "970c92478c37b0352ec82f5ed284e501"
age: 0
x-cache: HIT
content-length: 20514
x-amz-id-2: dcnIHTl7ND4Lo9QUORkiOxxBvttgQREIjJwGwOp795f/vmz1iR+J9rtaNQHME0qaRl98IQShS8Y=
x-served-by: cache-hhn11557-HHN
last-modified: Thu, 12 Nov 2020 22:00:29 GMT
server: AmazonS3
x-timer: S1613411428.073167,VS0,VE104
date: Mon, 15 Feb 2021 17:50:28 GMT
vary: Accept-Encoding
x-amz-request-id: 02712173701B8A8E
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 60
x-cache-hits: 1

GET
H/1.1 200
OK bg-img.jpg
www.tinthethao.com.vn/lib/explus/ 22 KB
8 KB 425ms
240ms Image
image/jpeg 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tinthethao.com.vn/lib/explus/bg-img.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: deed6a6b4c43763ee1330f0085ffa404fcb6a56662c66ef18c3c82b97f606e03

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:28 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-58ab"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK robotoslab-regular.ttf
www.tinthethao.com.vn/templates/themes/css/fonts/ 173 KB
173 KB 440ms
242ms Font
application/octet-stream 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/templates/themes/css/fonts/robotoslab-regular.ttf
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/templates/themes/css/style.css?v=2.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 6fdd9a4a5d49b517193b7921783fafabbf52ad6580f4e406a522774005a63c11

Request headers

Origin: https://www.tinthethao.com.vn
Referer: https://www.tinthethao.com.vn/templates/themes/css/style.css?v=2.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:28 GMT
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: "5eca9923-2b25c"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 176732
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.tinthethao.com.vn/templates/themes/css/fonts/ 65 KB
66 KB 441ms
243ms Font
application/octet-stream 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/templates/themes/css/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/templates/themes/css/font-awesome.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Origin: https://www.tinthethao.com.vn
Referer: https://www.tinthethao.com.vn/templates/themes/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:28 GMT
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: "5eca9923-10440"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66624
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK OpenSans-ExtraBold.ttf
www.tinthethao.com.vn/templates/themes/css/fonts/ 117 KB
118 KB 688ms
453ms Font
application/octet-stream 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/templates/themes/css/fonts/OpenSans-ExtraBold.ttf
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/templates/themes/css/style.css?v=2.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: b00772a2ba933c3056e9b3df269f94e36a71cc27b4e6f84e3c2bbaee27a0e04c

Request headers

Origin: https://www.tinthethao.com.vn
Referer: https://www.tinthethao.com.vn/templates/themes/css/style.css?v=2.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:28 GMT
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: "5eca9923-1d420"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 119840
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK robotoslab-bold.ttf
www.tinthethao.com.vn/templates/themes/css/fonts/ 175 KB
175 KB 477ms
242ms Font
application/octet-stream 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tinthethao.com.vn/templates/themes/css/fonts/robotoslab-bold.ttf
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/templates/themes/css/style.css?v=2.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 0bc399c514848ed792142c907adeefdc46f9bf2b455355e705082c7bf3640fa0

Request headers

Origin: https://www.tinthethao.com.vn
Referer: https://www.tinthethao.com.vn/templates/themes/css/style.css?v=2.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:28 GMT
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: "5eca9923-2bb34"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 178996
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Sg3n3cge Show response
cdn.jwplayer.com/v2/playlists/ 31 KB
5 KB 49ms
26ms XHR
application/json 2600:9000:2127:ac00:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/v2/playlists/Sg3n3cge
Requested by: Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/bongda.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:ac00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 5a6558ecf886b839d4de2bd8297690cde34a87f4eb0a64673c76f9a8fd378024

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:48:36 GMT
content-encoding: gzip
server: openresty
age: 111
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1200, max-stale=180
x-amz-cf-pop: PRG50-C1
content-length: 4753
via: 1.1 7cfba11baf6016eafce83142b99c8ff8.cloudfront.net (CloudFront)
x-amz-cf-id: 1HfZyhh6LMkoMjNX4lBJzzTPWqopc6f7kZOEAkhumRJElsURT6fstw==
expires: Mon, 15 Feb 2021 18:08:36

GET
H2 200 pubads_impl_2021021001.js Show response
securepubads.g.doubleclick.net/gpt/ 288 KB
102 KB 115ms
53ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060146

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

c11fb9ac4922e75ae9e0a017f41ae36febd8a185834b7bb608e9049ebe68da62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 15:07:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103470
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:28 GMT

GET
H/1.1 200
OK icon_dot_red.png
www.tinthethao.com.vn/templates/themes/images/ 19 KB
5 KB 616ms
237ms Image
image/png 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tinthethao.com.vn/templates/themes/images/icon_dot_red.png
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/templates/themes/css/style.css?v=2.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 4be142741d327cd1da41abb137cf286e37aabe87e6ecb140b317ec234e77fefb

Request headers

Referer: https://www.tinthethao.com.vn/templates/themes/css/style.css?v=2.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:28 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-4a99"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 inference.js Show response
ssl.p.jwpcdn.com/player/plugins/inference/v/0.4.0/ 14 KB
5 KB 8ms
5ms Script
application/javascript 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/plugins/inference/v/0.4.0/inference.js
Requested by: Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/bongda.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db6098250421a3e3bfd388f05bb99279cc7e1a0cdc6b85990dc56e2a0f1cd3f7

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
age: 2825310
x-cache: HIT
content-length: 4460
via: 1.1 varnish
x-served-by: cache-hhn4052-HHN
last-modified: Mon, 03 Aug 2020 07:47:40 GMT
server: AmazonS3
x-timer: S1613411428.008975,VS0,VE0
etag: "fcea36e5dfe9694a95dd68a8dd48ad3b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 97647

GET
H2 200 googima.js Show response
ssl.p.jwpcdn.com/player/plugins/googima/v/8.8.9/ 69 KB
21 KB 15ms
13ms Script
text/plain 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/plugins/googima/v/8.8.9/googima.js
Requested by: Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/bongda.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36213828ced246a1cf0a48bd06cc47a85ab14362cd629c02bd1afdebfc76873d

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
age: 1620540
x-cache: HIT
content-length: 20931
via: 1.1 varnish
x-served-by: cache-hhn4052-HHN
last-modified: Thu, 10 Dec 2020 22:08:09 GMT
server: AmazonS3
x-timer: S1613411428.009129,VS0,VE0
etag: "6240686df4d402b1c25b3334a1af62a1"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 746087

GET
H2 200 jwpsrv.js Show response
ssl.p.jwpcdn.com/player/v/8.18.4/ 57 KB
17 KB 15ms
12ms Script
application/javascript 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.18.4/jwpsrv.js
Requested by: Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/bongda.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c616b0445de7236c857bbcff63e3236985202ead1d6676dd74b6151a5d88800

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
age: 119
x-cache: HIT
content-length: 17360
via: 1.1 varnish
x-served-by: cache-hhn4052-HHN
last-modified: Mon, 08 Feb 2021 19:59:45 GMT
server: AmazonS3
x-timer: S1613411428.009139,VS0,VE0
etag: "9babdf430d4678f3029506d58b1f0c17"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, immutable
accept-ranges: bytes
x-cache-hits: 623

GET
H2 200 jwplayer.core.controls.js Show response
ssl.p.jwpcdn.com/player/v/8.18.4/ 298 KB
76 KB 8ms
6ms Script
application/javascript 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.18.4/jwplayer.core.controls.js
Requested by: Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/bongda.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbddb5dc71dbc432fe3c0882955fd4942934d931ea1cf8ed3107b6f8e8f6c7c8

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
age: 2214526
x-cache: HIT
content-length: 78129
via: 1.1 varnish
x-served-by: cache-hhn4052-HHN
last-modified: Fri, 15 Jan 2021 21:39:06 GMT
server: AmazonS3
x-timer: S1613411428.009099,VS0,VE0
etag: "bce8a935003a2164805362d8ad7026a6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1197199

GET
H2 200 vi.json Show response
ssl.p.jwpcdn.com/player/v/8.18.4/translations/ 4 KB
2 KB 21ms
6ms XHR
application/json 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.18.4/translations/vi.json
Requested by: Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/bongda.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8a86716505918524f27a25b2a9192cdc958c0b267a7b0c69bbf2aafca7350f8

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:27 GMT
content-encoding: gzip
age: 2159853
x-cache: HIT
content-length: 1558
via: 1.1 varnish
x-served-by: cache-hhn4054-HHN
last-modified: Fri, 15 Jan 2021 21:39:20 GMT
server: AmazonS3
x-timer: S1613411428.912677,VS0,VE1
etag: "822184fdc9744a6e2dafa803d50d1d4f"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 384

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 1370 97 KB
38 KB 18ms
16ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-80588940-15

Requested by

Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/bongda.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

515c36242aeba6b503eab704575caf6f3c811e2cd304de8bfbb889a23fe9b85f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39174
x-xss-protection: 0
last-modified: Mon, 15 Feb 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Feb 2021 17:50:28 GMT

POST
H/1.1 200
OK index.wsgi
perf.dugout.com/api/ 0
347 B 213ms
48ms Other
application/json 34.243.35.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://perf.dugout.com/api/index.wsgi
Requested by: Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/bongda.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.35.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-35-122.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 15 Feb 2021 17:50:28 GMT
Server: Apache/2.4.29 (Ubuntu)
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
Content-Length: 0

GET
H2 200 provider.hlsjs.js Show response
ssl.p.jwpcdn.com/player/v/8.18.4/ 283 KB
86 KB 20ms
6ms Script
application/javascript 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.18.4/provider.hlsjs.js
Requested by: Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/bongda.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dfa05a5964f7993f83a296584170a7e49ace63db0891f1e53add0635e022bf6b

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:27 GMT
content-encoding: gzip
age: 2638120
x-cache: HIT
content-length: 87594
via: 1.1 varnish
x-served-by: cache-hhn4052-HHN
last-modified: Fri, 15 Jan 2021 21:39:09 GMT
server: AmazonS3
x-timer: S1613411428.931717,VS0,VE0
etag: "7ad588058a2b5fbdc9f3b1642b7383fa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 878964

GET
H/1.1 200
OK icon_backtop.png
www.tinthethao.com.vn/templates/themes/images/ 4 KB
5 KB 716ms
238ms Image
image/png 203.162.2.86
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tinthethao.com.vn/templates/themes/images/icon_backtop.png
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/templates/themes/css/style.css?v=2.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.162.2.86 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: PEN PEN/1.9.15, tinthethao.com.vn /
Resource Hash: 4041728fa75c0c0473909ce77e10083124f8253679c712f27015ee59f03f90e5

Request headers

Referer: https://www.tinthethao.com.vn/templates/themes/css/style.css?v=2.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 15 Feb 2021 17:50:28 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2020 15:56:19 GMT
Server: PEN PEN/1.9.15, tinthethao.com.vn
ETag: W/"5eca9923-11cc"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, max-age=31536000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 105ms
33ms XHR
text/javascript 188.40.114.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42836:uniques_instantly[url:%2F,domain:www.tinthethao.com.vn,page:TinTheThao.com.vn%20-%20Tin%20t%E1%BB%A9c,language:vi,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36,device:desktop,browser_version:Other%2083,browser:Other,depth:1,user_type:new,user_id:ac512cf8b.561f7eaaa_1613411427970,session_id:2d6eb3ae4.48a93e67b_1613411427971,cdn_version:4]&s=99c8a858968e8e894cae48b0895d1f85&1613411427977
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/wssayomUPpbx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.5.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:28 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/uniques/ 33 B
559 B 120ms
49ms Script
text/html 188.40.114.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/uniques/?current=15&holding=093b8ead5768db6b1a7afa2ba99ed05c&hash_user=ac512cf8b.561f7eaaa_1613411427970&1613411427978
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/wssayomUPpbx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.5.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: 166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:28 GMT
Server: nginx
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 33
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 119ms
45ms XHR
text/javascript 188.40.114.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42836:visits_instantly[url:%2F,domain:www.tinthethao.com.vn,page:TinTheThao.com.vn%20-%20Tin%20t%E1%BB%A9c,language:vi,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36,device:desktop,browser_version:Other%2083,browser:Other,depth:1,user_type:new,user_id:ac512cf8b.561f7eaaa_1613411427970,session_id:2d6eb3ae4.48a93e67b_1613411427971,cdn_version:4]&s=99c8a858968e8e894cae48b0895d1f85&__io=ac512cf8b.561f7eaaa_1613411427970&1613411427982
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/wssayomUPpbx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.5.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:28 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 106ms
37ms XHR
text/javascript 188.40.114.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42836:pageviews[url:%2F,domain:www.tinthethao.com.vn,page:TinTheThao.com.vn%20-%20Tin%20t%E1%BB%A9c,language:vi,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36,device:desktop,browser_version:Other%2083,browser:Other,depth:1,user_type:new,user_id:ac512cf8b.561f7eaaa_1613411427970,session_id:2d6eb3ae4.48a93e67b_1613411427971,cdn_version:4]&s=99c8a858968e8e894cae48b0895d1f85&1613411427988
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/wssayomUPpbx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.5.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:28 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRHFZQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 1827
date: Mon, 15 Feb 2021 17:20:01 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 15 Feb 2021 19:20:01 GMT

GET
H2 200 R6zixFK+Eei17gpVuA4vVw.json Show response
entitlements.jwplayer.com/ 70 B
244 B 143ms
28ms XHR
application/json 152.199.22.243
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://entitlements.jwplayer.com/R6zixFK+Eei17gpVuA4vVw.json
Requested by: Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/bongda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C1D) /
Resource Hash: 58a14ba2e3e773324e8b8aeadcd988bdd177f68e6bf65c5fcdd339032e536e61

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 15:12:11 GMT
server: ECAcc (mil/6C1D)
age: 9497
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800, s-maxage=20880
accept-ranges: bytes
content-length: 75

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 325 KB
112 KB 60ms
40ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/bongda.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aad1cfaa43542e25f6a2959cc6fd270c103e4b8346a4130292019f5922332998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114573
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:28 GMT

GET
H2

200

AwMtC3La-120.vtt Show response
assets-jpcust.jwpsrv.com/strips/
Redirect Chain

https://cdn.jwplayer.com/strips/AwMtC3La-120.vtt
https://assets-jpcust.jwpsrv.com/strips/AwMtC3La-120.vtt

918 B
509 B

9ms
8ms

XHR
text/vtt

2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-jpcust.jwpsrv.com/strips/AwMtC3La-120.vtt
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d061263c3ecef282e0bc18216d7cc5018e60081705a095ff4a460c8198a0c2d1

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
age: 779
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 203
x-served-by: cache-bwi5147-BWI, cache-hhn4054-HHN
access-control-allow-origin: *
last-modified: Sun, 14 Feb 2021 22:11:18 GMT
server: nginx
x-timer: S1613411428.191653,VS0,VE1
etag: "e62d66cffda20463e9fe058e3c615a2e"
vary: Accept-Encoding
content-type: text/vtt
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 1, 1

Redirect headers

date: Mon, 15 Feb 2021 17:48:38 GMT
via: 1.1 7cfba11baf6016eafce83142b99c8ff8.cloudfront.net (CloudFront)
server: openresty
age: 110
location: https://assets-jpcust.jwpsrv.com/strips/AwMtC3La-120.vtt
x-cache: Hit from cloudfront
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: PRG50-C1
content-length: 178
x-amz-cf-id: pAlq7RScMocNCjgR69__dSU-wTy2mf7YnrufblVvf_Pycb-QB__KLQ==

GET
H2 200 related.js Show response
ssl.p.jwpcdn.com/player/v/8.18.4/ 106 KB
24 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.18.4/related.js
Requested by: Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/bongda.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e09b68632588396c28cfadd6fda5f86b0bd0e0119c955ea0ba8121c34c0fa37

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
age: 1497771
x-cache: HIT
content-length: 24438
via: 1.1 varnish
x-served-by: cache-hhn4052-HHN
last-modified: Fri, 15 Jan 2021 21:39:11 GMT
server: AmazonS3
x-timer: S1613411428.117727,VS0,VE0
etag: "3444ba72502987ef98fe56e85bec1ecd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 733676

POST
H/1.1 200
OK index.wsgi
perf.dugout.com/api/ 0
347 B 149ms
50ms Other
application/json 34.243.35.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://perf.dugout.com/api/index.wsgi
Requested by: Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/bongda.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.35.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-35-122.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 15 Feb 2021 17:50:28 GMT
Server: Apache/2.4.29 (Ubuntu)
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
Content-Length: 0

POST
H/1.1 200
OK index.wsgi
perf.dugout.com/api/ 0
347 B 166ms
43ms Other
application/json 34.243.35.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://perf.dugout.com/api/index.wsgi
Requested by: Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/bongda.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.35.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-35-122.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 15 Feb 2021 17:50:28 GMT
Server: Apache/2.4.29 (Ubuntu)
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
Content-Length: 0

GET
H2

200

dcm4cf32-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

https://cdn.jwplayer.com/v2/media/AwMtC3La/poster.jpg?width=720
https://assets-jpcust.jwpsrv.com/thumbnails/dcm4cf32-720.jpg

57 KB
57 KB

8ms
7ms

Image
image/jpeg

2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/thumbnails/dcm4cf32-720.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2c117decc1d8a284b837d08ab7b3215cab65d09848baa1a03beebd69d7b74074

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
age: 548
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 57703
x-served-by: cache-bwi5124-BWI, cache-hhn4052-HHN
access-control-allow-origin: *
last-modified: Sun, 14 Feb 2021 22:11:18 GMT
server: nginx
x-timer: S1613411428.191344,VS0,VE1
etag: "09013579eab46665a62bd2f2d32b1f30"
vary: Accept-Encoding
content-type: image/jpeg
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 1, 1

Redirect headers

date: Mon, 15 Feb 2021 17:47:56 GMT
via: 1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront)
server: openresty
age: 152
location: https://assets-jpcust.jwpsrv.com/thumbnails/dcm4cf32-720.jpg
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-cache: Hit from cloudfront
x-amz-cf-pop: PRG50-C1
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
content-length: 0
x-amz-cf-id: GRRPge2dli0uBJENrYQnTI-7PFY2nvsoVW8GgUS2h6VtgKqmTqtbCw==

GET
BLOB 206
Partial Content 16da002a-cb40-4d8e-92a1-01151e50b8ab
https://www.tinthethao.com.vn/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tinthethao.com.vn/16da002a-cb40-4d8e-92a1-01151e50b8ab
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 1370 46 KB
19 KB 38ms
25ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-80588940-15

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 1827
date: Mon, 15 Feb 2021 17:20:01 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 15 Feb 2021 19:20:01 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
192 B 28ms
12ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=77605875&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&ul=en-us&de=UTF-8&dt=TinTheThao.com.vn%20-%20Tin%20t%E1%BB%A9c&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1291207470&gjid=2127758700&cid=686921060.1613411428&tid=UA-47573206-1&_gid=1428409089.1613411428&_r=1&gtm=2wg230WRHFZQN&z=2006565845

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tinthethao.com.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 51ms
29ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tinthethao.com.vn

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 53ms
29ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tinthethao.com.vn

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 184 KB
56 KB 1079ms
1047ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1962937288070972&correlator=2889672746439624&output=ldjh&impl=fifs&eid=21068773%2C21068891%2C31060146&vrg=2021021001&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210215&iu_parts=424536528%2C1400157_tinthethao.com.vn_pc_ld1%2C1270588_tinthethao.com.vn_300x250_AdX%2C1401423_tinthethao.com.vn_PC_MR2%2C1400153_tinthethao.com.vn_pc_mr3%2C1400163_tinthethao.com.vn_pc_hp1%2C1400165_tinthethao.com.vn_pc_hp2%2C1400159_tinthethao.com.vn_pc_ld2%2C1400162_tinthethao.com.vn_pc_ld3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250%2C300x600%2C300x600%2C728x90%2C728x90&cust_params=Topic_ID%3D%26Page%3DHomepage&cookie_enabled=1&bc=31&abxe=1&lmt=1613411428&dt=1613411428247&dlt=1613411426521&idt=1676&frm=20&biw=1600&bih=1200&oid=3&adxs=225%2C1075%2C1075%2C1075%2C1075%2C1075%2C225%2C225&adys=916%2C118%2C376%2C1929%2C657%2C2179%2C1457%2C2439&adks=3936664330%2C1378114590%2C1927958951%2C2222888496%2C2278927287%2C587447584%2C1970284155%2C2403303699&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=830x90%7C300x250%7C300x250%7C300x250%7C300x600%7C300x600%7C830x90%7C830x90&msz=830x-1%7C300x-1%7C300x-1%7C300x-1%7C300x-1%7C300x-1%7C830x-1%7C830x-1&ga_vid=686921060.1613411428&ga_sid=1613411428&ga_hid=77605875&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=830%2C300%2C300%2C300%2C300%2C300%2C830%2C830

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

6a03aa20c736b63c5e4e4964d00495c022b76f7a6bdc283f1014f06bfecd089b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57006
x-xss-protection: 0
google-lineitem-id: -1,5532625159,-1,-1,-1,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138329735276,-1,-1,-1,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tinthethao.com.vn
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 48ms
15ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060146
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 24ms
5ms Other
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060146
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 148 KB
49 KB 708ms
679ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

d4e9198352fbd31bea1281d71242cb6d7ead832aba9dc03e0c2ee2b297298108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49119
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tinthethao.com.vn
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
450 B 41ms
14ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-47573206-1&cid=686921060.1613411428&jid=1291207470&gjid=2127758700&_gid=1428409089.1613411428&_u=YEBAAEAAAAAAAC~&z=409777748

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 15 Feb 2021 17:50:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.tinthethao.com.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 37ms
37ms XHR
text/javascript 188.40.114.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42514:uniques_holding&s=99c8a858968e8e894cae48b0895d1f85&__io=ac512cf8b.561f7eaaa_1613411427970&1613411428298
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/wssayomUPpbx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.5.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:28 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3-Q050 200 bridge3.440.1_vi.html Show response
imasdk.googleapis.com/js/core/ Frame 6F88 577 KB
189 KB 32ms
18ms Document
text/html 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

755af32ee858e1c11ee9e1e81e29655ab3f14f6f2f0411366493e00fb54922e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.440.1_vi.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tinthethao.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tinthethao.com.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193052
date: Fri, 12 Feb 2021 04:50:40 GMT
expires: Sat, 12 Feb 2022 04:50:40 GMT
last-modified: Fri, 12 Feb 2021 01:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 305988
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 26 KB
11 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10523
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:28 GMT

GET
H2 200 AwMtC3La.m3u8 Show response
cdn.jwplayer.com/manifests/ 2 KB
851 B 26ms
25ms XHR
application/vnd.apple.mpegurl 2600:9000:2127:ac00:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/manifests/AwMtC3La.m3u8
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.18.4/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:ac00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 9f42657eddfb2078f946db4672ac089931aa8a55587ad36578b271361ae19ab4

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:49:58 GMT
content-encoding: gzip
server: openresty
age: 30
x-cache: Hit from cloudfront
content-type: application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, max-stale=180
x-amz-cf-pop: PRG50-C1
content-length: 482
via: 1.1 7cfba11baf6016eafce83142b99c8ff8.cloudfront.net (CloudFront)
x-amz-cf-id: ap1AcWKvOgB2D0XTVVEWpc2xv04K5ZNQ4EIAmATZgOrC7H7UC_gcbA==
expires: Mon, 15 Feb 2021 17:59:58 GMT

GET
H2 200 6gIrlXhn.png
assets-jpcust.jwpsrv.com/watermarks/ 3 KB
3 KB 6ms
6ms Image
image/png 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/watermarks/6gIrlXhn.png
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e1a94715be582708ec5e6fa222cb6542b797ddec6d07cfb17db69a8ab734c885

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
age: 832
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 2463
x-served-by: cache-bwi5147-BWI, cache-hhn4052-HHN
access-control-allow-origin: *
last-modified: Wed, 17 Jun 2020 15:27:03 GMT
server: nginx
x-timer: S1613411428.346772,VS0,VE0
etag: "b8064706f1589298eccb44c8db8524ae"
vary: Accept-Encoding
content-type: image/png
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 1, 163

GET
H2 200 impl.20201112-29-RELEASE.js Show response
cdn.taboola.com/libtrc/ 448 KB
103 KB 27ms
26ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20201112-29-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/bongdavn-tinthethao/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 2fa17f015cf277da3cb447f44056e23f82f0dcee8cdd706932b4c16041a75d7a

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: jmdcqaEUbTRoDwh2YZWduS8kIcIiX.7_
content-encoding: br
etag: "6661a58633cc5ba5057fd5c86acb9b17"
age: 22169
x-cache: HIT
content-length: 105222
x-amz-id-2: GHD/VGnCGKUEGMMVTA1p5U1Js0XvmJE7srIhHrjaQPP9J77dvWRdkVlSR9buiq+UozELVQ/5ZqQ=
x-served-by: cache-hhn11557-HHN
last-modified: Thu, 12 Nov 2020 21:32:22 GMT
server: AmazonS3-br
x-timer: S1613411428.377476,VS0,VE0
date: Mon, 15 Feb 2021 17:50:28 GMT
vary: Accept-Encoding
x-amz-request-id: 630EC3422C67E90D
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 4
x-cache-hits: 193

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 86ms
27ms Script
application/x-javascript 2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/bongdavn-tinthethao/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Tue, 16 Feb 2021 17:50:28 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ Frame 1370 2 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1659437635&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&dp=%2Fbongda%2F&ul=en-us&de=UTF-8&dt=AOP&sd=24-bit&sr=1600x1200&vp=&je=0&_u=gCCAAUABAAAAAC~&jid=1531798221&gjid=1471341275&cid=686921060.1613411428&tid=UA-80588940-15&_gid=1428409089.1613411428&_r=1&cd1=s&gtm=2ou230&z=803451530

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tinthethao.com.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
283 B 32ms
31ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-47573206-1&cid=686921060.1613411428&jid=1291207470&_u=YEBAAEAAAAAAAC~&z=1915219496

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 55ms
29ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-47573206-1&cid=686921060.1613411428&jid=1291207470&_u=YEBAAEAAAAAAAC~&z=1915219496

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AwMtC3La-31852314.mp4.m3u8 Show response
videos-cloudflare.jwpsrv.com/content/conversions/pLhE9KGt/videos/ 449 B
1 KB 88ms
70ms XHR
application/x-mpegurl 2606:4700::6812:da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-cloudflare.jwpsrv.com/content/conversions/pLhE9KGt/videos/AwMtC3La-31852314.mp4.m3u8?token=602ade76_2b84d5fdf8bec1022e03a9baec4b17fad9dd52d9
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.18.4/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddc17c931470859dfa899364e3a7789f0dd7561ed79614ba13e8b825b21695ee

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:28 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
x-backend: https://s3-external-1.amazonaws.com
age: 48486
x-cache: HIT, HIT
fastly-stats: otfp=1
cf-request-id: 084869c0430000175a6c2e9000000001
x-served-by: cache-bwi5165-BWI, cache-fra19132-FRA
server: cloudflare
x-timer: S1613362943.794074,VS0,VE1
etag: W/"fKrJ_qJ7FbltZVzsRNyFBPSjicjT7rqR3jlLYqjLkEaScL3f-nOGhZkU8XKbeDJpmbaoATBo0Go2zkuJ5GKx_iX1cg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-mpegurl
access-control-allow-origin: *
cf-ray: 6220df139b42175a-FRA
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ Frame 1370 4 B
428 B 41ms
15ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-80588940-15&cid=686921060.1613411428&jid=1531798221&gjid=1471341275&_gid=1428409089.1613411428&_u=gCCAAUAAAAAAAC~&z=999902062

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 15 Feb 2021 17:50:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.tinthethao.com.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ Frame 1370 42 B
261 B 30ms
30ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-80588940-15&cid=686921060.1613411428&jid=1531798221&_u=gCCAAUAAAAAAAC~&z=1992068916

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ Frame 1370 42 B
483 B 59ms
44ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-80588940-15&cid=686921060.1613411428&jid=1531798221&_u=gCCAAUAAAAAAAC~&z=1992068916

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AwMtC3La-31852314.mp4-1.ts Show response
videos-cloudflare.jwpsrv.com/content/conversions/pLhE9KGt/videos/ 235 KB
236 KB 29ms
29ms XHR
video/mp2t 2606:4700::6812:da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-cloudflare.jwpsrv.com/content/conversions/pLhE9KGt/videos/AwMtC3La-31852314.mp4-1.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.18.4/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cae3b3f2b233ba32ba6dbcf88e29b72ed608cc9386e9c30480c9f931cf414ff

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:28 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
x-backend: https://s3-external-1.amazonaws.com
age: 48485
x-cache: HIT, HIT
fastly-stats: otfp=1
content-length: 241016
cf-request-id: 084869c0c80000175a00814000000001
x-served-by: cache-bwi5144-BWI, cache-fra19120-FRA
access-control-allow-origin: *
server: cloudflare
x-timer: S1613362943.212083,VS0,VE1
etag: "8vURJz8kVKPPtOV_nuRHj1fQ3c7mGkGrqVGRfLYZ_tblQSl5Zp3lTvxLCIM6OfAU7KK1MvgnkQUnDKr6U-7W7ln6pQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: video/mp2t
x-fastly-otfp-info: ss=0.000 sl=4.000 vl=30.280 rs=320x180
accept-ranges: bytes
cf-ray: 6220df147d46175a-FRA
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1613411428557&ns_c=UTF-8&cv=3.5&c8=TinTheThao.com.vn%20-%20Tin%20t%E1%BB%A9c&c7=https%3A%2F%2Fwww.tinthethao.com.vn%2F&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1613411428557&ns_c=UTF-8&cv=3.5&c8=TinTheThao.com.vn%20-%20Tin%20t%E1%BB%A9c&c7=https%3A%2F%2Fwww.tinthethao.com.vn%2F&c9=&...

0
528 B

27ms
27ms

Image
text/plain

2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1613411428557&ns_c=UTF-8&cv=3.5&c8=TinTheThao.com.vn%20-%20Tin%20t%E1%BB%A9c&c7=https%3A%2F%2Fwww.tinthethao.com.vn%2F&c9=&cs_ak_ss=1
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:28 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1613411428557&ns_c=UTF-8&cv=3.5&c8=TinTheThao.com.vn%20-%20Tin%20t%E1%BB%A9c&c7=https%3A%2F%2Fwww.tinthethao.com.vn%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:28 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK feb4ec30-94b3-4409-b096-b83f493b04e9
https://www.tinthethao.com.vn/ 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tinthethao.com.vn/feb4ec30-94b3-4409-b096-b83f493b04e9
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b8ca1623acd98684d5e22a539cf1fc6d904cd32a9d5f76b0e1023695d6ad1db

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 62005
Content-Type: text/javascript

GET
H2 200 AwMtC3La-31852314.mp4-2.ts Show response
videos-cloudflare.jwpsrv.com/content/conversions/pLhE9KGt/videos/ 241 KB
242 KB 20ms
19ms XHR
video/mp2t 2606:4700::6812:da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-cloudflare.jwpsrv.com/content/conversions/pLhE9KGt/videos/AwMtC3La-31852314.mp4-2.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.18.4/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2600e99d77be0a3c0c4a654adfd43b3be06f7e6de54db1a5222ca2df93098d03

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:28 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
x-backend: https://s3-external-1.amazonaws.com
age: 48482
x-cache: HIT, HIT
fastly-stats: otfp=1
content-length: 247032
cf-request-id: 084869c1120000175a6c2fa000000001
x-served-by: cache-bwi5168-BWI, cache-fra19175-FRA
access-control-allow-origin: *
server: cloudflare
x-timer: S1613362946.116413,VS0,VE1
etag: "7IIA_r4FCFuG5zA7xRbUDqnerGJZ6TiyR2sdWbW9PRXdpsC62XWqTrtbxcWI2CGmi5ugd-ab1zVoLDeWwBhSCVp5yw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: video/mp2t
x-fastly-otfp-info: ss=4.000 sl=4.000 vl=30.280 rs=320x180
accept-ranges: bytes
cf-ray: 6220df14ee5e175a-FRA
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

POST
H/1.1 200
OK index.wsgi
perf.dugout.com/api/ 0
347 B 44ms
43ms Other
application/json 34.243.35.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://perf.dugout.com/api/index.wsgi
Requested by: Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/bongda.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.35.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-35-122.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 15 Feb 2021 17:50:28 GMT
Server: Apache/2.4.29 (Ubuntu)
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
Content-Length: 0

GET
H3-Q050 200 collect
www.google-analytics.com/ Frame 1370 35 B
122 B 6ms
6ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1659437635&t=event&ni=0&_s=2&dl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&dp=%2Fbongda%2F&ul=en-us&de=UTF-8&dt=AOP&sd=24-bit&sr=1600x1200&vp=&je=0&ec=plays&ea=play&_u=iCCAAUABAAAAAC~&jid=&gjid=&cid=686921060.1613411428&tid=UA-80588940-15&_gid=1428409089.1613411428&cd1=s&gtm=2ou230&z=1609249929

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 01:22:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 59249
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ Frame 1370 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1659437635&t=event&ni=0&_s=3&dl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&dp=%2Fbongda%2F&ul=en-us&de=UTF-8&dt=AOP&sd=24-bit&sr=1600x1200&vp=&je=0&ec=plays&ea=play&_u=iCCAAUABAAAAAC~&jid=&gjid=&cid=686921060.1613411428&tid=UA-80588940-15&_gid=1428409089.1613411428&cd1=s&gtm=2ou230&z=1882879539

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 01:22:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 59249
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK prefs2 Show response
api.dable.io/plugin/services/tinthethao.com.vn/ 584 B
961 B 1110ms
275ms Script
text/javascript 3.35.249.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/tinthethao.com.vn/prefs2?cached_uid=&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.35.249.226 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-35-249-226.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

288a77d469c1b48182f9f651a2eacd5c24e294ddfeb424be8e94ef1faa8fb0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"248-ah6mpiys+0XcskGbjm8g0fhoXq4"
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 347

GET
H2 200 antonio-rudiger-talks-fighting-for-his-chelsea-place-life-under-thomas-tuchel-and-facing-newcastle-215610jpg.jpg
media.tinthethao.com.vn/resize/172x118/files/bongda/2021/02/15/ 11 KB
11 KB 242ms
238ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/172x118/files/bongda/2021/02/15/antonio-rudiger-talks-fighting-for-his-chelsea-place-life-under-thomas-tuchel-and-facing-newcastle-215610jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 4dc9501fc7c3d995325efe579d708bd38c7eba9dd9e4fdc7ac8698c8a5f33984

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 15:56:54 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"602a99c6-17c7b"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 the-flash-xuat-hien-hang-thu-mu-vo-vun-va-nhung-hinh-anh-an-tuong-nhat-214734jpg.jpg
media.tinthethao.com.vn/resize/172x118/files/bongda/2021/02/15/ 11 KB
11 KB 242ms
239ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/172x118/files/bongda/2021/02/15/the-flash-xuat-hien-hang-thu-mu-vo-vun-va-nhung-hinh-anh-an-tuong-nhat-214734jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 4b7b4d87f414f0760e70f1ab82298dc30ca1e01752c77f1f368c20b7008053ea

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 14:55:14 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"602a8b52-1e283"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 3-dieu-rut-ra-sau-tran-west-brom-1-1-man-utd-solskjaer-da-qua-bao-thu-185200jpg.jpg
media.tinthethao.com.vn/resize/172x118/files/bongda/2021/02/15/ 7 KB
7 KB 241ms
238ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/172x118/files/bongda/2021/02/15/3-dieu-rut-ra-sau-tran-west-brom-1-1-man-utd-solskjaer-da-qua-bao-thu-185200jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: b2a4b0d954e5af56988ae5f9346629211ce3a3d2fb99a75b360d1acb30ef6c17

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 12:32:23 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"602a69d7-94be"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 chuyen-nhuong-15-02-172806jpg.jpg
media.tinthethao.com.vn/resize/172x118/files/bongda/2021/02/15/ 12 KB
13 KB 241ms
239ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/172x118/files/bongda/2021/02/15/chuyen-nhuong-15-02-172806jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 7f8fc8ff8bacccb5869b10a96a29a2508421c5d3f3c1f03a5a9b978c41541711

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 11:24:34 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"602a59f2-3f94d"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 man-utd-da-lo-ro-tu-huyet-can-buoc-vo-dich-mua-nay-201118jpg.jpg
media.tinthethao.com.vn/resize/172x118/files/bongda/2021/02/15/ 12 KB
12 KB 241ms
239ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/172x118/files/bongda/2021/02/15/man-utd-da-lo-ro-tu-huyet-can-buoc-vo-dich-mua-nay-201118jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: a7985fd3c7165c368c96f0c2986d7bb358c9a45c171c773ef21a2c6dbeddc96a

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 13:11:19 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"602a72f7-15705"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 5-ung-vien-thay-the-jurgen-klopp-dan-dat-liverpool-155057jpg.jpg
media.tinthethao.com.vn/resize/172x118/files/bongda/2021/02/15/ 11 KB
11 KB 241ms
239ms Image
image/jpeg 103.90.220.90
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tinthethao.com.vn/resize/172x118/files/bongda/2021/02/15/5-ung-vien-thay-the-jurgen-klopp-dan-dat-liverpool-155057jpg.jpg
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.90 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: PEN PEN/1.9.15 /
Resource Hash: 21040973829f81a2e5fbbf8cb5ec81f8a4f335e6995522722cb8162e913cd795

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Feb 2021 17:50:28 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 08:51:05 GMT
server: PEN PEN/1.9.15
age: 0
etag: W/"602a35f9-166bd"
vary: Accept-Encoding
x-cache: HIT from da09.vn07.swiftserve.com:443
content-type: image/jpeg
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
alt-svc: h2="85.217.188.5:443"; ma=900
expires: Wed, 17 Mar 2021 17:50:28 GMT

GET
H2 200 AwMtC3La-31852314.mp4-3.ts Show response
videos-cloudflare.jwpsrv.com/content/conversions/pLhE9KGt/videos/ 241 KB
242 KB 23ms
23ms XHR
video/mp2t 2606:4700::6812:da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-cloudflare.jwpsrv.com/content/conversions/pLhE9KGt/videos/AwMtC3La-31852314.mp4-3.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.18.4/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0643bc9da1b3a8a07e3d923c8a9d5d991daf16f4f43b620e7cb705d56009a2a

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:28 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
x-backend: https://s3-external-1.amazonaws.com
age: 48480
x-cache: HIT, HIT
fastly-stats: otfp=1
content-length: 247032
cf-request-id: 084869c1d00000175a618a6000000001
x-served-by: cache-bwi5137-BWI, cache-fra19177-FRA
access-control-allow-origin: *
server: cloudflare
x-timer: S1613362948.063380,VS0,VE1
etag: "XBeSr-20-_cp_LesZKG618RiXzbMuCcvFjYgHsfpcsdoNYgOE0UqVx3YxHOFj3NC2dOYoUD-U6QM8lYqz8ZCN35rFA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: video/mp2t
x-fastly-otfp-info: ss=8.000 sl=4.000 vl=30.280 rs=320x180
accept-ranges: bytes
cf-ray: 6220df161977175a-FRA
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

GET
H2 200 AwMtC3La-31852314.mp4-4.ts Show response
videos-cloudflare.jwpsrv.com/content/conversions/pLhE9KGt/videos/ 206 KB
206 KB 46ms
46ms XHR
video/mp2t 2606:4700::6812:da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-cloudflare.jwpsrv.com/content/conversions/pLhE9KGt/videos/AwMtC3La-31852314.mp4-4.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.18.4/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59d3666fcf3accd1ff581a9a5d3b0b3c98dcb58ba34615f43f63de7f04175578

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:28 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
x-backend: https://s3-external-1.amazonaws.com
age: 48479
x-cache: HIT, HIT
fastly-stats: otfp=1
content-length: 210936
cf-request-id: 084869c2050000175a1f189000000001
x-served-by: cache-bwi5171-BWI, cache-fra19145-FRA
access-control-allow-origin: *
server: cloudflare
x-timer: S1613362950.666115,VS0,VE1
etag: "dLn2-qOsdJtp1GEbEF2iRgE7bzW2iMXnzl1ssDdHDlbKdBDkVPIlXb3Los5Z4S85GVJVfJ4ZrG3QfhEGJsYUi-4B2A"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: video/mp2t
x-fastly-otfp-info: ss=12.000 sl=4.000 vl=30.280 rs=320x180
accept-ranges: bytes
cf-ray: 6220df166a50175a-FRA
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

GET
H2 200 AwMtC3La-31852314.mp4-5.ts Show response
videos-cloudflare.jwpsrv.com/content/conversions/pLhE9KGt/videos/ 218 KB
218 KB 30ms
29ms XHR
video/mp2t 2606:4700::6812:da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-cloudflare.jwpsrv.com/content/conversions/pLhE9KGt/videos/AwMtC3La-31852314.mp4-5.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.18.4/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2affeb3b55470c2ae097bd24d99a147b3f4f15e5dae11791ca65fbb56a7f588

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:28 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
x-backend: https://s3-external-1.amazonaws.com
age: 48477
x-cache: HIT, HIT
fastly-stats: otfp=1
content-length: 222968
cf-request-id: 084869c2400000175a618b4000000001
x-served-by: cache-bwi5177-BWI, cache-fra19170-FRA
access-control-allow-origin: *
server: cloudflare
x-timer: S1613362951.003406,VS0,VE1
etag: "a68TVVxCjbLMm3SIpUNVGDStL-XbboTdL_62ot9E_tkdyThKUyomiFPui3mxS8gM7MyW4ay0Z17PS3Y--7WI1K2lfQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: video/mp2t
x-fastly-otfp-info: ss=16.000 sl=4.000 vl=30.280 rs=320x180
accept-ranges: bytes
cf-ray: 6220df16cb8e175a-FRA
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

GET
H2 200 AwMtC3La-31852314.mp4-6.ts Show response
videos-cloudflare.jwpsrv.com/content/conversions/pLhE9KGt/videos/ 247 KB
248 KB 22ms
22ms XHR
video/mp2t 2606:4700::6812:da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-cloudflare.jwpsrv.com/content/conversions/pLhE9KGt/videos/AwMtC3La-31852314.mp4-6.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.18.4/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 695c8e89ab595e79ba710cf65ca87055fbe9f88f2ae142fdd8a522e75608d968

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:28 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
x-backend: https://s3-external-1.amazonaws.com
age: 48476
x-cache: HIT, HIT
fastly-stats: otfp=1
content-length: 253048
cf-request-id: 084869c2690000175a618ba000000001
x-served-by: cache-bwi5149-BWI, cache-fra19130-FRA
access-control-allow-origin: *
server: cloudflare
x-timer: S1613362952.277559,VS0,VE1
etag: "lpi0OFrEU656IBAmJkF0gdBRrRgJBpYdgmYLsm3lsorHhSc06lWf1xeJ_NoIuK-Dbxpe1ytpnMhnS6wlUwxvrLvI_A"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: video/mp2t
x-fastly-otfp-info: ss=20.000 sl=4.000 vl=30.280 rs=320x180
accept-ranges: bytes
cf-ray: 6220df170c68175a-FRA
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

GET
H3-Q050 200 container.html Show response
0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 4F4B 6 KB
3 KB 37ms
22ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tinthethao.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tinthethao.com.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Mon, 15 Feb 2021 17:50:28 GMT
expires: Tue, 15 Feb 2022 17:50:28 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 container.html Show response
0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 7489 6 KB
3 KB 29ms
21ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tinthethao.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tinthethao.com.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Mon, 15 Feb 2021 17:50:28 GMT
expires: Tue, 15 Feb 2022 17:50:28 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 container.html Show response
0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 40E2 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tinthethao.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tinthethao.com.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Mon, 15 Feb 2021 17:50:28 GMT
expires: Tue, 15 Feb 2022 17:50:28 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 63ms
48ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960672666234"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28344
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:29 GMT

GET
H2 200 AwMtC3La-31852314.mp4-7.ts Show response
videos-cloudflare.jwpsrv.com/content/conversions/pLhE9KGt/videos/ 191 KB
192 KB 27ms
27ms XHR
video/mp2t 2606:4700::6812:da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-cloudflare.jwpsrv.com/content/conversions/pLhE9KGt/videos/AwMtC3La-31852314.mp4-7.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.18.4/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cea231eeb5e4be804f2331132480409aa44257df0f5ccceb32f4a432556aa1d6

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:29 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
x-backend: https://s3-external-1.amazonaws.com
age: 48476
x-cache: HIT, HIT
fastly-stats: otfp=1
content-length: 195896
cf-request-id: 084869c2c60000175a6c328000000001
x-served-by: cache-bwi5127-BWI, cache-fra19131-FRA
access-control-allow-origin: *
server: cloudflare
x-timer: S1613362954.596332,VS0,VE1
etag: "O5qVbzeBweoUmjM1y08LcSshC47bvX-j5p2533XMNavMbF3LZrgTuU1ICcWOSN1ppI5hBqH8uRJMJ8OFZEhGjZo8dA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: video/mp2t
x-fastly-otfp-info: ss=24.000 sl=4.000 vl=30.280 rs=320x180
accept-ranges: bytes
cf-ray: 6220df17ade7175a-FRA
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 280E 510 B
517 B 60ms
29ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJ7_-ZYBMAE&v=APEucNVlYOqG7dSUWV_-ge2ob1ZlZvcrqNyMTw8oPHaVHPTmnXbNuJFemYApzWwQ7Cw9i5taIsO_Iuy7tQUptB9qc6K0s3QL1g

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ec204561656bab028c2fb1d77312a95e26333f39b4a2a274049423f023acf5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLzpFBCs1o4CGJ7_-ZYBMAE&v=APEucNVlYOqG7dSUWV_-ge2ob1ZlZvcrqNyMTw8oPHaVHPTmnXbNuJFemYApzWwQ7Cw9i5taIsO_Iuy7tQUptB9qc6K0s3QL1g
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 15 Feb 2021 17:50:29 GMT
server: cafe
cache-control: private
content-length: 236
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUlY7tJZHe2n3Ameagdh_5Q646ofdLUXf1oc0x-IIUfVEp0iK7XdLNqroVgU; expires=Sat, 12-Mar-2022 17:50:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 15 Feb 2021 17:50:29 GMT

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 7489 18 KB
8 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1709
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 10747045913157086108
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:22:00 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/elements/html/ Frame 7489 5 KB
2 KB 41ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d40e445084a94c08c165cf83b0b538d97729c72b41d21a4cf2bb11c9185b64e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 16:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 2207
x-xss-protection: 0
server: cafe
etag: 615008709056058855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 16:46:29 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7489 0
56 B 128ms
67ms Other
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstX-OpGn1pLuUjj3sMm_bRj2VmxTYT6xOAmuaGU4YEozHB8WDplO-D_E-PzU-HfADjvQFSs8P90pRiQ24KpgP3xnW8h9uLNeMO7U9sejrjvGBWb3y4bz1wIlMC55Qzue59E7BzouhY8ULr8w_jI9_nPVTWefCcl7I1oFlNRnxZCy7DQS7eMn9_iVa3d9MuecoEHlNKmvJEKyieLA2M79oRXgdNe3AXnK4X1UlwyR-zfKLbajy5t2kZnFpJtJwiN_14rZ0lQ0UMYPrBv42sr0sAO2dme9O63Zj9V7RkDNYMoNL8XkBagKPvPe5aaAN3nEhJmNCg_tqPaKJUnmmA8Jb71gOWfQmv51E2y-NlZT3RjcgY9-xz5dVbUpemTrzpr7DqD1SEus6T67CZbVUe57vP9ciRjVWZLKLqE8EHISyw7WD-lygCIu5qftdNiUU-bHrC18MkdV9vRUs-nueVRAcA_CmEkCxUMHA9Xe4Y-Z16yYMiO_bZLGXEWYFztdX5yC_exvQt7i5u2qx_iPLZ2MCFOm7KMCYldQwtfsVCxTpWRPrkLYiwKLbwi9OecK75r4muacjZWskVX8Nbm_du_doEBRfSwpsmbwUf9nYn7_A7sVZH90CBUDtzd08s3sanTREBocbbneOeWAqQapEQR-5rrP_m_-FkEdP9KEorTswo9wvdnRZ3XoZrQWXvsG7dha_yUCd9OGdJCh_lu3HLfZxltMeaZsZOVrP-DGFJ2Orq4v0rBwUZrNFfgBQ0VsKKl4p6KyNh0oBKb3nxzi-Isorrv4_tATN4d75yjk5W1nJoMgaTGlj9gX8uyHoeFpkqIKOWprOzpU1EDS5-Amz_AzbQXEt0fM1f7TyMQEudeqZfuUtumPMwbcRZYENEdSTkRLHdVeMVrX5n1peZZ8rHPbzGr5t0pbWzlHOaZ5sMHh4skz8k7BUMa7V2wjeyMD_Dkldq4wi6puFDfWeGnW2gPZmwCfHsxuMf7ZBXwi9QK8Pnhzkiw0WRzMY1rpunVU2szm2lNDEINcMTQRHxSmtFL1CuOVtXpiWNfITNiXMa8i-dqzDNns7z-twSOuhR92hMBxmDkGjy63nHPZXPU9Ujv4E3EpU0C-Szktn0jSdmNiYI0n6gSCetzAAfos7d5s1jP3OmOgMSz9EraYJf3ryg&sai=AMfl-YRcMxGg6Bkxik9qrd4Y1VyYPc6t9nU6Kw1HErATIWB55JGWpkyhLaB6AuADDHZvWCNKFxLqdrZyEFyQHDX1Kg47mC96nQAugRm-ewN2XkA52YL1ddMH62rb_Fk9BSsSfpZBhHmpBSy-xYa4Xma2iSYGfTaM0k5ElBI-zETpi0S5BGwKrsmkWkZ9DLWDzOiihZyRNnHg1XNxsYccN9khs5u3nNHYonklISJtcKBVqD4N7cKmGWvqi9cP92OqIewPwzW6HRBDCJl05D0BsPCs7fQjSDe_dbL1YTlu3zH_2AU1MSZAwNOqxV-AzLIaRDbMMM93xtnW1F6i0YJ7Kp6PCG6NXKNHYVuzYwTRKw8yiuhvICs7qVZIXhQbp_SmYH00jIniJwUs&sig=Cg0ArKJSzGZpDPpsUtPTEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210211.29914&adurl=

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 15 Feb 2021 17:50:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7489 41 KB
15 KB 44ms
23ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 14:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10903
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Feb 2022 14:48:46 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7489 42 B
173 B 65ms
40ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A0dBN03E2vXYdnZKWACYt1LVsYBNQ8tDuDafRC-6xdAOsNIXbQWaUFnFSe7mE8atjBfMZUNG_mTwv5e3w0C9uehA2cxp0d0HSeT4BnN2yeFJNmOYk

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 7489 3 KB
2 KB 45ms
24ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:07:28 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7489 107 KB
33 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:29 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 7489 14 KB
6 KB 44ms
24ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:10:45 GMT

GET
H3-Q050 200 7968090554125081705
s0.2mdn.net/simgad/ Frame 7489 19 KB
19 KB 42ms
25ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7968090554125081705

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4120d98bdd02303d387b5869560b10a661da21a8a0fc1ae0c1ca7501826a9475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 08:58:59 GMT
x-content-type-options: nosniff
age: 550290
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19344
x-xss-protection: 0
last-modified: Fri, 20 Nov 2020 12:26:37 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 08:58:59 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B909 510 B
518 B 50ms
30ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJ7_-ZYBMAE&v=APEucNVy0pebbuwKxQiFVcB8IxaXQynWSdJUWBWsL9cCeQr0nbt4HiHbyHb12LrgSzyWQl2Ob1F6wrQOgapWiNEPui4l0xvWvg

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ec204561656bab028c2fb1d77312a95e26333f39b4a2a274049423f023acf5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLzpFBCs1o4CGJ7_-ZYBMAE&v=APEucNVy0pebbuwKxQiFVcB8IxaXQynWSdJUWBWsL9cCeQr0nbt4HiHbyHb12LrgSzyWQl2Ob1F6wrQOgapWiNEPui4l0xvWvg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 15 Feb 2021 17:50:29 GMT
server: cafe
cache-control: private
content-length: 236
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUlSHMOiOuQQCQUhSA9eGutSp99lIhzwZeMjyFWc0g50iv3yo3ESumiPJ4X1; expires=Sat, 12-Mar-2022 17:50:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 15 Feb 2021 17:50:29 GMT

GET
H3-Q050 200 7968090554125081705
s0.2mdn.net/simgad/ Frame 4F4B 19 KB
19 KB 31ms
19ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7968090554125081705

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4120d98bdd02303d387b5869560b10a661da21a8a0fc1ae0c1ca7501826a9475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 08:58:59 GMT
x-content-type-options: nosniff
age: 550290
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19344
x-xss-protection: 0
last-modified: Fri, 20 Nov 2020 12:26:37 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 08:58:59 GMT

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 4F4B 18 KB
7 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1709
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 10747045913157086108
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:22:00 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/elements/html/ Frame 4F4B 5 KB
2 KB 32ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d40e445084a94c08c165cf83b0b538d97729c72b41d21a4cf2bb11c9185b64e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 16:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 2207
x-xss-protection: 0
server: cafe
etag: 615008709056058855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 16:46:29 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4F4B 0
730 B 113ms
66ms Other
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssC1MOXYbheLYc1a3vJcqTPbadnZicR_8aaSApX_pOXxlyih0ZuUbTBASn7WO59yImR1y3yxxJ3CoHhjsi1nnDTMjCprcxEpO2r6zHkfQOuH4wBq7M26snXRnC5kk2hsxepruW4-Z1nZTQ_aqxpvBKFiYzueT6GM2_DNSJNmAvTyoG1OiRFOaZNqOMpGcKxNdi4qXzMpUwzTjf3uVcn57EgcgrnT9_M2yhWYyW8S7T2oFtg5ObsyMZO1upDauKx4-tlXF3Lxq4F7_qFmS-0bIAnWcthYU2t0OqvFAEp1-Pb_Bzf119YfohLpELHVV8qmgW1gXCq6_GofOEFqThzq2SGIFfrEL-ey8ANmgh9CISVHgXM0lcJBoi8saf_km_pqfBCiuG7S1m9puYfYUH2mtO5Ghq5LCuyghG44vc8KnX2qA7iXchnqSEmfaRJXrLxDWnflgcvHYWtPlQLtSF-MdDUsr7Mh_V1Z2WChAu2wIlT17hwX8_0Bt6DBNK0cw48ZKnsBYwcnbsAmo6vGmbjsFsxA8nFzkKpj0WTpSUklOsXcMGdNJYP65umQtdXIqgMRUbn5pvixuTQ-CvWP8rCpdQZsyJI9S1FX1DAhyGGcSLMybc33RNbfto8Lv1rXLCBjvqmRY2ViBLjJ7C8SWKDdH-DVve49JxoY22wCyz_3CBRXkeBh6NaP5ut7QksSI9052YJqLFTGT1O2-0P9gzCmut0Sya4zVvopgHP3boJ95O6DtriLQVnAei-i6JzkQJELDnad1jzVJ_2x8KEKZDLh_c_zgyy1jBPaeHc3lII79QVYKHqodnAd2gp8ZXGIRpo_dGAQaN1EDMJtu57uyA5fjUFUd3EBSWhFFvEnJannthU3zgfmxgYeVi6aw3-8pUPet-rI3eBjmeCpL28i-v5wGcvmxs-UEGfCqUa17JRnefHDhlwO9TRnAbW0IL4PD1577CQEERrzNW8_oJurdRv3E0AniYLMRiZFmXsdAtgrtrYRvuFi2A66hZEt_8yNIrCvQ-XP2B7A2uoZGzfeahicqj5nd_1kkspPcShc_UGqzLcchWnpK_BU4YKr-PvIC1PeBCqVrQI-b-yJMrUm9nlldz9DyjISqhvbsfMZtmDQwmEWDb2wc_hN8f2SsIyb4Gw7FS8IcqN-zfuWZCLQWA&sai=AMfl-YSPJLH-FNsUOtwJDtZnoawWxnzt1V5bunr9yPcl4ORpuJUEFrd_toFtx9HOC4JuHV2YVQnW6IgF_o12jiu_qoi3J8T4wd3yec4xOL-3W-d264mtu6s7vj33CBPrc14NNoO3Slx4fUmeR1MjLLgbQiwQhFlY3BSSr_QB25Vw6QYK2nbqFWh5aQLDdjdUVTlqWzpGrcju0L4b0SzuqaujzsmjrvA9WVLokOCCxYcG6uEjUqLJItsLWs83HiraGS1Hwfixom8_1ukZrHh2_H9dudQZewFt3hrDKywnTOjihwFaThS5NtT_rwC3YrBlVyUy4IXqY4jWu-gMxNWroHgws0H2WKyVw9fIyMEK5pcdsExLS1699ziWPdlNLdnJM79w5cmGIti7&sig=Cg0ArKJSzCOIGT_NiXg5EAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=1&cisv=r20210211.34856&adurl=

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 15 Feb 2021 17:50:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4F4B 41 KB
15 KB 31ms
24ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 14:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10903
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Feb 2022 14:48:46 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F4B 42 B
107 B 51ms
38ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BXkGQFXj6-FuquFnqLWxqlBUxcdaRZdCiph7dmEsT7lLwCBw8b8cG1z7eZ0s9O3Y0GPWIzuybWbO-XYuPh3Vf3oU46EQRUKht-gnOAWsCfyLgq_qQ

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 4F4B 3 KB
2 KB 31ms
26ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:07:28 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F4B 107 KB
33 KB 48ms
42ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:29 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 4F4B 14 KB
6 KB 31ms
25ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:10:45 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 600A 510 B
1 KB 36ms
28ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJryqpcBMAE&v=APEucNXh4dxzs9YA_8mGaPANhL0Tp6dtV2SwIZIIDHrxjMo6pxIsc7kwJXXO0fWnzcVvM9fvqsBaK9SpsGQkCiC3LVbYzQlqDA

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ec204561656bab028c2fb1d77312a95e26333f39b4a2a274049423f023acf5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLzpFBCs1o4CGJryqpcBMAE&v=APEucNXh4dxzs9YA_8mGaPANhL0Tp6dtV2SwIZIIDHrxjMo6pxIsc7kwJXXO0fWnzcVvM9fvqsBaK9SpsGQkCiC3LVbYzQlqDA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 15 Feb 2021 17:50:29 GMT
server: cafe
cache-control: private
content-length: 236
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUkpibFqYUWOL87McdDgl-tuPf6vG3Ud1Z078IRRlLCJRZp3b5V7uGaaXyWX; expires=Sat, 12-Mar-2022 17:50:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 15 Feb 2021 17:50:29 GMT

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 40E2 18 KB
7 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1709
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 10747045913157086108
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:22:00 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/elements/html/ Frame 40E2 5 KB
2 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d40e445084a94c08c165cf83b0b538d97729c72b41d21a4cf2bb11c9185b64e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 16:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 2207
x-xss-protection: 0
server: cafe
etag: 615008709056058855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 16:46:29 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 40E2 0
56 B 103ms
68ms Other
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvxjbFzETin-wIZNwLeRGvdHBFzqz9Loia51sLDZHkhFqaiHkzONPZzPkkS0So_dbfkYuI6JlrX2KZ7v7Aohqj8tIBQplcuj5dM9_BRom5gXI27K-PyYmL__hWy52HflJ9R4qFplg2N35axh7NpXVapi2IQg2aVgOovEcK-_wGzPLq7uoJbxaqmD8Ejko-nkqqIpebOrvsv9w2Qaz6LHwLP2uwLEmuNCp1xfEJI1bepWFPtSoXpYdhDVnrz_ratFEbafhqOJaW5uALlSEV1oVKsULsLao4qgH6SkVfZTzvF9iIUw_JG_uOXFaV5MiVl2qGPoqO9HmN8Y5sngmrUO9Ah5s70OE-a8WH2sNcnSr9iv6fs9IzCIMfbDO3mFgEbjglb_Si_uD7_z0e_g_rdNmxqvwtT470N9jSqUNxtB9Qhw4aPastuEbkKYWr4fATbVc1Lys3WhlwKGEzWTHyNy7iOuW92OAuC0EHXMLvcOrD_dvdik4_asBuxysTeRcZeqc-7YesDZvyBa28K1cFRrGL9e5s9k3VpWbStXRyz0katvj1U65FIH3rlrygIA3W44txLyVYnh2WNTidoF0rLwTB1Xsvdv1UktTrcCyEBR-273ldqhDXi7ld-69oqbkEc5z85-LA1lAlDIbTDhMzLUoLFIa1qkTys6n7OfAsfJBiBgQ3TUgsGEg3KNioMkQa_EOZi-otPLP9iMp9fnFQVaj25GFR6tC-pHAw1iAud1NTsJ6wXd6_KEVWo9od5SGeFIeoL7COT-PSMCI4-GViep19Eukw3GgF7yQNeO9LjD5bXlcvg3T6KVAVr4fwmCsUp8Js16IGV5dsosOI16wFVSeTBrzcAI1A8xXlyWNIeS4_DB7CxK0wamGtve5tUQIBLqpgcaGogDXKC7sLbq0IMJgUOLyEIdQWtNC9TnBfe4iwzQ4neOgviNlZvYszyiSPzrjgs7I4tJ31DQVuPrEJ25D7YhwLd1kPgSDsmq5almH72LkhwyRBbCOof_3eKTOrU4mVY1WXu-0QQiy-_Mb380xqneO1OOZe8ZI6oWYi1xLjFbmeDhw0DelCQNPCdf4_Ltl2J28lcdyFPAwyszYHCUG49bqGNjnIyYmsXZACYDajC45U9b5KrPcRDQyPWBAFSJcFq05RUA14PFt_X1qZJQIo1&sai=AMfl-YRI93XMl8pXOlHpxHyJbR_4_WrDkMXEzKmAemJ6C-ze53uuOp8jWSFZm3K-k_BRuH87kaGx28s9qw0-NddOpz_RXOsN2hCU6_3gp3aB9VnSqu0e9S_tEykzC_lqkm2-vVNt6VHJA5H7gku1PKGjaKZPYQU5WVapkuJZ4fU_BD9JHq3pNGSlCS4lbxPq6aweVyuoECbEDo98Ok1EGkqPzgMtHos-xJhpP30iJBA5AGyPy6Dlj-nDYjIxY1e1qs_VRBBE6j0g4uDI5St8dEew_-saeq0rKMxk2jkXQoL5nJarjO-AGhNT_aiIWWpu_X_Pj-Fj-p00nt2ltf7nAeSuwNL7FXsSTA57qwRsuKs_oWkRtYUBL6pvYf-0NBmkze8wsKNdCx2q&sig=Cg0ArKJSzCTgeDYPp64IEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210211.32493&adurl=

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 15 Feb 2021 17:50:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 40E2 41 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 14:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10903
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Feb 2022 14:48:46 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 40E2 42 B
107 B 41ms
39ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AXQ2j5X43w8TgMl2eGWQKLFuj_Y3SNGOG-Myw8Zl3RgK9eW84omtvS8GOqKp3nuZYMbSxV5stO4rBDgEKZ7x5HE4Em7vR5l1_V6LIulobTa3k4WXM

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 40E2 3 KB
2 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:07:28 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 40E2 107 KB
33 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:29 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 40E2 14 KB
6 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:10:45 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 40E2 0
0 23ms
22ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQG4wTj96pJzwb9t-CniJkBrKFVHEHj11L-bReYY3NpbM3S5ZD-3rlFMSIfK2Upk0NMIoTO
Requested by: Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 17533878309764033167
s0.2mdn.net/simgad/ Frame 40E2 16 KB
16 KB 17ms
15ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17533878309764033167

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64c9148829e9919ccefb53d2bf70db17c7566b53f8daa05abb35b3d06a633800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 22:33:54 GMT
x-content-type-options: nosniff
age: 414995
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15934
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 10:21:22 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 22:33:54 GMT

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4F4B 0
223 B 43ms
42ms Other
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame 40E2 0
22 B 43ms
42ms Other
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7489 0
22 B 44ms
43ms Other
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7489 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13322430228da8f3fdafb63d4930e4daca96f3eed9531b6b34d29f73875d1248

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4F4B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9930ca0b4f506945202556e1c0fe27bf63a3672223d25ece7012241504d7f5c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A73D 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 15 Feb 2021 14:48:46 GMT
expires: Tue, 15 Feb 2022 14:48:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10903
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1F3B 22 KB
8 KB 6ms
5ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 15 Feb 2021 14:48:46 GMT
expires: Tue, 15 Feb 2022 14:48:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10903
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5259 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 15 Feb 2021 14:48:46 GMT
expires: Tue, 15 Feb 2022 14:48:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10903
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 40E2 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ca2343e287df31a4fccca56313ecbd94d8d4b515f6954d8e4694ff3d7a4f30e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 container.html Show response
0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 9112 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tinthethao.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tinthethao.com.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Mon, 15 Feb 2021 17:50:28 GMT
expires: Tue, 15 Feb 2022 17:50:28 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6B54 0
0 60ms
59ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumqnvez4DyBBPpJSHDHoz7ttbyCftrAqKhW6VsjwdlQla7rNK8VGIObKwU61GMmWxmQa5w7OHVV6ZOFSrYYR6ca-eyUgxtdagSLU67r9WA7mBGIHNAlagv-lZOloP56_rAE723HAG8vzEIPylPA5ozDlfVehPTgR5RatMwbWrhsK-DLFatH4RbrVnjmJnlrtz4rkIN42cRkHuk5tZnbtAZflOnKkvl6lQfVyj3jDOkrferSQg-2VTQmFKNURnsPrdjGxxJRKbvbar2Tl25IsvlbZZMq97Nu2lKVItnr-ljWEsxmQFAQkurKAnpbnJQ8QV7qZB3AiGXEaM28XFdKxv9ovcBpmg&sai=AMfl-YSsKB5Btsm97-Co82-lOjPVp2jyJQyY6qN-BKAe7qOv3oE-Ol_SOCqqmDShsqS5IvNXkaUl-3VoBQFWYvNoc64nvmzi_sixT8fHfLrLyzGWBRG78B-Y625_aLOCvJQu&sig=Cg0ArKJSzNhKOR68R9HBEAE&urlfix=1&adurl=

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:29 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B54 107 KB
33 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:29 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 486ms
485ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1962937288070972&correlator=1977494051205103&output=ldjh&impl=fifs&adsid=NT&eid=21068773%2C21068891%2C31060146&vrg=2021021001&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210215&iu_parts=424536528%2C1270588_tinthethao.com.vn_300x250_AdX&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=1&prev_scp=geniee-upr%3Dprod&eri=1&cust_params=Topic_ID%3D%26Page%3DHomepage&cookie=ID%3De87848497c1e141a-221e5aaf78ba0026%3AT%3D1613411428%3AS%3DALNI_Mbe4-DCL-onmh0BSX1Kn-XdpUCZgg&bc=31&abxe=1&lmt=1613411429&dt=1613411429445&dlt=1613411426521&idt=1676&frm=20&biw=1600&bih=1200&oid=3&adxs=1075&adys=121&adks=1378114590&ucis=d&ifi=13&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=686921060.1613411428&ga_sid=1613411428&ga_hid=77605875&fws=4&ohw=300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

59dd470a8b8294ef5cce727f165283cc87a7adceb912ea0be74ff32ac931e583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8556
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tinthethao.com.vn
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 600A 170 B
232 B 38ms
34ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJryqpcBMAE&v=APEucNXh4dxzs9YA_8mGaPANhL0Tp6dtV2SwIZIIDHrxjMo6pxIsc7kwJXXO0fWnzcVvM9fvqsBaK9SpsGQkCiC3LVbYzQlqDA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJryqpcBMAE&v=APEucNXh4dxzs9YA_8mGaPANhL0Tp6dtV2SwIZIIDHrxjMo6pxIsc7kwJXXO0fWnzcVvM9fvqsBaK9SpsGQkCiC3LVbYzQlqDA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 600A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1&C=1

43 B
894 B

44ms
44ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJryqpcBMAE&v=APEucNXh4dxzs9YA_8mGaPANhL0Tp6dtV2SwIZIIDHrxjMo6pxIsc7kwJXXO0fWnzcVvM9fvqsBaK9SpsGQkCiC3LVbYzQlqDA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJryqpcBMAE&v=APEucNXh4dxzs9YA_8mGaPANhL0Tp6dtV2SwIZIIDHrxjMo6pxIsc7kwJXXO0fWnzcVvM9fvqsBaK9SpsGQkCiC3LVbYzQlqDA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 15 Feb 2021 17:50:29 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 15 Feb 2021 17:50:29 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 600A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_hm=YCq0ZaIjSqRWhfO7Y2KxQwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1

43 B
894 B

43ms
42ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJryqpcBMAE&v=APEucNXh4dxzs9YA_8mGaPANhL0Tp6dtV2SwIZIIDHrxjMo6pxIsc7kwJXXO0fWnzcVvM9fvqsBaK9SpsGQkCiC3LVbYzQlqDA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJryqpcBMAE&v=APEucNXh4dxzs9YA_8mGaPANhL0Tp6dtV2SwIZIIDHrxjMo6pxIsc7kwJXXO0fWnzcVvM9fvqsBaK9SpsGQkCiC3LVbYzQlqDA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 15 Feb 2021 17:50:29 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 280E 170 B
232 B 37ms
35ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJ7_-ZYBMAE&v=APEucNVlYOqG7dSUWV_-ge2ob1ZlZvcrqNyMTw8oPHaVHPTmnXbNuJFemYApzWwQ7Cw9i5taIsO_Iuy7tQUptB9qc6K0s3QL1g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJ7_-ZYBMAE&v=APEucNVlYOqG7dSUWV_-ge2ob1ZlZvcrqNyMTw8oPHaVHPTmnXbNuJFemYApzWwQ7Cw9i5taIsO_Iuy7tQUptB9qc6K0s3QL1g
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 280E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1&C=1

43 B
894 B

39ms
38ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJ7_-ZYBMAE&v=APEucNVlYOqG7dSUWV_-ge2ob1ZlZvcrqNyMTw8oPHaVHPTmnXbNuJFemYApzWwQ7Cw9i5taIsO_Iuy7tQUptB9qc6K0s3QL1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJ7_-ZYBMAE&v=APEucNVlYOqG7dSUWV_-ge2ob1ZlZvcrqNyMTw8oPHaVHPTmnXbNuJFemYApzWwQ7Cw9i5taIsO_Iuy7tQUptB9qc6K0s3QL1g
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 15 Feb 2021 17:50:29 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 15 Feb 2021 17:50:29 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 280E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_hm=YCq0ZaIjSqRWhfO7Y2KxQwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1

43 B
894 B

45ms
38ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJ7_-ZYBMAE&v=APEucNVlYOqG7dSUWV_-ge2ob1ZlZvcrqNyMTw8oPHaVHPTmnXbNuJFemYApzWwQ7Cw9i5taIsO_Iuy7tQUptB9qc6K0s3QL1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJ7_-ZYBMAE&v=APEucNVlYOqG7dSUWV_-ge2ob1ZlZvcrqNyMTw8oPHaVHPTmnXbNuJFemYApzWwQ7Cw9i5taIsO_Iuy7tQUptB9qc6K0s3QL1g
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 15 Feb 2021 17:50:29 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame B909 170 B
243 B 35ms
33ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJ7_-ZYBMAE&v=APEucNVy0pebbuwKxQiFVcB8IxaXQynWSdJUWBWsL9cCeQr0nbt4HiHbyHb12LrgSzyWQl2Ob1F6wrQOgapWiNEPui4l0xvWvg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJ7_-ZYBMAE&v=APEucNVy0pebbuwKxQiFVcB8IxaXQynWSdJUWBWsL9cCeQr0nbt4HiHbyHb12LrgSzyWQl2Ob1F6wrQOgapWiNEPui4l0xvWvg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B909
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1&C=1

43 B
894 B

37ms
36ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJ7_-ZYBMAE&v=APEucNVy0pebbuwKxQiFVcB8IxaXQynWSdJUWBWsL9cCeQr0nbt4HiHbyHb12LrgSzyWQl2Ob1F6wrQOgapWiNEPui4l0xvWvg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJ7_-ZYBMAE&v=APEucNVy0pebbuwKxQiFVcB8IxaXQynWSdJUWBWsL9cCeQr0nbt4HiHbyHb12LrgSzyWQl2Ob1F6wrQOgapWiNEPui4l0xvWvg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 15 Feb 2021 17:50:29 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 15 Feb 2021 17:50:29 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B909
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_hm=YCq0ZaIjSqRWhfO7Y2KxQwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1

43 B
894 B

44ms
38ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJ7_-ZYBMAE&v=APEucNVy0pebbuwKxQiFVcB8IxaXQynWSdJUWBWsL9cCeQr0nbt4HiHbyHb12LrgSzyWQl2Ob1F6wrQOgapWiNEPui4l0xvWvg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBCs1o4CGJ7_-ZYBMAE&v=APEucNVy0pebbuwKxQiFVcB8IxaXQynWSdJUWBWsL9cCeQr0nbt4HiHbyHb12LrgSzyWQl2Ob1F6wrQOgapWiNEPui4l0xvWvg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 15 Feb 2021 17:50:29 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMmrri2-h1NX6VRlINaEcY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
167 B 39ms
39ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=1962937288070972&r=300x600&w=300&h=600&a=0

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 container.html Show response
0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame A918 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tinthethao.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tinthethao.com.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Mon, 15 Feb 2021 17:50:28 GMT
expires: Tue, 15 Feb 2022 17:50:28 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 container.html Show response
0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 9951 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tinthethao.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tinthethao.com.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Mon, 15 Feb 2021 17:50:28 GMT
expires: Tue, 15 Feb 2022 17:50:28 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 container.html Show response
0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 12B7 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tinthethao.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tinthethao.com.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Mon, 15 Feb 2021 17:50:28 GMT
expires: Tue, 15 Feb 2022 17:50:28 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 container.html Show response
0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame E871 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tinthethao.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tinthethao.com.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Mon, 15 Feb 2021 17:50:28 GMT
expires: Tue, 15 Feb 2022 17:50:28 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 container.html Show response
0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 9D1C 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tinthethao.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tinthethao.com.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Mon, 15 Feb 2021 17:50:28 GMT
expires: Tue, 15 Feb 2022 17:50:28 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6B54 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5815a21b92e56985d2efe5b91ffaae0872c46a9f0a328768a0f5bbf2ef22bc47

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9115 631 B
344 B 30ms
30ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNWSpFDJ94xP1zIDJCsFkvp-Ini73g04FDSUcTDU8BE5dHKCdttHeLOXEjzSUtJNEIp1Z6e27X62wYG8gIMO3R6PFqfaKw

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b1d4ea37cd015a22a5720e4e4916d54ad57a86c181eb26adeb5fb2ec4d403f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNWSpFDJ94xP1zIDJCsFkvp-Ini73g04FDSUcTDU8BE5dHKCdttHeLOXEjzSUtJNEIp1Z6e27X62wYG8gIMO3R6PFqfaKw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlSHMOiOuQQCQUhSA9eGutSp99lIhzwZeMjyFWc0g50iv3yo3ESumiPJ4X1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 15 Feb 2021 17:50:29 GMT
server: cafe
cache-control: private
content-length: 300
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9112 23 KB
11 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8WsiOez3RYVw4gYd1JiC7-GpPZTAYqToksnw9KTppSOa0Kx7LUYv4aOc6Tt-gpHS3aXjM6vrcbOeoBf9SMNd6TGLj8ehiUwrlTH4spLzjfR6krlv67IspaT8Ck_rhXG79RemvwuJ-ERYluR0MCPyBBz0Amw&cry=1&dbm_d=AKAmf-CyUuaw0r--bM5xu0PtMOl-ilUEz3QCAFaC_UzyJ4Ds4vYQOtl24eZeJFOCv6fYr6ugjVZcsT_1BFdYOdGRancRJLZWcLn49iDPZzoginI2hbxYl5g2Tps_sanT5mbiez00_8-Q8rAN3xkskK4AATOFmBogKUIsW2WDSv4DHQWEXkkx2zX36jgCDitnEqtSP0sU9ZDvKSgbXzJMiiOH0lH6-Y5lsf-LgI9ASX3TYj-8a2dWHqh2y6OMd5ExQ26W3qPViP9J8O50i_tZPb-38wS04McbShCOC2XEUnMbqAfOvJ87R_d9muECwWvZQeGnE10MuU_QDy_E41-hf4X97jje8joo4G9erIuShg5phhWhJUy0O5fgR9lccXaAeXI-gBm7rkjszx4ckSab5lwdlELgSsS2IKGNf-z1104R-7vBJ-YQ1n8MytJxwwjkFRGf-W-qyUTsBhuAT9LDukg-diNi0m8rxMjp3yDXsw4kKuqH4Vrod9CVqA5OzlBPyfkALca0rUXk45dypzpggeeRcLW8eyTwOXaF41scpprQeHxpI8X1P4bbv4NVmQLqgb7ZR-sk33YNUAkrsMU-ahvIG-i1vA8x_SLHIvKsW57F9g2dPrKmE7YjVX27JGJ-lbU8PwZrhXg060L5UHUJAiFu7ShEP3WRugcjVAMavdS30hbjYHnYg_cj5E4u16eb8mu3AafcTQfMAfNhTRui4kpWPEACfBLofXBd06LL-Vw9FVUDR8UsG93z33Hfulg285jFPjaELmZ3MUo4mLAq125b5mcmUuXeyGmCr_-pubklUA577YU-ZkLKL8IR_h3Kc9L37UDcDD_VmArDkxL-_ib-_p9pHdnZfDcSWobSPo07eB5p3dYMm__r1mG4QiewG6Czh1B4i7WHWlZrrIq3_aHOgvHHcWvU5bsczhMg9cEYbojowTW26kqonYFkfFr3hXE5oOAWP7IQTfp1YK7bBxjlbGqACpDsMMu3NL0nd2X0QCcsrCeiJYoTv21ADss4btzmgTjj2NEtOGB44LFL9pIyh7JgD21JEXwsK72Fn9BQAlSAnxwxsRWFR9YHsPuPf2fP9zDprQgXG1igS5BLFN6DRu2yzs63LNixKyV0iuAlnXKo9juIDgTUemKS2GEYxC58xsAZay-B3tKPyitetNzdJ0mWKym6M6k68OkwDWjm7k479vLE-Dh0R0ps4RF1YbOQTmEfUOI4ar42nIZFtQwMNRIk1dGEb-lIHAR4zvuZ4NqKb1Eb3MvAGR4csBJ6cR4Tf991lVugONhhNOJN0cHbPiQpAolyg8_0xr2VfeXP7XkH60kXgKphEQ130LdginIH8IoJ-8v_fseLBGr53M0a7nBJYUvkpiS76xv6WSmf-UBBHOtScs0CiFsHu_xkPQ-4z1oVLHBQGZPjJOEmF59jto0Fyu2Za2C7R2-lg8O5fI9AXyiE2qx89LUyYK5m2Tx1BNCZun7mIod1moOWGLrnyZIlrm9Mn8KSvr5w4z4wKSfbLZrpF6DFASFHMaeDhLuIFpx9cfiZPW40B6iwlJeCZIX-Ib6Y2W-uxnL41simK7BzYy3BWZJSE-MFm_EQs2oM-Ynp4akkEl6-Pj_8i6XDrH3XwyYl4ylkBT4S3I5zfs1p4OzgKb432O03aGReRK5dBOtgAYKAGVlrZGeSstKHrZPkpySoGZYNUuX78pm46MLHZ2_d2vKJCTyFR3sHJzq3e6Fpy2PC4WhQSOx2wzKS3v6xzyAfCHcKz5edSzKKewIlyxIB5Re1dGohfaz71m2K68BqdoNEAYIX8ajD2Pry1FqdyyaOOlfDkD2JXGezPz0dhEPMyiz-utm0qH5vRrWOqhLBwNnf3ZQWqzY-Jac8odrffauQq_yTpezpJ15z8CxVy7nV37elZkGUK3Xfx3wLy8KX3iJ5A2A4vfnxnlUbgiRcImZi2BeVi9Jy3QyR9lLTk6zw1X1P3tXNZfhUrs_XM7dFLW46pmOSY3hdex-rF8pF-jQyDGsiN2VNmVJcH8FYsQIOgswyChVoIi0t31vLDHLpJ6u4spOz_UfcbZ1ZG5KVQWr2r_LyiFX45F32MpHunjYsbML2Ss1w4aoTW3eU0e9hxLZl8oY47twu9bCqz9JWOQ7hL64IAEM7S1riaIkzoW5TsEUf0WQ-Nth27e9RQCqgSa5emwm0CMfjIRnMhF8nqAH8j75j1nqm13etmgOilKAGKyvJPDFJuaHRq74SQ7SBmR-52UEPGmNJQeH2rog23DuB8c1nVKaXsUfCwunxIeFWzhDmq7aRkFsYW4hR5l_Ytyt3vClbY_IqV5GEcRPBjWRvb5u1yDdMVqauZJ2W7-U0zFfPgGJwCi9oXLVEC3iIJtDJnyOxy1-CZ9JgVsQ8qq4SHhtBYMEN0VyVb70ZGijKOezuom544myW21PkJnM3jUmzxX5wXpHFFeneLY06PtMgtzvR8HgW8z6V1Xe4lCJWhL6pq-cqeDvlzIYBzuKNg309WSev2jcmUHA_VZ8GCWCfODz00WcHz9p3FHCD_XTJNo7SqqCDnBqqI7RC5DgY4eCxZVHUVxhzGd5_mDVlT9zC1kWbvBqLH_a586UC-ZqR8cjlgdIk4U_cQtLzuJam2F7E9KIkC4dySMk7dphjfvkSF_q7i_kyoCBfS1YdsF4WrqvljJCQ6-U9AaZdOKMbDMv4OKpOr_3_WBFXu0LkIgMRXmL1gY2DpqNYzY4EGZnHfeD6efVlpOoR6rlEP27FlbA-9DH29HJ36PWVwhfeA0DSWg3OGBLrmk0-nisJLoywznvQ7iF-iuyr_zvMcz2VACOZDHRS0-fiPmJ2Aa1lZqtQTAms0gQkGZteCQdnX6aXvjWomYTKZGipTyZxEFaKV8TwqHsnBqOlG6H2m6haVybweNc-kSxHJL_p_HLvWnBl55kdbuOAPIvjRU9-KWdqfVOdjLEbbHKPUNNxBc1AXqyr0AhaKHhepPDHYV_MW4MxygRCQlYnOw7h_ItO6rD_VXteCs90SmuZJ8e6GlPVcnVCj_4VMz5Y3n_GyorlKlUs--udH7l_ajvKdSisvLNtc4lK0pFddCovCzPNoaBu5oIvHKLi6KbEanLWbNFQ_DSWERiiAW-3lYepIVjfeWoEB3NzSryJaMrGih0LDySvWV1sFUZCd9NgaOEOYh0NMmXyVV5NDmJEo12GCvxzG02CNadqbjFl-5AYasDW4xuUQljqR9JYdowNfPV2hJkqeeDfYw5BDK6E2LMszLsZXEiqtAi7Ozd_VQai4LuHF6BTvTJQFlacbwCqnUbVBzhysqX3LI5aQJ6aaAlEMjsiMqCEKQ4jUkEnyBDYjJ0lDCVha7yhCpfCd4-Cu6aOcD7w9aH7DOt8Y8-IdqL4fAv3XDkXNy7NFE175E1pgMQLXm9uKI-DiQ&cid=CAASPeRoVRkKb1TiSC-RlGAHCVDfynMw_glRGLHcdz59eagE6lHUwWYvm2EB7168jpSVKxMU7Jb8B9Y0cuH-to0

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b7b7b97bbd15571ec3f846c06cb6e92942cb43e7ffb7bbb91c0c5847b247daa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11595
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9112 42 B
68 B 44ms
43ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dv7i5V6_3dNbDdlP5iOkp7l9zStXCIx0N877jwfLUOBReANS69c3b_-GhkT47mSHQsG7YHitEKNFpBDnX5j-L2XbnAYqpzqOOnUDgnw7LZh6ns25k

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 9112 3 KB
2 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:07:28 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9112 107 KB
33 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:29 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 9112 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:10:45 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 9112 0
0 14ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRC__gaM-a1X1m9g7UoD_AEFZybrHGoTlsazLa6k7Y8UJX_A1ewx1vVsypfM8FI64vu1_hr
Requested by: Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6B54 0
0 111ms
74ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswrhqwxOjrVBPj7cRzYRSdd4auacglAXW9zd_Mm_jQ6Ya5GDXew_WmQ2wBC04dS4a12sTAH4v-i0s3xx5jy9QfjxbaoNp9bgul_x-zH8GzxfrrPUlDGch-SjZasbpbMAa3ceXh1z-06-FcU5-y_R0sCQceJbzZwQXvuJFiUU4NQGogsJ3xFZrPII_tfhVzO6oTPfkAdh332FHKTSHRB3BnQ4rmBuR6Z38RSlnFPA3CH6eHvUt_ZC3Gxu4rdT65vDZJZlrnT7eiePWKObsMiq1dI6FWuVlNbMMzW_-6xnKnD2iESBG3hJlPyM3ASlhny7nMtcqTqeE-c06wqUMvJWl2LnBmnzNNlA&sai=AMfl-YSzNru9aNOpoRK_FsA3vBdzJerd2AkCIxQUDdVVBQYSWGdzNi2yCbGrVu65JO4LbgODZn5zwz-ANBG9PGmksM0A4gpRPERWLLaVy6PkvItha5N6ql9MzbScFL0hG1YE&sig=Cg0ArKJSzI6LcwFiUDKGEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:29 GMT

GET
H3-Q050 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 74FE 461 B
254 B 33ms
32ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDai_6TAhi5192cATAB&v=APEucNU6rtL0A1Fjaqiz81alXWUTBcEeze6ytO4Xv7fPn9ccUuKiHK-RMLQHjcJDEUaMdITsLGxGIMxS7hXydh0CT9wuwnNSTw

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

602f26bc03eea2889b014f131aa0bdb409a6f87a86fc1be2c0df4142271fbe8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPjqRhDai_6TAhi5192cATAB&v=APEucNU6rtL0A1Fjaqiz81alXWUTBcEeze6ytO4Xv7fPn9ccUuKiHK-RMLQHjcJDEUaMdITsLGxGIMxS7hXydh0CT9wuwnNSTw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlSHMOiOuQQCQUhSA9eGutSp99lIhzwZeMjyFWc0g50iv3yo3ESumiPJ4X1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 15 Feb 2021 17:50:29 GMT
server: cafe
cache-control: private
content-length: 229
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame A918 111 KB
39 KB 37ms
21ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 08:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33133
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Feb 2021 08:38:16 GMT

GET
H3-Q050 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/elements/html/ Frame A918 5 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d40e445084a94c08c165cf83b0b538d97729c72b41d21a4cf2bb11c9185b64e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 16:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 2207
x-xss-protection: 0
server: cafe
etag: 615008709056058855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 16:46:29 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame A918 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1709
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 10747045913157086108
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:22:00 GMT

GET
H3-Q050 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A918 42 B
65 B 41ms
40ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Av4kxRZ4y-9hvd7D3hCdbS5XWo0NqOMQlD27NinFGDl86P4UtZqcmigLMLS87uFFYrDswXSvOZzs5TYn4kkJ85j1Ez_q-agYU5P6ENZKNxTUBly8Q

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame A918 3 KB
2 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:07:28 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A918 107 KB
33 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:29 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame A918 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:10:45 GMT

GET
H3-Q050 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 55D8 509 B
342 B 33ms
32ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY4aXhOjAB&v=APEucNX1EFe27ZIXX2tExNdS0V89WX_vy5JsJ0oukRfi2l9eglTOkjOiVZRhE-034nJZhCLb1QNE2eMKwi15M6q6UpWR5l1axg

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab2f3a14a5af06c512df3aae49da2e7242eb47ac26a77a93d34b0dec824307d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsY4aXhOjAB&v=APEucNX1EFe27ZIXX2tExNdS0V89WX_vy5JsJ0oukRfi2l9eglTOkjOiVZRhE-034nJZhCLb1QNE2eMKwi15M6q6UpWR5l1axg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlSHMOiOuQQCQUhSA9eGutSp99lIhzwZeMjyFWc0g50iv3yo3ESumiPJ4X1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 15 Feb 2021 17:50:29 GMT
server: cafe
cache-control: private
content-length: 316
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9951 23 KB
11 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJp9wDUVFmBqEe2Ofmvg20OEhkKt5TscSynedpQrzIQfxjYkBAbDySppKqKRj96AyjWt7IKntoGvE55dVNLCh3drQgrFjPy-gWTm-nIoWHnKOf8yEjYFEuEEpVoV2uIx5H33utJRAFPKh1yikLneuSNHC3_w&cry=1&dbm_d=AKAmf-CtZn2pbt0iw4dQdH1b6d388VDJZVAl57ZARt3AmSUvXldQVDbmoSBEDlUWQFjjvkXVf3LWXXxmSutwFpb6DsEcjYfySAq3oOnXuuoypQSKMtn4JVmotvhbQaVRg0qzYmymS5xERSs-fKiEmF5uhjucImLlDMvagE2b9O0ZaUAkU4kY37JYP8vS3_gud_Q8a2ybdqVb1Jeve74RPw5oAqUo52YTYr8hEQ9n6w67lKR9rWZE_GllwGxPNwnx295beR2SohxQNKBjxvrdrbNJe5bUk0X-SJSMqbm8qT4P5hzPRP6jW-0O9QDqd3Yv1IC0htQ4eM3kKVYwZV-cPvc4IGu86JvfC1HGG4yipm-JO8KoQXUwu6b9uHAbvzAW8MtrQ5_ZsaDc0DBKLFMREjA2GsC6X38FGF3hmK_dcmM-4MUl47JdWxQjzCcc7Mzstdxf8w9tbJobHUctrRCPPsfhdGfdG6YIHwNBW-Sv8pyY-QNk8JnHOjCaqYMKXRg23A1FnQ112091eoY0IygvlH1WiENZAfPPM5X5yYIHg2nQK4v2cDPGhXlE3R_YrHfVvGSObDmdKR9XQZmapeXw6FvtijjgL761EPYVgPEtYivJpAp5SRgGEh7P1KuEirlhtHOQpm7Rmecn_2YwbPiOaiAOOE_AvfCamLG1NGrfHixjR5aMxAJPKzxFossvNJbjckItl9dmG8CwdLsni_esbWkuvuU-K-kcYqacWUkgzBFHIN29Ohf8LuGmbMYqTEWGMeBV4jiEIOecWQ670S3RFtxdS-Gom2R0fetDNpKMxAAtQr6IwDYquFGD-jkdE6GeMP03je1pag26M8mCJnVgNFT0fQpQTnsPooar47TzfxrJVeaLyO7KOOdP28eU5Gopf1w3l8ptzLDswkfaKf8w3nY8oDnXwHZTF7ehV-fq7pqaSC3Z3KSkanL6Yvl0ReAob2aZRGEb3L1huCSFqShQ3thH5cvejEP2cPgcQpwmPyastxCT9A-cbhzxh86JpOkZZQnGrqodOWY9ttbA_TUr36kQByYOOU92FehMjDWl2rQsW5sGtHZGvfoM35ROhN6eV9LezHkbuQ32Qo7uqMUJ6DtFB6RlbIVX7y0RqT7cidApkJepl97SO8hX1b0t8gQKpThhVvKwoRahmCiMPsIZeYcO1AnzcJWPdzvipU9CADWspKQlBmEyf2tfVtEZWPI4KN5IAtoQkDkZpxtfKuN1Z3VuJggWJ7zR4FC-q7NVS4sBxEtdEnLq-RYa4YO87QkyTCC9InEj2tZ8Lv9_g2wmbSajb2Qint4XJW35t3l4b7u62-MxWVXEfPQXdS_gbPM-gt55qUgoIqQUKLUFbjtNJ1RYtLg3N23-6ucdl4JeliPJ31yl_wYQhJHk_iHaUQiyDTJLVv3h-cZQSGFGbtJA2tyZdLSdZm6zHC8g7KgP_9KZe6-I1joD5Wp9XOVf9D5RTfHJVmUsOkAupkDXEc-X_PYICG2uHFw3J4POAOnVwIUzIixylpBno5BE72nunIOwsGToVwuas1oxEqjtBuR_Tz4LDpq_Vq4T_6qQkyEoCvVPr75IMxYLU-IqyXS3ortvlMxP2bDlAkqTbcI58yX-fDEY0j_RR0tqxfKICS-bsbm8qttdm0HrdJlM4OrMnFpqUeosB-qI5R4apD8wFPy0Rt1279bGwc7S_UzcUUteMeORVOXDLGdlcw3GA_KWqeKRu9DbI_rK7L8gysQr3mQKZXqfgDKspnBUPLacORSVZhndh5TrYNoTJ3vt6DiM8DRcknBe6c7tj_KpAHT1TIfVr6Nc-_MGSBUY3tv7qUays2HwxACh9B2y3Je-3JNl013vE22HKLWwqkkZimVvSCssapHJ5Mb-V02uXE3mjD9zu4Ht74bJFSHCtChv7Cu0AdWlhQftgBlR9y1_qN2YOhAO5AnjEuJmwWDN1W84Ji5VqbYP0mLD_AJzyoqepk14tn8PpNcX-yMWy02iig1Z8HeXIe4ITObaMPKTGCgUbF9BwUFKgTI96q8WOzbEqNrVe7l4fzWRvjAfbZp3nzsXhUNhHuFdxJx_no4S2yFV8FWaEGC7Le_f8beO33DLWMb7ElKy_7DtwX1CDg9UfczMjkdqXlc8VG0mzHX7dVlR4Bf7HKfspw_mfRj0S-UWG9bq8ZVIPZ963we7_8UqLY9Wd80j5eC1-nC61PR-LccHLUDN8w95uQet8xSoy0BltWiwrRNkI2L3yNwFqGuly-bFJhd-cTPahBsE7deWhohEaFv2KN5qkRI78PHMdbDk1vJFq39hOAsozeAmpwCMCsJe4WG4aOYBpnlL2E_azBjHOLR6mgeYAhQtjk2K_0z-fRuRyNtyhr-bukHuFphjbFekpTSJ-Q1NFum8TEKJGMgs2oiqbv7nNK9tt5VzSGj1kD37xjhPl0jNEdqVh8RJVzlAwQ9qhGs2rsn7lYK1Mfe88-o1PYehr3kH7qkgvi2NFDAN8OZ8MkkEFyMdTF9iYt0OKec_NDmPkovb24x96tkcS6gpcx2FVg_n7QIsKbap37kDkssfxXyDjSlXHK3dcM1L3oLmRJXXRuLGDawKMCsq8SmUsA_qpaugMLFjC1Mqa8UWVkMkKf5GZjsxZeJkXVdMG1t3eWKECrDPevebPjfVjqadAU-BmoBuoM92t1tJMTPBgdXIpIe7M3ek2oXR-NOBA2OMRyIMt2QSGdcJU-HR-MsnHYQmJAGSCvg4Pl1sKO0nefqeBwMp_8W3XKw72JKgh0EFJbah-AxjZSKnA7nP8EPDzkUri3Is9ZFcStUxmP3I_KR10VpbsG68x98zbrvssUJMALWapd2BrOHx8xz9Y50IELYkvBPzhOX-Gvj_OukCkLvlfb2-1WT9o-wtS9ll1Uj1TlPPSGAelvO6Bais970HIDqrobZOJfNAlekrNIOrzqDi1Io826ZIBkiE7sIq73C01tzFruyg9lZ3Jla4vUcIu1gwDJ10Q2dU7IbJ9L7bTvWtiIM6GaaIVzPXO3tqSKhAIOcQJrnQigPY3Sc_UXCeoEvHyEpDJV2Nut6_YqCv-one5WFzHu_kjuYcX1FK1h2rMHJi_BIexV6Uf7IjA4VC4uVTj_Qbv5yzqQlTWmLthCueuUqYeGjHt_g1jMp1tNeTFOaqEv7bKe2lOPTWmVWpQAT9cCXsWFekKIhqGKh6068jyAnYLkWtV3IT91_ibnrNHD11E9LGLDQGp7D06bgPZqk6VV_8m2xLCqSUFwXPBVnsoXSFwZPLUuZNuxrL6GSuikZ4EKjRjco-75oWZQKAx6dOX0YdtbatiN8sJUIhV3pOcpegB0klVFbUoXTK4K1y3op1O4euM2dvqZY11QWvvyayQmLPvPmnBRyps6skfGOIxcIfdh1ttdKWpXy3RMpmuIbrfXMALzoYJwA2diDbZstfkdi8HABX4DY&cid=CAASPeRoRSCA6VJYeKpENUvMvhFGu0L7lAYgeOjM69wY5qPrO_WIZdii0VZW5H8DZjEP-8HmqV3Zp_FFNq1FyNg

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a5df63d2e9daa0b0bda394916c07cf97115ad1384db756d96d7d49096ab49c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11430
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9951 42 B
65 B 42ms
40ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BRVNQupcyPv3EHYnSxFA-DZ-DMr2JM5kvFSj7s2rAGfl1YxEFhsr4_hmRer-UC0quNarRgRbSa1JgW4vQ67MFiCmKZN5BX-skE_R9zfuqcrdU047Y

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 9951 3 KB
2 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:07:28 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9951 107 KB
33 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:29 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 9951 14 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:10:45 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 9951 0
0 20ms
17ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9EKsOnqPP2HEoN_umRd8w_2QEJgafXymh6zGXAeyeKKg3wTrUI1-RLAmoKbwHoFCZMORt
Requested by: Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 49CA 509 B
338 B 32ms
30ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDai_6TAhiMgNycATAB&v=APEucNWe8lUXcpAX0eaQCqV72rtBTBW571II1UcJrmuqbNkU4AIudgvpGtdZUSzhz0BH_yHEvaLY6KV2CeH-eozvBwZzqjugrw

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab2f3a14a5af06c512df3aae49da2e7242eb47ac26a77a93d34b0dec824307d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPjqRhDai_6TAhiMgNycATAB&v=APEucNWe8lUXcpAX0eaQCqV72rtBTBW571II1UcJrmuqbNkU4AIudgvpGtdZUSzhz0BH_yHEvaLY6KV2CeH-eozvBwZzqjugrw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlSHMOiOuQQCQUhSA9eGutSp99lIhzwZeMjyFWc0g50iv3yo3ESumiPJ4X1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 15 Feb 2021 17:50:29 GMT
server: cafe
cache-control: private
content-length: 316
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 12B7 111 KB
38 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 08:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33133
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Feb 2021 08:38:16 GMT

GET
H3-Q050 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/elements/html/ Frame 12B7 5 KB
2 KB 18ms
8ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d40e445084a94c08c165cf83b0b538d97729c72b41d21a4cf2bb11c9185b64e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 16:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 2207
x-xss-protection: 0
server: cafe
etag: 615008709056058855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 16:46:29 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 12B7 18 KB
7 KB 14ms
9ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1709
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 10747045913157086108
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:22:00 GMT

GET
H3-Q050 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 12B7 42 B
65 B 55ms
45ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BSbaHZlytwEG3QmVVU5av8Kr6Fu4mA7ufhJs-SshtnwkI2P3NCeaOpG1ghBS7Pp4k3m7AvkshPLJ9BWJnhZlSVlLpMQ0rLqpJYUN3wZEMxODobklo

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 12B7 3 KB
2 KB 17ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:07:28 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 12B7 107 KB
33 KB 53ms
50ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:29 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 12B7 14 KB
6 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:10:45 GMT

GET
H3-Q050 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 20FA 373 B
234 B 32ms
29ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYn5PhOjAB&v=APEucNXHdkxyAuWTFXKcKBu0YgDhjyTd5b7Pga5vKeUOEMKKKtWQx9pgMGyp3fyfo71o1And6kTPb6DdGopBoRTUnDBKCRQBLg

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

546227e8e1db78d6026dfc3d342917673164ae94859086b43f8866257ecdcef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYn5PhOjAB&v=APEucNXHdkxyAuWTFXKcKBu0YgDhjyTd5b7Pga5vKeUOEMKKKtWQx9pgMGyp3fyfo71o1And6kTPb6DdGopBoRTUnDBKCRQBLg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlSHMOiOuQQCQUhSA9eGutSp99lIhzwZeMjyFWc0g50iv3yo3ESumiPJ4X1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 15 Feb 2021 17:50:29 GMT
server: cafe
cache-control: private
content-length: 209
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E871 23 KB
11 KB 55ms
52ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CcPExiAdRFTAxRYuuZC9ptPGc8bSWJyeKHcdf77hO6UpvF_gEhAuIxo4uXZRjp1g2E_ZmJpCeTGeGpcXTfQb5MAWcyJJMVDuxtzt_EbxTBzYPKi3LBNNMU3t5cUX0dUpdLnR7HBC08q7A5v-FSJspLi47lIw&cry=1&dbm_d=AKAmf-Ce7cRdCidGrA7y1QePffZnmn5s9Ou313A63v909wJz0H8_jIwY_WY_M-P92CEV5gKXqpwU909shJ5uhV59bO-nzJuSlI6KOqRMae_eFSpL4k_jto0y9m9vrR8f-6Muo0dFhRpR7z7mn3Ifb4m0vCw72HeBUwMVqLh8M-J6HGK2qnXtgPtz6HSGXqd7nvYf1P5cgp_dfedPiRCNHEBIUGJxkWC2_Nzh4sgqYJOZi1yNAyOuCyAMmmBHqeb29MRXkE3wC8veEsPAK8ps8f-pFIEj_JYq1kWWq6vVIH6RHegX5l-EH3tnB0ymVnNggkw6MAHiBl7s6hbMx-grlLysdOV6-HEkt4fv-3gchd2XbIYaPFFrrDIhR4pqXyZjdWsu0HY0a3lH70yfidNySZWQYgo0JblnFiohD7kF4DAnJdMcHEbpLSxkmt3qh5tf6UNirmrdDwZ3lXN2BpkLtwctZtMR2Dl_cspexsc-ybnN21nbVznGh2nxSXx6o6UZHEqDVmWNyvARLJomQY5uqqLdfMo7jpNLOH0C0Zf0I0GPH32-uXqd1PoOM44KlfeWDucgXoYI0bKQKut1_9ADq35b7glUd4Qyt6LJfCf_6deFo49_GRYTQm2rutFBGXRA69g8CToyZNxgddnsUOia2xzL23609BCJ3skV-S9n0NipUVxRQf4_41HU82v0hJ_u8X7f9ho_mgvAbQ43SKcTnFZKlIuJ-ZG0qw-It7qjLmJvZQByWQRKbEaXvuGmZCVa0NsAhORLf_EtDj9dnjo2HOZeX3jrzo34xRj0qi2zGRUrEQc2uhZIheqz3ZJuoTtc9d6Hsghzyoo4IYr703hFSl-S_N2-xen3AqEbA51PDOm6i0fNRdyiqMxpbDC375tAtD-KGq5SyoPQRJhAMBi4cGRLrtLHgFTc9scdNQC8lXsAPs3XR-kenT0_tGLRnRvgh15vBEO8fuVHhjDsj1G-0papQ3M9aY35jfNnvKfOLTDNksCtaYLwiz9HQ654wl-2qiHViEPcUfG4o-IyXdA8oY7ox8rb63zFoaApooGdFjlENi-wGvn8_Y88mna02rvqMc9O8r3YTtZFsb3YpCDJSSStTSxRjI4gmPael_yi0B2Ln3kyAOh-9W9tJnqnpjfw4bnGzBZ_NunUEDuFsdURWmvCIxkIokwPfpZMCFpVNdSOfxZRfES70VjSVD_OQggK0PxiOa8t2tuO1Wcwv5a9jf4HBmdqDdsQ9PVYPa5f_TV-Rzi6vIPWZ_Tsi4glQIokoekc7JiARVNNc03XVRPJYBYKo_A4DdY0vfbKgmPhryCeK7SJroqh77aqR4BuDyXmLDdRDD2ZXrmvwhGEwhoP9PEOZYIKihYodcfW8H8ZIzU4qeeYggZrvXT1M3ZmJgrQHGi13UrZHWTkv5vznXskkLkwXqhQrjvQYa_UXpRwvSQP987nj1T7SyX72Dxj3t8wPF-Hvcr6DN4lYLFTNyRnSBFWvlhcrKWOyDCvYkPEnTcUVTMjQRtDm9KLG4g5CbUY3F21xqJ_jhiAlEND5WQMoMUZWsVtfcNK1UH_KcOTVHTtZQHwbTPvAgW3nuHmKYxb0-lA3fbSzHMwtftD-Rj3r3Ji4I2QB9dKYEO2T0Cd7p_u9k8ZW5AKTL6VW0CHPnQvHOYyphm_IVS5cgQFabON1V-HytyAJSfKLHaTV3DmzidN4bIbjEdPUiL18bJYkVUc6GFG76SKaCC1a_o-izcJ43D8bsd4iT48VplNHempEgWtxTWZZZHxgXN2QgasPYy0WfKbLaDKqhLmqR2OsSi1aGAuAf-nDlxo5J1NPIwrnFXLPnWMTaGT65PODUrDqbDdimjbf8uXprIpBjsAm6kcjmhDyAGDU7Ra6nmIxdMNS0Y21PGTxY7p6VduzYYWFXG8T-g-4ZHAnG6n9DeN85dNKNlY3mIBdWKYrIJwOK_oSyQ39C_BNtsS56BB1XpUdnhlhSK62BBs2jhct4UwfmEZJ0OBeoneSwNs4OQTL7SoMJs9wfcuIRAjCD7b7O17PinWarjt45qP_YV0ih7oSHuNCTfF7afPxVydtzKaaSuEw-XjyisdIg6kzuqjxifB88uKnvCfZPodezLWa79dsDJsWHhpY6_1L4gsBDNqlf-g91zi1X7QXDc3V03ARo2VrWjUzTxU7h9H589ZeZqwRrWCfSw40yE90AvVhNubLUuTF-ixpGFxNQXU7LoL6QK5myji-ztsv2_7NH_-rrnGhcW2IHgMbbOHGKZ1Vl7Av9uLYojeNg9HDZBUt0MrT47kBFKmMSKEYogP9P-b9bNNOiXouUHw_wl1tbdXVKP6lH5JJoHzRn8R6lUCAcXf9F8qq8woboir8Sdnr7yv9ppEVtrdMj121iFrCjxuwbvM5Oi2J5de9nKFOfNPIIYgpZm3tcpEJFZDhZ9MxX6beEv70qLpLYYHU3wGJsbQTc9chDrw1_U6hT9bZLKac_jgwuZaoj6rYxaO8DSFD8yf9kTQKBm6S2-6Kg160aPPWyVJEM72ixHOelUi4aw0Oe7eAUTFDDkRREO_yvPmb-CHgyiG6MspCOyJD_9cmNE_xsvUCm96Ffjef2dKL4wEb4MgBTQvEt3Xj3jmLrsBcxJLIh-fNG0ll1xguzEtmuItaojisBiDjLlDaKZTNebMCtsRcey6cD9HjHdwK91gG2CVApvb44_oQEukfHKnF8UBg5yEWwmXLmFZWGiSdiWRpJtwpxb_yLw1GHrl3ivoTZTW6h-4iPAvcn2KTG6ixju3eRLWdRxI6Dl1mZGHymvQryxydpsYr6PU-fO7KLILTFk0usM756qAmiJLvp3fnpwqvJwnKG7zejvPKFjy8Qxm7k9sdSlVHESc2QNNkx5T-Bv4yP6yMesZ4mCewmf7-9GMyiUY-VjjmYZWvdxcji8NsxlPvfT9cmLizPe1-XuRzL01B918odJ_FjUw7XNXw_uPXB7m2KVToOG_RVpqso2t0WnEtOd5-UjjkRQiCH4ZirqoTfgmm6618ONZre9zyvcV1nSQBcAvNuzN-eaY-b4Ms1__ed-X8dWu3Jk5m8LFI0f1t7P5w1idtK4M9L9yifQBvcoabdaXPXYMuGWX-F09dkKw9L6EWOwH4NNZdYhlCiol3Cf8BHpnsHA0jfzjDLOcF406sZzxErG2e_DRkbz1GBef8zGs2zralvIznBxNPbSi1_sJq8gfn3PaiuaHu1Xm4tKym5Gd_D-L6RD_sHJ7ZyqrVu1QdfOV6KGk1wmA5viK4PjD94tRPZwKlfkYHoh3Cfh2ra80ecDwYGbo3okux5xdXkcMkg9LnSkG3ofNGXg3KhimF0GqSsIy70GyHZnxKlZ0aapJR0rScUkXKGEMuXQzyXkOmhU9VcmCpNq6ZOTP2Dmo4pQRN8lkelbtXd8ILlyvaHtcBZJ9fLQuror2ofw&cid=CAASPeRoBTUGQHtTTDHKGjdBA_5vjGSyVY2RLLYIoTqC_4oK1QAvWHw-IdXy3np33A-vSM829JCmPeovhp8AuYA

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c326c3af608f018d6583557fdfc222fed2eaf60456724a4a0900f49ef1e1d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11560
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E871 42 B
65 B 52ms
44ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BWi_YCZYmAmFFI-2chCW4zGXipH71fiH5y_Pi_e2eO35kcKRnDSX7efHrWiMd40_BH1DxGtPqlWKhlOvhp4tWcrBxbWAZkCVyeZ_FWAby9lztcBC4

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame E871 3 KB
2 KB 19ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:07:28 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E871 107 KB
33 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:29 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame E871 14 KB
6 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:10:45 GMT

GET
H3-Q050 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3D97 619 B
330 B 70ms
61ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNXdN9NXrXeI-563NJuY2O4PTMyfv2V5yo3NuFS2bhiP2yA2byC3t-VIQQHuO4npZjr1lG2nK0B5OKWxRqTbMcDBnK8Ocw

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82882638e334246917a373ad0ae7673f26b9476572b95c1b0773f4d8bba4288a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNXdN9NXrXeI-563NJuY2O4PTMyfv2V5yo3NuFS2bhiP2yA2byC3t-VIQQHuO4npZjr1lG2nK0B5OKWxRqTbMcDBnK8Ocw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlSHMOiOuQQCQUhSA9eGutSp99lIhzwZeMjyFWc0g50iv3yo3ESumiPJ4X1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 15 Feb 2021 17:50:29 GMT
server: cafe
cache-control: private
content-length: 304
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9D1C 23 KB
12 KB 71ms
62ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BUpkkx92v-qZdnPSyA70monSZTeBj2Yk2We9swtmg4_LiDxmkzeYEPwIe7qL55FeceT16W0qFZw_WKDuqz9uN7q9Tuh3HcAIGewX2zKA71Nbvof0NTzsdxMTJAP4-acfeonDrHJ5O8S7yFlgE_NMPeNp1lDw&cry=1&dbm_d=AKAmf-A-n8yvcAoyVLmOPwUlJPcakcJZY9xrLr6cmQsF0d2_ktAWil2liRJF1SGbjXdMJkgCvaDtBUJgi6bEHusv9JCgt8wdA9WFK3j_EVdTw90p3kons4B79zkydwsq6MioR0Z_v3yFrYsCHOTNshDkFn4N9Nm8mTce8E_8QfDRBzhF6Avwb_ZOKK820RcaZA3ExnOpPFmeUXv0WUXu3Xti63x2d9sba59GXRMdZS0AR6NnH8H7R3T-X9PbQviqp5gt0ZwQ_dhPQVw_dMDxm3tffOmXLW-v-vm12KXU0ARCOWn_ZIVZMzKPnqy8A3cj31JTm5yQL6EQwdkUzFUAYDQkOqaGTkyqtKqHhNmTFsiopBsMysiOYhvqEp41iq9mBuv94UlV0XX7EBWUePyk0aCDttINRdGNUKOmZafpDw99SE2EwZT-gaifDTY2G2i2_a56_idCp60hqRJWIctjh_0YKmrnX95pD_SLP_BDNmsOjqHnhLKcZpixxM7mHkph1VAzwpiP5xUmXLDyWnrMnqpVDcIWoX116EAIK9ogslqb5y6IZHJHcR_8CS3TxdlWgCu_57JTb75OuTzawSrsBzX2w-2npOI5YbBv4BW18-AyRWOxc-0bCTWPchd4FV3Mz0h-GQXq4kdNHBOs8WnPYSAUscCu-G_MeL7_z-m3y2PR--TLG4Vag8Xj-zJd513pgiDyQaTv4quE44C_FXlFw3AXUfeEuhGIShfaYt7QGrctRmpO9i2x9BBBbsBTfaBLlWApyFVyG7O3zE2vsR_mOHFocLVgGBI0v2iJsJeX2iy7_b_Lj7uKdfimJKh2CGhfvR705h-2xQ5nluRAMeKryVvx9uQlWqPOYgJzXckil1OdK6ijkVrWWiTMHZsDHsd2moeeWirllb_1yNJXXWtPoYtobvR5L2_SiTvh_eEIprSi-F2e2z0Ufv7cg6eJ-sARtco756o-FS91-HfP8Yq2Xu1WA95EsPmyHlramVbJisqO8pgQYBHvFqtBBt_08DOVD2HkKpjFj2eLo8ED12mYhmR3SGynULQ2-1m7UmA_iJ-z8vICqnt00QRqw0c-Dx_Iu47Q7u0_DJ6Cp2MgqmAzLd0jQEYDcY-F8kmwqFPcaNFLZiBJmzKvWdM8wE8yaiggkwIfGel84CNVvDMFXJAGg9c3790cMAtmNor2y9f_qUBHI8uP9OUyhdl9FRRCmTC4DeXgIQ_mbbjW6jgoTjymDbgGPr6N-jmwjB8egptdNu5iKGPE3QjtiDG9jy9DGfP52rf2yUGSBE5TMtHzhCIjQ3Twi56ad4LqnMcxMy2Z4R2_nuZQbcYPgDmEphy4Uk9vajsCSnoYkgfnYvYtUPXl5u5Oj682MhEwWcwkzaYxYiebccXDDiSAQqgZTuiGrhxy92sjp680wWm4PugaT9sEpBGebby7pZJOGM0Tu8cofUfUXMuzuGcsZLUITVn-O9eVsXppi-sJEP-cM0UGT9HbjWRgK7R6f_C5uuVAam1nvjfVOzWlm9bf40e-qo6FmnLuPHr7lRrNGsEek1wGo3InnhQYie48JxtuSifpQohlEbJj9N0nCS_OJFy69Lz5h8v-8T3mTDPggih--Oll6h1E2kV6vkh9eRWIONeHmmBCczsM90N1ncBKAbsu0vFcEbIZCGL8UoJQvv6KYHXrXqp67pelmopGa6qLwijao1vmoKLQ8lMizwoTY8M4pTpKkK1SGhqieHiX6YdHXWfYMDqdSiC10WhsHqlHUc-VGuDe8b7SPe2yhNbJiwuqHtzM-JYAvcj2bS3amkmP6bL-aVKzRBJifTD13zzZOEimr-xogprg8SGvT-ClleXu20K-pWggyffMs5H3SGYVoMUf9Pect6EDIw4Ea24UWKsqlNJIoL8Bqqu6uDw84gek7H2FXfzy2yGLZXqH0q-T042BLPKz1cXwHlVFp5wwXDYmsJUZQmlLWPlGeRQ30dCFJhDoBVjGVJPyHqiEtFO-aNfM30LMJPuGU3v0zcHmRu3Y7XrVC3xK6Qpnn3FAn9T0q5JDIxpsNXSd93bCReLRmGK6mEkOYcnZCFmsiXzo6O5DIRnvg_HERDxOfkLNgKLxDFaCxRBXJ-opIk8Yggj3G2LNFsM68LLmKaOg5upBoYceVjrCryxkjfPu9V2HUOs8mJ7uGOAMa5i9RePgBjBQSaYH-jTPOa5YXL7c1_-Spmncli71TMKaCMl8lmCB_w8d8eqqRLvKYeR9XOdUHnKmDrn_-t5k5bCkhj2ordii9nl-qhasEzNZFZCdOmBkRKKBzEpT2Df83n9nNZYGv4dNAkWn0P6rFsTfNAtwif3Dg5vFLtptWMgpMSw6riW48lBNIaz2k78UqsbvM6d7X8gbEpQvZS3g8cjK4xplHmp6fJwNntsPjWF98knNRGbWeBwSq_i80_15a2XZqEu2Xl6y3CEKwS6QhTLnCWc-jFEJAoGhAfC60jwooCj4B6Mqhx6MBPV0dKSWQj0nVPgIX7x4YmTYOhuucMJk432DON-qQawiGgpWIF-5X0qOC_38X867XMKkHl0DIXvtIqIAE7VZ3WUdAahkW-Bm9k6jgzi8HhfBFM9SOoNh0YjB2CaRyjue5FyHonjmV1MMa1MXBxwZ4MnB57IpI_AQFhr5ctqPOKUFBrgBBHHwNd3cRSFCEkAnb_xVrSzP7ggdkGAFF9NYGdWDTjdva9eyiFHrG5zQIhqcjXm9QwODaxfEd6MXcQpIiZv24NY_Z5MSUKNwd_DjHRTnZhB-eWLOEPzBQCGNvme2bDRsZ6J1EJB_3dr0zBA0Q-5CKVyfHpJZudF0JIF6JTWQ9jfONk3nuFSw_kqWTcbPCl44DzIxC83lNHxyfEOqHiXnJZlTIhCXYjNspSSiAbAtWGDS2_a6xXWHtcFmxHvGVwkLC0ivjGGvSzfOSCU49GZ4pkqkk9_Ui8TSVpqzo8VqzbPJtj_xFJ7ko5iAfmONwyGbtyB4PY4hmhQOrTm9cAswGw47t701Ce2K8fqmLfiPVJZuchrZ0OicYqpsevhI0_c9K9k_17t5fe-wCLwyRjweeMD9fIifi-3ioANRg6Tzk3yfQ4pp1e53qUEFCa7VQybjHd75ktRCzVLrt_NWEsVH7zEC27q7J8GJmCI8WOzF-W7nmNF_giCgYy2hsIXJTsF5g20cGXlO49kbE1Gurc6tQ36jNAAhZt_VeW-RuosGGxqBL9uvxH5nq762pQ4CRptivc1-N7zycdD2_oGy7Q3jzrmcHRTJ9Hgiypum5dojHAuDiEe-WhDvGeRLE8Up6663A0neryWjjOIDMa4suaRQ7hNIxQFlWMJa784vZruy7jqUXoEVPMM_p_GZPf_fREgxt8lAKpFWt_uWU985ook_xtk_tk0aWK5SBMUexl7ZMyOkHhkUukJaa3HYag&cid=CAASPeRoVG18dAOn8A9p44qKpYpfeonp6mKumTOlpYm_Cb2imbCTUB0kng8k4-2yJw4eWc30uSNHSUe1i-pohDg

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e1cd30adf93dee9246c1012a0134053bd7c71b45f69b788216b1ac1e7d8397f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11551
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D1C 42 B
65 B 61ms
44ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B8GY4ghkz7O57T4asTEYaWDusQqRP1CinAwIT6PUxPVpdHq5LaI1zbYC0yAk4nL0X6eil-dCP1cpiPr0zi-ODMgsRzUmzqNAJcXldKpp3IcHPM-Cs

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 9D1C 3 KB
2 KB 17ms
10ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:07:28 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9D1C 107 KB
33 KB 59ms
53ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:29 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 9D1C 14 KB
6 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:10:45 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 9D1C 0
0 43ms
23ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRKrE9LGjoolAraTAIvIKX2B3-2OWBHgNA6n2NocCKap9WnRsMTrB3cZ2EgWR-QGV1n67lo
Requested by: Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js Show response
pagead2.googlesyndication.com/bg/ Frame A73D 14 KB
6 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 01:48:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 00:15:00 GMT
server: sffe
age: 230497
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6290
x-xss-protection: 0
expires: Sun, 13 Feb 2022 01:48:52 GMT

GET
H3-Q050 200 Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F3B 14 KB
6 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 01:48:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 00:15:00 GMT
server: sffe
age: 230497
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6290
x-xss-protection: 0
expires: Sun, 13 Feb 2022 01:48:52 GMT

GET
H3-Q050 200 Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js Show response
pagead2.googlesyndication.com/bg/ Frame 5259 14 KB
6 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 01:48:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 00:15:00 GMT
server: sffe
age: 230497
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6290
x-xss-protection: 0
expires: Sun, 13 Feb 2022 01:48:52 GMT

GET
H3-Q050 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 9112 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8WsiOez3RYVw4gYd1JiC7-GpPZTAYqToksnw9KTppSOa0Kx7LUYv4aOc6Tt-gpHS3aXjM6vrcbOeoBf9SMNd6TGLj8ehiUwrlTH4spLzjfR6krlv67IspaT8Ck_rhXG79RemvwuJ-ERYluR0MCPyBBz0Amw&cry=1&dbm_d=AKAmf-CyUuaw0r--bM5xu0PtMOl-ilUEz3QCAFaC_UzyJ4Ds4vYQOtl24eZeJFOCv6fYr6ugjVZcsT_1BFdYOdGRancRJLZWcLn49iDPZzoginI2hbxYl5g2Tps_sanT5mbiez00_8-Q8rAN3xkskK4AATOFmBogKUIsW2WDSv4DHQWEXkkx2zX36jgCDitnEqtSP0sU9ZDvKSgbXzJMiiOH0lH6-Y5lsf-LgI9ASX3TYj-8a2dWHqh2y6OMd5ExQ26W3qPViP9J8O50i_tZPb-38wS04McbShCOC2XEUnMbqAfOvJ87R_d9muECwWvZQeGnE10MuU_QDy_E41-hf4X97jje8joo4G9erIuShg5phhWhJUy0O5fgR9lccXaAeXI-gBm7rkjszx4ckSab5lwdlELgSsS2IKGNf-z1104R-7vBJ-YQ1n8MytJxwwjkFRGf-W-qyUTsBhuAT9LDukg-diNi0m8rxMjp3yDXsw4kKuqH4Vrod9CVqA5OzlBPyfkALca0rUXk45dypzpggeeRcLW8eyTwOXaF41scpprQeHxpI8X1P4bbv4NVmQLqgb7ZR-sk33YNUAkrsMU-ahvIG-i1vA8x_SLHIvKsW57F9g2dPrKmE7YjVX27JGJ-lbU8PwZrhXg060L5UHUJAiFu7ShEP3WRugcjVAMavdS30hbjYHnYg_cj5E4u16eb8mu3AafcTQfMAfNhTRui4kpWPEACfBLofXBd06LL-Vw9FVUDR8UsG93z33Hfulg285jFPjaELmZ3MUo4mLAq125b5mcmUuXeyGmCr_-pubklUA577YU-ZkLKL8IR_h3Kc9L37UDcDD_VmArDkxL-_ib-_p9pHdnZfDcSWobSPo07eB5p3dYMm__r1mG4QiewG6Czh1B4i7WHWlZrrIq3_aHOgvHHcWvU5bsczhMg9cEYbojowTW26kqonYFkfFr3hXE5oOAWP7IQTfp1YK7bBxjlbGqACpDsMMu3NL0nd2X0QCcsrCeiJYoTv21ADss4btzmgTjj2NEtOGB44LFL9pIyh7JgD21JEXwsK72Fn9BQAlSAnxwxsRWFR9YHsPuPf2fP9zDprQgXG1igS5BLFN6DRu2yzs63LNixKyV0iuAlnXKo9juIDgTUemKS2GEYxC58xsAZay-B3tKPyitetNzdJ0mWKym6M6k68OkwDWjm7k479vLE-Dh0R0ps4RF1YbOQTmEfUOI4ar42nIZFtQwMNRIk1dGEb-lIHAR4zvuZ4NqKb1Eb3MvAGR4csBJ6cR4Tf991lVugONhhNOJN0cHbPiQpAolyg8_0xr2VfeXP7XkH60kXgKphEQ130LdginIH8IoJ-8v_fseLBGr53M0a7nBJYUvkpiS76xv6WSmf-UBBHOtScs0CiFsHu_xkPQ-4z1oVLHBQGZPjJOEmF59jto0Fyu2Za2C7R2-lg8O5fI9AXyiE2qx89LUyYK5m2Tx1BNCZun7mIod1moOWGLrnyZIlrm9Mn8KSvr5w4z4wKSfbLZrpF6DFASFHMaeDhLuIFpx9cfiZPW40B6iwlJeCZIX-Ib6Y2W-uxnL41simK7BzYy3BWZJSE-MFm_EQs2oM-Ynp4akkEl6-Pj_8i6XDrH3XwyYl4ylkBT4S3I5zfs1p4OzgKb432O03aGReRK5dBOtgAYKAGVlrZGeSstKHrZPkpySoGZYNUuX78pm46MLHZ2_d2vKJCTyFR3sHJzq3e6Fpy2PC4WhQSOx2wzKS3v6xzyAfCHcKz5edSzKKewIlyxIB5Re1dGohfaz71m2K68BqdoNEAYIX8ajD2Pry1FqdyyaOOlfDkD2JXGezPz0dhEPMyiz-utm0qH5vRrWOqhLBwNnf3ZQWqzY-Jac8odrffauQq_yTpezpJ15z8CxVy7nV37elZkGUK3Xfx3wLy8KX3iJ5A2A4vfnxnlUbgiRcImZi2BeVi9Jy3QyR9lLTk6zw1X1P3tXNZfhUrs_XM7dFLW46pmOSY3hdex-rF8pF-jQyDGsiN2VNmVJcH8FYsQIOgswyChVoIi0t31vLDHLpJ6u4spOz_UfcbZ1ZG5KVQWr2r_LyiFX45F32MpHunjYsbML2Ss1w4aoTW3eU0e9hxLZl8oY47twu9bCqz9JWOQ7hL64IAEM7S1riaIkzoW5TsEUf0WQ-Nth27e9RQCqgSa5emwm0CMfjIRnMhF8nqAH8j75j1nqm13etmgOilKAGKyvJPDFJuaHRq74SQ7SBmR-52UEPGmNJQeH2rog23DuB8c1nVKaXsUfCwunxIeFWzhDmq7aRkFsYW4hR5l_Ytyt3vClbY_IqV5GEcRPBjWRvb5u1yDdMVqauZJ2W7-U0zFfPgGJwCi9oXLVEC3iIJtDJnyOxy1-CZ9JgVsQ8qq4SHhtBYMEN0VyVb70ZGijKOezuom544myW21PkJnM3jUmzxX5wXpHFFeneLY06PtMgtzvR8HgW8z6V1Xe4lCJWhL6pq-cqeDvlzIYBzuKNg309WSev2jcmUHA_VZ8GCWCfODz00WcHz9p3FHCD_XTJNo7SqqCDnBqqI7RC5DgY4eCxZVHUVxhzGd5_mDVlT9zC1kWbvBqLH_a586UC-ZqR8cjlgdIk4U_cQtLzuJam2F7E9KIkC4dySMk7dphjfvkSF_q7i_kyoCBfS1YdsF4WrqvljJCQ6-U9AaZdOKMbDMv4OKpOr_3_WBFXu0LkIgMRXmL1gY2DpqNYzY4EGZnHfeD6efVlpOoR6rlEP27FlbA-9DH29HJ36PWVwhfeA0DSWg3OGBLrmk0-nisJLoywznvQ7iF-iuyr_zvMcz2VACOZDHRS0-fiPmJ2Aa1lZqtQTAms0gQkGZteCQdnX6aXvjWomYTKZGipTyZxEFaKV8TwqHsnBqOlG6H2m6haVybweNc-kSxHJL_p_HLvWnBl55kdbuOAPIvjRU9-KWdqfVOdjLEbbHKPUNNxBc1AXqyr0AhaKHhepPDHYV_MW4MxygRCQlYnOw7h_ItO6rD_VXteCs90SmuZJ8e6GlPVcnVCj_4VMz5Y3n_GyorlKlUs--udH7l_ajvKdSisvLNtc4lK0pFddCovCzPNoaBu5oIvHKLi6KbEanLWbNFQ_DSWERiiAW-3lYepIVjfeWoEB3NzSryJaMrGih0LDySvWV1sFUZCd9NgaOEOYh0NMmXyVV5NDmJEo12GCvxzG02CNadqbjFl-5AYasDW4xuUQljqR9JYdowNfPV2hJkqeeDfYw5BDK6E2LMszLsZXEiqtAi7Ozd_VQai4LuHF6BTvTJQFlacbwCqnUbVBzhysqX3LI5aQJ6aaAlEMjsiMqCEKQ4jUkEnyBDYjJ0lDCVha7yhCpfCd4-Cu6aOcD7w9aH7DOt8Y8-IdqL4fAv3XDkXNy7NFE175E1pgMQLXm9uKI-DiQ&cid=CAASPeRoVRkKb1TiSC-RlGAHCVDfynMw_glRGLHcdz59eagE6lHUwWYvm2EB7168jpSVKxMU7Jb8B9Y0cuH-to0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bbb1cf040948bea2829656ed20814d5ecabdeb106bff79cad43af8e6ed78161

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1680
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 8953
x-xss-protection: 0
server: cafe
etag: 10862945726693812791
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:22:29 GMT

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9112 41 KB
15 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 14:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10903
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Feb 2022 14:48:46 GMT

GET
H3-Q050 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 9951 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJp9wDUVFmBqEe2Ofmvg20OEhkKt5TscSynedpQrzIQfxjYkBAbDySppKqKRj96AyjWt7IKntoGvE55dVNLCh3drQgrFjPy-gWTm-nIoWHnKOf8yEjYFEuEEpVoV2uIx5H33utJRAFPKh1yikLneuSNHC3_w&cry=1&dbm_d=AKAmf-CtZn2pbt0iw4dQdH1b6d388VDJZVAl57ZARt3AmSUvXldQVDbmoSBEDlUWQFjjvkXVf3LWXXxmSutwFpb6DsEcjYfySAq3oOnXuuoypQSKMtn4JVmotvhbQaVRg0qzYmymS5xERSs-fKiEmF5uhjucImLlDMvagE2b9O0ZaUAkU4kY37JYP8vS3_gud_Q8a2ybdqVb1Jeve74RPw5oAqUo52YTYr8hEQ9n6w67lKR9rWZE_GllwGxPNwnx295beR2SohxQNKBjxvrdrbNJe5bUk0X-SJSMqbm8qT4P5hzPRP6jW-0O9QDqd3Yv1IC0htQ4eM3kKVYwZV-cPvc4IGu86JvfC1HGG4yipm-JO8KoQXUwu6b9uHAbvzAW8MtrQ5_ZsaDc0DBKLFMREjA2GsC6X38FGF3hmK_dcmM-4MUl47JdWxQjzCcc7Mzstdxf8w9tbJobHUctrRCPPsfhdGfdG6YIHwNBW-Sv8pyY-QNk8JnHOjCaqYMKXRg23A1FnQ112091eoY0IygvlH1WiENZAfPPM5X5yYIHg2nQK4v2cDPGhXlE3R_YrHfVvGSObDmdKR9XQZmapeXw6FvtijjgL761EPYVgPEtYivJpAp5SRgGEh7P1KuEirlhtHOQpm7Rmecn_2YwbPiOaiAOOE_AvfCamLG1NGrfHixjR5aMxAJPKzxFossvNJbjckItl9dmG8CwdLsni_esbWkuvuU-K-kcYqacWUkgzBFHIN29Ohf8LuGmbMYqTEWGMeBV4jiEIOecWQ670S3RFtxdS-Gom2R0fetDNpKMxAAtQr6IwDYquFGD-jkdE6GeMP03je1pag26M8mCJnVgNFT0fQpQTnsPooar47TzfxrJVeaLyO7KOOdP28eU5Gopf1w3l8ptzLDswkfaKf8w3nY8oDnXwHZTF7ehV-fq7pqaSC3Z3KSkanL6Yvl0ReAob2aZRGEb3L1huCSFqShQ3thH5cvejEP2cPgcQpwmPyastxCT9A-cbhzxh86JpOkZZQnGrqodOWY9ttbA_TUr36kQByYOOU92FehMjDWl2rQsW5sGtHZGvfoM35ROhN6eV9LezHkbuQ32Qo7uqMUJ6DtFB6RlbIVX7y0RqT7cidApkJepl97SO8hX1b0t8gQKpThhVvKwoRahmCiMPsIZeYcO1AnzcJWPdzvipU9CADWspKQlBmEyf2tfVtEZWPI4KN5IAtoQkDkZpxtfKuN1Z3VuJggWJ7zR4FC-q7NVS4sBxEtdEnLq-RYa4YO87QkyTCC9InEj2tZ8Lv9_g2wmbSajb2Qint4XJW35t3l4b7u62-MxWVXEfPQXdS_gbPM-gt55qUgoIqQUKLUFbjtNJ1RYtLg3N23-6ucdl4JeliPJ31yl_wYQhJHk_iHaUQiyDTJLVv3h-cZQSGFGbtJA2tyZdLSdZm6zHC8g7KgP_9KZe6-I1joD5Wp9XOVf9D5RTfHJVmUsOkAupkDXEc-X_PYICG2uHFw3J4POAOnVwIUzIixylpBno5BE72nunIOwsGToVwuas1oxEqjtBuR_Tz4LDpq_Vq4T_6qQkyEoCvVPr75IMxYLU-IqyXS3ortvlMxP2bDlAkqTbcI58yX-fDEY0j_RR0tqxfKICS-bsbm8qttdm0HrdJlM4OrMnFpqUeosB-qI5R4apD8wFPy0Rt1279bGwc7S_UzcUUteMeORVOXDLGdlcw3GA_KWqeKRu9DbI_rK7L8gysQr3mQKZXqfgDKspnBUPLacORSVZhndh5TrYNoTJ3vt6DiM8DRcknBe6c7tj_KpAHT1TIfVr6Nc-_MGSBUY3tv7qUays2HwxACh9B2y3Je-3JNl013vE22HKLWwqkkZimVvSCssapHJ5Mb-V02uXE3mjD9zu4Ht74bJFSHCtChv7Cu0AdWlhQftgBlR9y1_qN2YOhAO5AnjEuJmwWDN1W84Ji5VqbYP0mLD_AJzyoqepk14tn8PpNcX-yMWy02iig1Z8HeXIe4ITObaMPKTGCgUbF9BwUFKgTI96q8WOzbEqNrVe7l4fzWRvjAfbZp3nzsXhUNhHuFdxJx_no4S2yFV8FWaEGC7Le_f8beO33DLWMb7ElKy_7DtwX1CDg9UfczMjkdqXlc8VG0mzHX7dVlR4Bf7HKfspw_mfRj0S-UWG9bq8ZVIPZ963we7_8UqLY9Wd80j5eC1-nC61PR-LccHLUDN8w95uQet8xSoy0BltWiwrRNkI2L3yNwFqGuly-bFJhd-cTPahBsE7deWhohEaFv2KN5qkRI78PHMdbDk1vJFq39hOAsozeAmpwCMCsJe4WG4aOYBpnlL2E_azBjHOLR6mgeYAhQtjk2K_0z-fRuRyNtyhr-bukHuFphjbFekpTSJ-Q1NFum8TEKJGMgs2oiqbv7nNK9tt5VzSGj1kD37xjhPl0jNEdqVh8RJVzlAwQ9qhGs2rsn7lYK1Mfe88-o1PYehr3kH7qkgvi2NFDAN8OZ8MkkEFyMdTF9iYt0OKec_NDmPkovb24x96tkcS6gpcx2FVg_n7QIsKbap37kDkssfxXyDjSlXHK3dcM1L3oLmRJXXRuLGDawKMCsq8SmUsA_qpaugMLFjC1Mqa8UWVkMkKf5GZjsxZeJkXVdMG1t3eWKECrDPevebPjfVjqadAU-BmoBuoM92t1tJMTPBgdXIpIe7M3ek2oXR-NOBA2OMRyIMt2QSGdcJU-HR-MsnHYQmJAGSCvg4Pl1sKO0nefqeBwMp_8W3XKw72JKgh0EFJbah-AxjZSKnA7nP8EPDzkUri3Is9ZFcStUxmP3I_KR10VpbsG68x98zbrvssUJMALWapd2BrOHx8xz9Y50IELYkvBPzhOX-Gvj_OukCkLvlfb2-1WT9o-wtS9ll1Uj1TlPPSGAelvO6Bais970HIDqrobZOJfNAlekrNIOrzqDi1Io826ZIBkiE7sIq73C01tzFruyg9lZ3Jla4vUcIu1gwDJ10Q2dU7IbJ9L7bTvWtiIM6GaaIVzPXO3tqSKhAIOcQJrnQigPY3Sc_UXCeoEvHyEpDJV2Nut6_YqCv-one5WFzHu_kjuYcX1FK1h2rMHJi_BIexV6Uf7IjA4VC4uVTj_Qbv5yzqQlTWmLthCueuUqYeGjHt_g1jMp1tNeTFOaqEv7bKe2lOPTWmVWpQAT9cCXsWFekKIhqGKh6068jyAnYLkWtV3IT91_ibnrNHD11E9LGLDQGp7D06bgPZqk6VV_8m2xLCqSUFwXPBVnsoXSFwZPLUuZNuxrL6GSuikZ4EKjRjco-75oWZQKAx6dOX0YdtbatiN8sJUIhV3pOcpegB0klVFbUoXTK4K1y3op1O4euM2dvqZY11QWvvyayQmLPvPmnBRyps6skfGOIxcIfdh1ttdKWpXy3RMpmuIbrfXMALzoYJwA2diDbZstfkdi8HABX4DY&cid=CAASPeRoRSCA6VJYeKpENUvMvhFGu0L7lAYgeOjM69wY5qPrO_WIZdii0VZW5H8DZjEP-8HmqV3Zp_FFNq1FyNg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bbb1cf040948bea2829656ed20814d5ecabdeb106bff79cad43af8e6ed78161

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1680
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 8953
x-xss-protection: 0
server: cafe
etag: 10862945726693812791
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:22:29 GMT

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9951 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 14:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10903
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Feb 2022 14:48:46 GMT

GET
H3-Q050 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame E871 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CcPExiAdRFTAxRYuuZC9ptPGc8bSWJyeKHcdf77hO6UpvF_gEhAuIxo4uXZRjp1g2E_ZmJpCeTGeGpcXTfQb5MAWcyJJMVDuxtzt_EbxTBzYPKi3LBNNMU3t5cUX0dUpdLnR7HBC08q7A5v-FSJspLi47lIw&cry=1&dbm_d=AKAmf-Ce7cRdCidGrA7y1QePffZnmn5s9Ou313A63v909wJz0H8_jIwY_WY_M-P92CEV5gKXqpwU909shJ5uhV59bO-nzJuSlI6KOqRMae_eFSpL4k_jto0y9m9vrR8f-6Muo0dFhRpR7z7mn3Ifb4m0vCw72HeBUwMVqLh8M-J6HGK2qnXtgPtz6HSGXqd7nvYf1P5cgp_dfedPiRCNHEBIUGJxkWC2_Nzh4sgqYJOZi1yNAyOuCyAMmmBHqeb29MRXkE3wC8veEsPAK8ps8f-pFIEj_JYq1kWWq6vVIH6RHegX5l-EH3tnB0ymVnNggkw6MAHiBl7s6hbMx-grlLysdOV6-HEkt4fv-3gchd2XbIYaPFFrrDIhR4pqXyZjdWsu0HY0a3lH70yfidNySZWQYgo0JblnFiohD7kF4DAnJdMcHEbpLSxkmt3qh5tf6UNirmrdDwZ3lXN2BpkLtwctZtMR2Dl_cspexsc-ybnN21nbVznGh2nxSXx6o6UZHEqDVmWNyvARLJomQY5uqqLdfMo7jpNLOH0C0Zf0I0GPH32-uXqd1PoOM44KlfeWDucgXoYI0bKQKut1_9ADq35b7glUd4Qyt6LJfCf_6deFo49_GRYTQm2rutFBGXRA69g8CToyZNxgddnsUOia2xzL23609BCJ3skV-S9n0NipUVxRQf4_41HU82v0hJ_u8X7f9ho_mgvAbQ43SKcTnFZKlIuJ-ZG0qw-It7qjLmJvZQByWQRKbEaXvuGmZCVa0NsAhORLf_EtDj9dnjo2HOZeX3jrzo34xRj0qi2zGRUrEQc2uhZIheqz3ZJuoTtc9d6Hsghzyoo4IYr703hFSl-S_N2-xen3AqEbA51PDOm6i0fNRdyiqMxpbDC375tAtD-KGq5SyoPQRJhAMBi4cGRLrtLHgFTc9scdNQC8lXsAPs3XR-kenT0_tGLRnRvgh15vBEO8fuVHhjDsj1G-0papQ3M9aY35jfNnvKfOLTDNksCtaYLwiz9HQ654wl-2qiHViEPcUfG4o-IyXdA8oY7ox8rb63zFoaApooGdFjlENi-wGvn8_Y88mna02rvqMc9O8r3YTtZFsb3YpCDJSSStTSxRjI4gmPael_yi0B2Ln3kyAOh-9W9tJnqnpjfw4bnGzBZ_NunUEDuFsdURWmvCIxkIokwPfpZMCFpVNdSOfxZRfES70VjSVD_OQggK0PxiOa8t2tuO1Wcwv5a9jf4HBmdqDdsQ9PVYPa5f_TV-Rzi6vIPWZ_Tsi4glQIokoekc7JiARVNNc03XVRPJYBYKo_A4DdY0vfbKgmPhryCeK7SJroqh77aqR4BuDyXmLDdRDD2ZXrmvwhGEwhoP9PEOZYIKihYodcfW8H8ZIzU4qeeYggZrvXT1M3ZmJgrQHGi13UrZHWTkv5vznXskkLkwXqhQrjvQYa_UXpRwvSQP987nj1T7SyX72Dxj3t8wPF-Hvcr6DN4lYLFTNyRnSBFWvlhcrKWOyDCvYkPEnTcUVTMjQRtDm9KLG4g5CbUY3F21xqJ_jhiAlEND5WQMoMUZWsVtfcNK1UH_KcOTVHTtZQHwbTPvAgW3nuHmKYxb0-lA3fbSzHMwtftD-Rj3r3Ji4I2QB9dKYEO2T0Cd7p_u9k8ZW5AKTL6VW0CHPnQvHOYyphm_IVS5cgQFabON1V-HytyAJSfKLHaTV3DmzidN4bIbjEdPUiL18bJYkVUc6GFG76SKaCC1a_o-izcJ43D8bsd4iT48VplNHempEgWtxTWZZZHxgXN2QgasPYy0WfKbLaDKqhLmqR2OsSi1aGAuAf-nDlxo5J1NPIwrnFXLPnWMTaGT65PODUrDqbDdimjbf8uXprIpBjsAm6kcjmhDyAGDU7Ra6nmIxdMNS0Y21PGTxY7p6VduzYYWFXG8T-g-4ZHAnG6n9DeN85dNKNlY3mIBdWKYrIJwOK_oSyQ39C_BNtsS56BB1XpUdnhlhSK62BBs2jhct4UwfmEZJ0OBeoneSwNs4OQTL7SoMJs9wfcuIRAjCD7b7O17PinWarjt45qP_YV0ih7oSHuNCTfF7afPxVydtzKaaSuEw-XjyisdIg6kzuqjxifB88uKnvCfZPodezLWa79dsDJsWHhpY6_1L4gsBDNqlf-g91zi1X7QXDc3V03ARo2VrWjUzTxU7h9H589ZeZqwRrWCfSw40yE90AvVhNubLUuTF-ixpGFxNQXU7LoL6QK5myji-ztsv2_7NH_-rrnGhcW2IHgMbbOHGKZ1Vl7Av9uLYojeNg9HDZBUt0MrT47kBFKmMSKEYogP9P-b9bNNOiXouUHw_wl1tbdXVKP6lH5JJoHzRn8R6lUCAcXf9F8qq8woboir8Sdnr7yv9ppEVtrdMj121iFrCjxuwbvM5Oi2J5de9nKFOfNPIIYgpZm3tcpEJFZDhZ9MxX6beEv70qLpLYYHU3wGJsbQTc9chDrw1_U6hT9bZLKac_jgwuZaoj6rYxaO8DSFD8yf9kTQKBm6S2-6Kg160aPPWyVJEM72ixHOelUi4aw0Oe7eAUTFDDkRREO_yvPmb-CHgyiG6MspCOyJD_9cmNE_xsvUCm96Ffjef2dKL4wEb4MgBTQvEt3Xj3jmLrsBcxJLIh-fNG0ll1xguzEtmuItaojisBiDjLlDaKZTNebMCtsRcey6cD9HjHdwK91gG2CVApvb44_oQEukfHKnF8UBg5yEWwmXLmFZWGiSdiWRpJtwpxb_yLw1GHrl3ivoTZTW6h-4iPAvcn2KTG6ixju3eRLWdRxI6Dl1mZGHymvQryxydpsYr6PU-fO7KLILTFk0usM756qAmiJLvp3fnpwqvJwnKG7zejvPKFjy8Qxm7k9sdSlVHESc2QNNkx5T-Bv4yP6yMesZ4mCewmf7-9GMyiUY-VjjmYZWvdxcji8NsxlPvfT9cmLizPe1-XuRzL01B918odJ_FjUw7XNXw_uPXB7m2KVToOG_RVpqso2t0WnEtOd5-UjjkRQiCH4ZirqoTfgmm6618ONZre9zyvcV1nSQBcAvNuzN-eaY-b4Ms1__ed-X8dWu3Jk5m8LFI0f1t7P5w1idtK4M9L9yifQBvcoabdaXPXYMuGWX-F09dkKw9L6EWOwH4NNZdYhlCiol3Cf8BHpnsHA0jfzjDLOcF406sZzxErG2e_DRkbz1GBef8zGs2zralvIznBxNPbSi1_sJq8gfn3PaiuaHu1Xm4tKym5Gd_D-L6RD_sHJ7ZyqrVu1QdfOV6KGk1wmA5viK4PjD94tRPZwKlfkYHoh3Cfh2ra80ecDwYGbo3okux5xdXkcMkg9LnSkG3ofNGXg3KhimF0GqSsIy70GyHZnxKlZ0aapJR0rScUkXKGEMuXQzyXkOmhU9VcmCpNq6ZOTP2Dmo4pQRN8lkelbtXd8ILlyvaHtcBZJ9fLQuror2ofw&cid=CAASPeRoBTUGQHtTTDHKGjdBA_5vjGSyVY2RLLYIoTqC_4oK1QAvWHw-IdXy3np33A-vSM829JCmPeovhp8AuYA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bbb1cf040948bea2829656ed20814d5ecabdeb106bff79cad43af8e6ed78161

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1680
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 8953
x-xss-protection: 0
server: cafe
etag: 10862945726693812791
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:22:29 GMT

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E871 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 14:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10903
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Feb 2022 14:48:46 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 9115
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_sc&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFK9XOv1YPQX_aftf10p4r0&google_cver=1

43 B
1 KB

151ms
76ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFK9XOv1YPQX_aftf10p4r0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNWSpFDJ94xP1zIDJCsFkvp-Ini73g04FDSUcTDU8BE5dHKCdttHeLOXEjzSUtJNEIp1Z6e27X62wYG8gIMO3R6PFqfaKw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNWSpFDJ94xP1zIDJCsFkvp-Ini73g04FDSUcTDU8BE5dHKCdttHeLOXEjzSUtJNEIp1Z6e27X62wYG8gIMO3R6PFqfaKw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:30 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.78:80
AN-X-Request-Uuid: e97b863c-3f05-4253-b9de-ba695deca630
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFK9XOv1YPQX_aftf10p4r0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 9115
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkyNjkzNDI1NjYwODQyOTY2OA%3D%3D

170 B
190 B

21ms
17ms

Image
image/png

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkyNjkzNDI1NjYwODQyOTY2OA%3D%3D

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNWSpFDJ94xP1zIDJCsFkvp-Ini73g04FDSUcTDU8BE5dHKCdttHeLOXEjzSUtJNEIp1Z6e27X62wYG8gIMO3R6PFqfaKw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:30 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.154:80
AN-X-Request-Uuid: 50e96bf4-0211-433f-b325-92c92caa9f1f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkyNjkzNDI1NjYwODQyOTY2OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 9115
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE5R2gxs9lv3Gq4LBOKCcL0&google_cver=1

43 B
180 B

41ms
38ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE5R2gxs9lv3Gq4LBOKCcL0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNWSpFDJ94xP1zIDJCsFkvp-Ini73g04FDSUcTDU8BE5dHKCdttHeLOXEjzSUtJNEIp1Z6e27X62wYG8gIMO3R6PFqfaKw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNWSpFDJ94xP1zIDJCsFkvp-Ini73g04FDSUcTDU8BE5dHKCdttHeLOXEjzSUtJNEIp1Z6e27X62wYG8gIMO3R6PFqfaKw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:30 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE5R2gxs9lv3Gq4LBOKCcL0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 9115
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjA0MzNkMmQtNjQwNi0yMzFmLWYyNWYtYjcxNjM1MGYyOGFi

170 B
190 B

20ms
17ms

Image
image/png

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjA0MzNkMmQtNjQwNi0yMzFmLWYyNWYtYjcxNjM1MGYyOGFi

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNWSpFDJ94xP1zIDJCsFkvp-Ini73g04FDSUcTDU8BE5dHKCdttHeLOXEjzSUtJNEIp1Z6e27X62wYG8gIMO3R6PFqfaKw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 15 Feb 2021 17:50:30 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjA0MzNkMmQtNjQwNi0yMzFmLWYyNWYtYjcxNjM1MGYyOGFi
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A918 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 14:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10903
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Feb 2022 14:48:46 GMT

GET
DATA 200
OK truncated
/ Frame A918 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6646817db7adabc09fc3385dbdb4f6c099f8d89f22e47942dc47849b6b314f2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 index.html Show response
s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/ Frame D32B 7 KB
2 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

780ec863fd97e0a7d657bef2d59ed437a7eb5c4f165365006127fcbc86f8be3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2055
date: Mon, 15 Feb 2021 10:18:01 GMT
expires: Tue, 15 Feb 2022 10:18:01 GMT
last-modified: Tue, 02 Feb 2021 09:06:52 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 27148
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame 12B7 0
87 B 50ms
49ms Other
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst2V4DAQqYUUk19FlMuX4cJg8C1J7Si1QEkUBejAkJmOaozyX3_N3OAVzk6P7BNki-ac2ALNuuE9ID98rfXBdEOX0UxmrGVVY1VnWQrl1AsBe2z_FDN97mEuyONGF8QUPxS4XJ2LsyZjN5kpkZJ26oCkq8NCyxeVZw0HzSRPQH-43gcuyZ5DoKTjg9pd_MY8UlAuoW9JkOFPlxZSia2XM59B9fz525vBKm3MXXzdUBHlTF_ekWOrH1OOfMYiZ0rELBG98npvAkkDYVbdFAvbAbggHIQY4qZpFMpuZB4Q8pVKXlWRdUSRHYafWssehoUlVVN61k0CII6-kCi3iIjAvlNV7RvpnjiCFONAFzbi7c86pghYwY2lXIJtlen5g5-SuKWMkq7sePPeEHqZ1RrzA2Rh17z_-gEQq2xXj6RsWv42l9FD4OcTjted1gwohPXZUWnzVvxNlGjHxmiL6f3WWf-tnT9MNUx_MkIbcmgkzBYW_qjeVoGP6A7v56jn98YIDeznkNrbaG1F5wApFTe-pCMq0QqzpyAkrvy31lxC9En6DR_xPvhb3dFo6dptnoTbjIrWcDGAvh5rluiwtxu9mhxwqtQQtfDYN2w1mP5lgM9mQLTKiWPVO4c64WrV_8WKdW6Uw_VjJV3gOCByIhthKMHyO2At8hJmN6CaUJGNyY_0j3TDfLDd3r7tMoJJLbNVTB7hHvxQBantIH19QD2YDiW_X91GMJVZo4FEkejl9fFNUWK8fguEjEsrDAwG1-N9T0VnZoEFDiTgAKk0RUueK9Lh-zbrdPPk2CNjamm4md3A5jTLPY0zgUh2k0sc3cnegLcAnH55rtC2D_A8sxy7p5o2QGc8Ylmpgs-MelmVmD6rBZh-n128GfjhBkqm_EFNMCUSWoDDai-atJNgM-GohLQpnKASaeBT0iyA4ZQE9CqgzRBBoiS1DZDE1-cWpCTJObx4f7qf74ICtLdP0AIGqbq2Y87tU8q6SXZUcAJQPMJuGe0Pqsb53b7kgnN1HEhfCqdZRIK_DclEQYu4G9CvQN5-S8iINTImJbMkfdE5Th8UY0p2xkIjYAxlPm-dCi018sDoCuZYDDGD5oBLJGCLZtLFkdjUeBHi8XmiHRRUTcX2T_CquG_PZYUMb3MHzsTG42frybZAn0mGEDuNV7nAiV_4NeDKJ3yMHPp31Lc&sai=AMfl-YQxwBRoADsUqLSr-bJ68iQ2Zk5CtcgPvLvuAOAX3-zQ9JdHkec93pAtbQqqsLvGNVbyZ2dqOQ9cyi4PbonK4p-9tgyzHMywEAoq80Ik7_MDl8WDbgIb1scWys5kND2cXKK3YFUFn9tWHKH1PD8Nzl_Z606e8HhZcSDrFZ1hiWEdJiGiKY1F5Xo-ZzLyca7coqI2Ds8msXccNb8Tz5h2NL7Gu3lNxRO8dGm1RLJ0iZNqUPgaZLeqciNCUHPm417ThoD30QFtvbSrOGZCcBcfWiKp1MMZ_glpOWvlTTUhBy-LAUUbq2Y3cI8uvBc7aOXxs-1PwmS0hopxaTkCZZD9FixuEUU2FKFpHM3eeS4Q2x3CIa6avirm0HiLo3c5X13hO9g4ykDs&sig=Cg0ArKJSzLIwpk4b4uBGEAE&urlfix=1&omid=0&rm=1&ctpt=182&cbvp=1&cstd=178&cisv=r20210211.93297&adurl=

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 15 Feb 2021 17:50:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 9D1C 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BUpkkx92v-qZdnPSyA70monSZTeBj2Yk2We9swtmg4_LiDxmkzeYEPwIe7qL55FeceT16W0qFZw_WKDuqz9uN7q9Tuh3HcAIGewX2zKA71Nbvof0NTzsdxMTJAP4-acfeonDrHJ5O8S7yFlgE_NMPeNp1lDw&cry=1&dbm_d=AKAmf-A-n8yvcAoyVLmOPwUlJPcakcJZY9xrLr6cmQsF0d2_ktAWil2liRJF1SGbjXdMJkgCvaDtBUJgi6bEHusv9JCgt8wdA9WFK3j_EVdTw90p3kons4B79zkydwsq6MioR0Z_v3yFrYsCHOTNshDkFn4N9Nm8mTce8E_8QfDRBzhF6Avwb_ZOKK820RcaZA3ExnOpPFmeUXv0WUXu3Xti63x2d9sba59GXRMdZS0AR6NnH8H7R3T-X9PbQviqp5gt0ZwQ_dhPQVw_dMDxm3tffOmXLW-v-vm12KXU0ARCOWn_ZIVZMzKPnqy8A3cj31JTm5yQL6EQwdkUzFUAYDQkOqaGTkyqtKqHhNmTFsiopBsMysiOYhvqEp41iq9mBuv94UlV0XX7EBWUePyk0aCDttINRdGNUKOmZafpDw99SE2EwZT-gaifDTY2G2i2_a56_idCp60hqRJWIctjh_0YKmrnX95pD_SLP_BDNmsOjqHnhLKcZpixxM7mHkph1VAzwpiP5xUmXLDyWnrMnqpVDcIWoX116EAIK9ogslqb5y6IZHJHcR_8CS3TxdlWgCu_57JTb75OuTzawSrsBzX2w-2npOI5YbBv4BW18-AyRWOxc-0bCTWPchd4FV3Mz0h-GQXq4kdNHBOs8WnPYSAUscCu-G_MeL7_z-m3y2PR--TLG4Vag8Xj-zJd513pgiDyQaTv4quE44C_FXlFw3AXUfeEuhGIShfaYt7QGrctRmpO9i2x9BBBbsBTfaBLlWApyFVyG7O3zE2vsR_mOHFocLVgGBI0v2iJsJeX2iy7_b_Lj7uKdfimJKh2CGhfvR705h-2xQ5nluRAMeKryVvx9uQlWqPOYgJzXckil1OdK6ijkVrWWiTMHZsDHsd2moeeWirllb_1yNJXXWtPoYtobvR5L2_SiTvh_eEIprSi-F2e2z0Ufv7cg6eJ-sARtco756o-FS91-HfP8Yq2Xu1WA95EsPmyHlramVbJisqO8pgQYBHvFqtBBt_08DOVD2HkKpjFj2eLo8ED12mYhmR3SGynULQ2-1m7UmA_iJ-z8vICqnt00QRqw0c-Dx_Iu47Q7u0_DJ6Cp2MgqmAzLd0jQEYDcY-F8kmwqFPcaNFLZiBJmzKvWdM8wE8yaiggkwIfGel84CNVvDMFXJAGg9c3790cMAtmNor2y9f_qUBHI8uP9OUyhdl9FRRCmTC4DeXgIQ_mbbjW6jgoTjymDbgGPr6N-jmwjB8egptdNu5iKGPE3QjtiDG9jy9DGfP52rf2yUGSBE5TMtHzhCIjQ3Twi56ad4LqnMcxMy2Z4R2_nuZQbcYPgDmEphy4Uk9vajsCSnoYkgfnYvYtUPXl5u5Oj682MhEwWcwkzaYxYiebccXDDiSAQqgZTuiGrhxy92sjp680wWm4PugaT9sEpBGebby7pZJOGM0Tu8cofUfUXMuzuGcsZLUITVn-O9eVsXppi-sJEP-cM0UGT9HbjWRgK7R6f_C5uuVAam1nvjfVOzWlm9bf40e-qo6FmnLuPHr7lRrNGsEek1wGo3InnhQYie48JxtuSifpQohlEbJj9N0nCS_OJFy69Lz5h8v-8T3mTDPggih--Oll6h1E2kV6vkh9eRWIONeHmmBCczsM90N1ncBKAbsu0vFcEbIZCGL8UoJQvv6KYHXrXqp67pelmopGa6qLwijao1vmoKLQ8lMizwoTY8M4pTpKkK1SGhqieHiX6YdHXWfYMDqdSiC10WhsHqlHUc-VGuDe8b7SPe2yhNbJiwuqHtzM-JYAvcj2bS3amkmP6bL-aVKzRBJifTD13zzZOEimr-xogprg8SGvT-ClleXu20K-pWggyffMs5H3SGYVoMUf9Pect6EDIw4Ea24UWKsqlNJIoL8Bqqu6uDw84gek7H2FXfzy2yGLZXqH0q-T042BLPKz1cXwHlVFp5wwXDYmsJUZQmlLWPlGeRQ30dCFJhDoBVjGVJPyHqiEtFO-aNfM30LMJPuGU3v0zcHmRu3Y7XrVC3xK6Qpnn3FAn9T0q5JDIxpsNXSd93bCReLRmGK6mEkOYcnZCFmsiXzo6O5DIRnvg_HERDxOfkLNgKLxDFaCxRBXJ-opIk8Yggj3G2LNFsM68LLmKaOg5upBoYceVjrCryxkjfPu9V2HUOs8mJ7uGOAMa5i9RePgBjBQSaYH-jTPOa5YXL7c1_-Spmncli71TMKaCMl8lmCB_w8d8eqqRLvKYeR9XOdUHnKmDrn_-t5k5bCkhj2ordii9nl-qhasEzNZFZCdOmBkRKKBzEpT2Df83n9nNZYGv4dNAkWn0P6rFsTfNAtwif3Dg5vFLtptWMgpMSw6riW48lBNIaz2k78UqsbvM6d7X8gbEpQvZS3g8cjK4xplHmp6fJwNntsPjWF98knNRGbWeBwSq_i80_15a2XZqEu2Xl6y3CEKwS6QhTLnCWc-jFEJAoGhAfC60jwooCj4B6Mqhx6MBPV0dKSWQj0nVPgIX7x4YmTYOhuucMJk432DON-qQawiGgpWIF-5X0qOC_38X867XMKkHl0DIXvtIqIAE7VZ3WUdAahkW-Bm9k6jgzi8HhfBFM9SOoNh0YjB2CaRyjue5FyHonjmV1MMa1MXBxwZ4MnB57IpI_AQFhr5ctqPOKUFBrgBBHHwNd3cRSFCEkAnb_xVrSzP7ggdkGAFF9NYGdWDTjdva9eyiFHrG5zQIhqcjXm9QwODaxfEd6MXcQpIiZv24NY_Z5MSUKNwd_DjHRTnZhB-eWLOEPzBQCGNvme2bDRsZ6J1EJB_3dr0zBA0Q-5CKVyfHpJZudF0JIF6JTWQ9jfONk3nuFSw_kqWTcbPCl44DzIxC83lNHxyfEOqHiXnJZlTIhCXYjNspSSiAbAtWGDS2_a6xXWHtcFmxHvGVwkLC0ivjGGvSzfOSCU49GZ4pkqkk9_Ui8TSVpqzo8VqzbPJtj_xFJ7ko5iAfmONwyGbtyB4PY4hmhQOrTm9cAswGw47t701Ce2K8fqmLfiPVJZuchrZ0OicYqpsevhI0_c9K9k_17t5fe-wCLwyRjweeMD9fIifi-3ioANRg6Tzk3yfQ4pp1e53qUEFCa7VQybjHd75ktRCzVLrt_NWEsVH7zEC27q7J8GJmCI8WOzF-W7nmNF_giCgYy2hsIXJTsF5g20cGXlO49kbE1Gurc6tQ36jNAAhZt_VeW-RuosGGxqBL9uvxH5nq762pQ4CRptivc1-N7zycdD2_oGy7Q3jzrmcHRTJ9Hgiypum5dojHAuDiEe-WhDvGeRLE8Up6663A0neryWjjOIDMa4suaRQ7hNIxQFlWMJa784vZruy7jqUXoEVPMM_p_GZPf_fREgxt8lAKpFWt_uWU985ook_xtk_tk0aWK5SBMUexl7ZMyOkHhkUukJaa3HYag&cid=CAASPeRoVG18dAOn8A9p44qKpYpfeonp6mKumTOlpYm_Cb2imbCTUB0kng8k4-2yJw4eWc30uSNHSUe1i-pohDg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bbb1cf040948bea2829656ed20814d5ecabdeb106bff79cad43af8e6ed78161

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1680
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 8953
x-xss-protection: 0
server: cafe
etag: 10862945726693812791
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:22:29 GMT

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9D1C 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 14:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10903
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Feb 2022 14:48:46 GMT

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 12B7 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 14:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10903
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Feb 2022 14:48:46 GMT

GET
DATA 200
OK truncated
/ Frame 12B7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: daff2a3cd865d5f34ae7a6ac0a2ace1fd4d87f5157c5d3efe7ed86e049c91fa5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

um
sync.teads.tv/ Frame 74FE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_sc&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEIycXJ0tal-tgfHRoheoRhw&google_cver=1

23 B
172 B

77ms
76ms

Image
image/gif

184.31.88.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEIycXJ0tal-tgfHRoheoRhw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDai_6TAhi5192cATAB&v=APEucNU6rtL0A1Fjaqiz81alXWUTBcEeze6ytO4Xv7fPn9ccUuKiHK-RMLQHjcJDEUaMdITsLGxGIMxS7hXydh0CT9wuwnNSTw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.88.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-31-88-106.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDai_6TAhi5192cATAB&v=APEucNU6rtL0A1Fjaqiz81alXWUTBcEeze6ytO4Xv7fPn9ccUuKiHK-RMLQHjcJDEUaMdITsLGxGIMxS7hXydh0CT9wuwnNSTw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:30 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 15 Feb 2021 17:50:30 GMT
server: akka-http/10.1.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEIycXJ0tal-tgfHRoheoRhw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 74FE
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjZhNTgxYzJiZDM2Y2UwNTdjYzU3MDg5ZWQ2OTVjZWFmMWE5N2U0Yg==

170 B
201 B

18ms
17ms

Image
image/png

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjZhNTgxYzJiZDM2Y2UwNTdjYzU3MDg5ZWQ2OTVjZWFmMWE5N2U0Yg==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDai_6TAhi5192cATAB&v=APEucNU6rtL0A1Fjaqiz81alXWUTBcEeze6ytO4Xv7fPn9ccUuKiHK-RMLQHjcJDEUaMdITsLGxGIMxS7hXydh0CT9wuwnNSTw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDai_6TAhi5192cATAB&v=APEucNU6rtL0A1Fjaqiz81alXWUTBcEeze6ytO4Xv7fPn9ccUuKiHK-RMLQHjcJDEUaMdITsLGxGIMxS7hXydh0CT9wuwnNSTw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:30 GMT
server: akka-http/10.1.9
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjZhNTgxYzJiZDM2Y2UwNTdjYzU3MDg5ZWQ2OTVjZWFmMWE5N2U0Yg==
cache-control: max-age=0, no-cache, no-store
content-length: 197
expires: Mon, 15 Feb 2021 17:50:30 GMT

GET
H2

200

sync
partners.tremorhub.com/ Frame 74FE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_sc&google_dbm
https://partners.tremorhub.com/sync?UIGL=CAESEIOfOxDk5a92TJgvYesp7yE&google_cver=1

43 B
183 B

288ms
87ms

Image
image/gif

2600:1f18:612b:4200:8331:bab2:3072:ce38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIGL=CAESEIOfOxDk5a92TJgvYesp7yE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDai_6TAhi5192cATAB&v=APEucNU6rtL0A1Fjaqiz81alXWUTBcEeze6ytO4Xv7fPn9ccUuKiHK-RMLQHjcJDEUaMdITsLGxGIMxS7hXydh0CT9wuwnNSTw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:8331:bab2:3072:ce38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDai_6TAhi5192cATAB&v=APEucNU6rtL0A1Fjaqiz81alXWUTBcEeze6ytO4Xv7fPn9ccUuKiHK-RMLQHjcJDEUaMdITsLGxGIMxS7hXydh0CT9wuwnNSTw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:30 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://partners.tremorhub.com/sync?UIGL=CAESEIOfOxDk5a92TJgvYesp7yE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 283
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 index.html Show response
s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/ Frame 0A33 7 KB
2 KB 12ms
11ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4ea9ac69c851abe1d3d88cdfeff53463572bbfc448da01269cbaffdffb3b167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2048
date: Tue, 09 Feb 2021 13:46:53 GMT
expires: Wed, 09 Feb 2022 13:46:53 GMT
last-modified: Tue, 02 Feb 2021 10:17:44 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 533017
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame A918 0
23 B 50ms
50ms Other
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQI6VUtDQ7wEx5BKEi5JhZHX-EKfH4__R-AxEH5DNm-4U1eDdjvG3YbEDAsnIkUDFAszVRrFIa5wV0ecdoDiWido6s6UC7gqzzmoEjmbgFczYpWU87rLXj1no9yxlrCApCiJUjd6idEkEEPA92pY93F13DTpFuaFbXfOs_aSDky3ulKRj0A9z6LKm6wzRR41PnpB6soqwSLn9fcAbogCAS3N1OAMFv2_rfldBo-zgkmT99RiCN8N_iD9P8wt8lPU_mmhsgEIT5d602Vb16aR8DbWVtjrzSE0rjGYuGdXsI8zy0eh4W-7gDVv0DudHc3XEeqZVA7q4yRRcY7oQIiMnRucBwjX59dfO9HUrIcaTBoRUZQU3Z4wO5DmAlzMNJ7oshoddnjlVtPZPBWnMOLSKAyHaZViQMGgLVPgRRk5X4bTwnEtXqTNFkSfc767y-MMRpoZaHZmIolEkF_c5WyjnBj_pjWSRwdm8QYll19AtQpJ0AdnPw6mGyrK9MTM3hnW7qHdHOeKBEoYEFiLCSoOrzGJtWhoei1Xwr8ct02pl7pTS14lVonOjUzjZ8i2L_bvDXSpQnjqDpPlsng99bmUlf7zl7ytP6uPKSvEV6hCsDM4kW9Fy4aLVP69HNDx_vv_IEE0DceXdm5feaOZAwnK9-3FTJCuwR9kgTrtCulwjT7Km9xch4TiEDEzF-B29f2JSto1spC0ZUGk03GU6cePUnAAOV0lEo6OWkYwy7s3oouAmYd9sSRHqCEno8-YwFl0SgHlThzVhJXwKp1gqZYgieVr952WiXsGOhp77HW2UtW2t2gSuPrOqv2m83WZNPeJbnYl3YGLknCQTZaMkpbTCYJz4JUZi5RbsWn4plFt9YZ86AwA3NkJoea8r31gOUiHlvIYKI5ESbrfM2NRyatyTdIkKZhHWfc1auSHkskSRY07YkSqaGrrk3NOoi7vgy-orYhJAdzcoJskdfSKWfpLzxRSD8JzXOF9-Ovl0Woz7t8T5jnMOur4hlQxnW-PZmx-ZNvyML-PmfhEowIXwu4M5BamxXD_-slOViACz2ihd7i6evIs8DdKNL8gwXocBq2r5BNI0BBJg4-wim9CHIQGEkpWbdOddY3B9T1ge0jrBvPQKPxv1W2ooWcC8ghJCa2Z4tGtYsrOj73f45x9hlz-60AbFqH_zGYc6PaC4yORjO&sai=AMfl-YSM3LDPN68XZ_HI9TpId614-yQHgNE0aZyvla_oUI4WjnHuEUj7jevBlX60GXfPGtqWZPCR_MnZHRUvwtjVf2Fh2Qtb8kaR7kmh--ZPvITL8K24zeaOh2cc-tJddu_itYoqhYodRvkT6_2tAGLo9gW8tJYyxEaueJ77Ji9L4wS2-4SR_Wo0yJQjDn7CrFwbjQTmGnARDQCtuwyiV3zQLh6YnqwIWwWW-8sD_tnZNRERIGUJqXLAHzDYNHHLFaCNPBJ8_89mVmqZ3jewtUl6ZfnqBKPIhDTjjQ-90Oe3BW_w21GtM3TJMeFoGZ_XkVj7tTolFvg7-N8Emz6SpLaY36CQQ2zNPzMUWBcTKRyx9Xfw-gTqn3KSfDlWoxfH_0LyIHtkV8OJ&sig=Cg0ArKJSzN9eqwQqnOxbEAE&urlfix=1&omid=0&rm=1&ctpt=326&cbvp=1&cstd=324&cisv=r20210211.66305&adurl=

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 15 Feb 2021 17:50:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 55D8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELpVw0RMD7rLADR8qYA-BPc&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELpVw0RMD7rLADR8qYA-BPc&google_cver=1&__user_check__=1&sync_id=4b6808a0-6fb6-11eb-9490-197e22df1606

43 B
548 B

41ms
40ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELpVw0RMD7rLADR8qYA-BPc&google_cver=1&__user_check__=1&sync_id=4b6808a0-6fb6-11eb-9490-197e22df1606
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY4aXhOjAB&v=APEucNX1EFe27ZIXX2tExNdS0V89WX_vy5JsJ0oukRfi2l9eglTOkjOiVZRhE-034nJZhCLb1QNE2eMKwi15M6q6UpWR5l1axg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY4aXhOjAB&v=APEucNX1EFe27ZIXX2tExNdS0V89WX_vy5JsJ0oukRfi2l9eglTOkjOiVZRhE-034nJZhCLb1QNE2eMKwi15M6q6UpWR5l1axg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:30 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 96
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 15 Feb 2021 17:50:30 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESELpVw0RMD7rLADR8qYA-BPc&google_cver=1&__user_check__=1&sync_id=4b6808a0-6fb6-11eb-9490-197e22df1606
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 30
Connection: keep-alive
Content-Length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 55D8
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NGIzNzVhM2QtNmZiNi0xMWViLWFmNGMtMTQxNDg0MzMzOTA2

170 B
190 B

25ms
22ms

Image
image/png

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NGIzNzVhM2QtNmZiNi0xMWViLWFmNGMtMTQxNDg0MzMzOTA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY4aXhOjAB&v=APEucNX1EFe27ZIXX2tExNdS0V89WX_vy5JsJ0oukRfi2l9eglTOkjOiVZRhE-034nJZhCLb1QNE2eMKwi15M6q6UpWR5l1axg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY4aXhOjAB&v=APEucNX1EFe27ZIXX2tExNdS0V89WX_vy5JsJ0oukRfi2l9eglTOkjOiVZRhE-034nJZhCLb1QNE2eMKwi15M6q6UpWR5l1axg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 15 Feb 2021 17:50:30 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NGIzNzVhM2QtNmZiNi0xMWViLWFmNGMtMTQxNDg0MzMzOTA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 19
Connection: keep-alive
Content-Length: 0

GET
H3-Q050

204

match
googleads.g.doubleclick.net/xbbe/ Frame 55D8
Redirect Chain

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
https://googleads.g.doubleclick.net/xbbe/match?xid=E0

0
441 B

40ms
39ms

Image
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/xbbe/match?xid=E0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY4aXhOjAB&v=APEucNX1EFe27ZIXX2tExNdS0V89WX_vy5JsJ0oukRfi2l9eglTOkjOiVZRhE-034nJZhCLb1QNE2eMKwi15M6q6UpWR5l1axg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:30 GMT
x-content-type-options: nosniff
server: cafe
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html; charset=UTF-8

Redirect headers

date: Mon, 15 Feb 2021 17:50:30 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://googleads.g.doubleclick.net/xbbe/match?xid=E0
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 49CA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELpVw0RMD7rLADR8qYA-BPc&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELpVw0RMD7rLADR8qYA-BPc&google_cver=1&__user_check__=1&sync_id=4b440226-6fb6-11eb-9849-14e583301806

43 B
548 B

43ms
40ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELpVw0RMD7rLADR8qYA-BPc&google_cver=1&__user_check__=1&sync_id=4b440226-6fb6-11eb-9849-14e583301806
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDai_6TAhiMgNycATAB&v=APEucNWe8lUXcpAX0eaQCqV72rtBTBW571II1UcJrmuqbNkU4AIudgvpGtdZUSzhz0BH_yHEvaLY6KV2CeH-eozvBwZzqjugrw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDai_6TAhiMgNycATAB&v=APEucNWe8lUXcpAX0eaQCqV72rtBTBW571II1UcJrmuqbNkU4AIudgvpGtdZUSzhz0BH_yHEvaLY6KV2CeH-eozvBwZzqjugrw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:30 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 70
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 15 Feb 2021 17:50:30 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESELpVw0RMD7rLADR8qYA-BPc&google_cver=1&__user_check__=1&sync_id=4b440226-6fb6-11eb-9849-14e583301806
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 116
Connection: keep-alive
Content-Length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 49CA
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NGIzNzVhM2QtNmZiNi0xMWViLWFmNGMtMTQxNDg0MzMzOTA2

170 B
190 B

17ms
17ms

Image
image/png

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NGIzNzVhM2QtNmZiNi0xMWViLWFmNGMtMTQxNDg0MzMzOTA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDai_6TAhiMgNycATAB&v=APEucNWe8lUXcpAX0eaQCqV72rtBTBW571II1UcJrmuqbNkU4AIudgvpGtdZUSzhz0BH_yHEvaLY6KV2CeH-eozvBwZzqjugrw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDai_6TAhiMgNycATAB&v=APEucNWe8lUXcpAX0eaQCqV72rtBTBW571II1UcJrmuqbNkU4AIudgvpGtdZUSzhz0BH_yHEvaLY6KV2CeH-eozvBwZzqjugrw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 15 Feb 2021 17:50:30 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NGIzNzVhM2QtNmZiNi0xMWViLWFmNGMtMTQxNDg0MzMzOTA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 92
Connection: keep-alive
Content-Length: 0

GET
H3-Q050

204

match
googleads.g.doubleclick.net/xbbe/ Frame 49CA
Redirect Chain

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
https://googleads.g.doubleclick.net/xbbe/match?xid=E0

0
17 B

47ms
40ms

Image
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/xbbe/match?xid=E0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDai_6TAhiMgNycATAB&v=APEucNWe8lUXcpAX0eaQCqV72rtBTBW571II1UcJrmuqbNkU4AIudgvpGtdZUSzhz0BH_yHEvaLY6KV2CeH-eozvBwZzqjugrw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:30 GMT
x-content-type-options: nosniff
server: cafe
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html; charset=UTF-8

Redirect headers

date: Mon, 15 Feb 2021 17:50:30 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://googleads.g.doubleclick.net/xbbe/match?xid=E0
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK visit Show response
api.dable.io/logs/services/tinthethao.com.vn/users/85873990.1613411429638/ 54 B
285 B 275ms
275ms Script
text/javascript 3.35.249.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/logs/services/tinthethao.com.vn/users/85873990.1613411429638/visit?url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&ref=&lang=en-US&cid=85873990.1613411429638&z=506472&callback=dbljson2

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.35.249.226 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-35-249-226.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Connection: keep-alive
Content-Length: 67
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK sendid
ace-sync.toast.com/ 43 B
650 B 1049ms
258ms Image
image/gif 115.88.123.125
NHN-AS-KR NHN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ace-sync.toast.com/sendid?sid=dable&uid=85873990.1613411429638
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 115.88.123.125 , Korea, Republic Of, ASN45974 (NHN-AS-KR NHN, KR),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:30 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Content-Type: image/gif
Access-Control-Allow-Headers: Content-Type,Accept
Content-Length: 43
Expires: Tue, 01 Jan 1980 09:00:00 GMT

GET
H/1.1 200
OK match
analytics.ad.daum.net/ 0
571 B 1770ms
311ms Image
image/avif 203.133.167.207
DAUM-NET Kakao Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.ad.daum.net/match?d=111&uid=85873990.1613411429638
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 203.133.167.207 , Korea, Republic Of, ASN9764 (DAUM-NET Kakao Corp, KR),
Reverse DNS
Software: analytics /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:31 GMT
Server: analytics
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Type: image/avif;charset=UTF-8
Content-Length: 0
X-Application-Context: analytics
Expires: 0

GET
H2

200

google
adx.dable.io/pixel/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
https://adx.dable.io/pixel/google?google_gid=CAESEG1oa9ForBYFgMMd5zm1EEQ&google_cver=1

35 B
195 B

844ms
272ms

Image
image/gif

15.164.190.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.dable.io/pixel/google?google_gid=CAESEG1oa9ForBYFgMMd5zm1EEQ&google_cver=1
Requested by: Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.164.190.193 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-164-190-193.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:30 GMT
server: nginx
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adx.dable.io/pixel/google?google_gid=CAESEG1oa9ForBYFgMMd5zm1EEQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 287
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D944 22 KB
8 KB 14ms
13ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 15 Feb 2021 14:48:46 GMT
expires: Tue, 15 Feb 2022 14:48:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10904
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55946/ Frame 20FA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_sc&google_dbm&_origin=1
https://pixel.advertising.com/ups/55946/sync?uid=CAESEPPIUcPCUYudC2uNXMWUOug&_origin=1&google_cver=1
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEPPIUcPCUYudC2uNXMWUOug&_origin=1&google_cver=1&apid=UP4b33a9a5-6fb6-11eb-a202-062a41297586

0
976 B

93ms
93ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEPPIUcPCUYudC2uNXMWUOug&_origin=1&google_cver=1&apid=UP4b33a9a5-6fb6-11eb-a202-062a41297586

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYn5PhOjAB&v=APEucNXHdkxyAuWTFXKcKBu0YgDhjyTd5b7Pga5vKeUOEMKKKtWQx9pgMGyp3fyfo71o1And6kTPb6DdGopBoRTUnDBKCRQBLg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYn5PhOjAB&v=APEucNXHdkxyAuWTFXKcKBu0YgDhjyTd5b7Pga5vKeUOEMKKKtWQx9pgMGyp3fyfo71o1And6kTPb6DdGopBoRTUnDBKCRQBLg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:30 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEPPIUcPCUYudC2uNXMWUOug&_origin=1&google_cver=1&apid=UP4b33a9a5-6fb6-11eb-a202-062a41297586
date: Mon, 15 Feb 2021 17:50:30 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 20FA
Redirect Chain

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP4b33a9a5-6fb6-11eb-a202-062a41297586
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA0YjMzYTlhNS02ZmI2LTExZWItYTIwMi0wNjJhNDEyOTc1ODY%3D

170 B
245 B

17ms
17ms

Image
image/png

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA0YjMzYTlhNS02ZmI2LTExZWItYTIwMi0wNjJhNDEyOTc1ODY%3D

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYn5PhOjAB&v=APEucNXHdkxyAuWTFXKcKBu0YgDhjyTd5b7Pga5vKeUOEMKKKtWQx9pgMGyp3fyfo71o1And6kTPb6DdGopBoRTUnDBKCRQBLg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 15 Feb 2021 17:50:30 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA0YjMzYTlhNS02ZmI2LTExZWItYTIwMi0wNjJhNDEyOTc1ODY%3D
Connection: keep-alive
Content-Length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 20FA
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0xR1FhSGxOMWwyWXJkSU5saTV0bGpDbWJiWlhkVFg0dA%3D%3D

170 B
190 B

20ms
17ms

Image
image/png

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0xR1FhSGxOMWwyWXJkSU5saTV0bGpDbWJiWlhkVFg0dA%3D%3D

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYn5PhOjAB&v=APEucNXHdkxyAuWTFXKcKBu0YgDhjyTd5b7Pga5vKeUOEMKKKtWQx9pgMGyp3fyfo71o1And6kTPb6DdGopBoRTUnDBKCRQBLg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 15 Feb 2021 17:50:30 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0xR1FhSGxOMWwyWXJkSU5saTV0bGpDbWJiWlhkVFg0dA%3D%3D
Connection: keep-alive
Content-Length: 0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 6B54 0
0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 39ms
39ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=1962937288070972&r=300x250&w=300&h=250&a=0

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 container.html Show response
0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame F31B 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tinthethao.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tinthethao.com.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Mon, 15 Feb 2021 17:50:28 GMT
expires: Tue, 15 Feb 2022 17:50:28 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

user-registering
ads.stickyadstv.com/ Frame 3D97
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_sc&google_dbm
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEAsPkHGG6zK62MHiRA7aGtQ&google_cver=1

43 B
721 B

89ms
33ms

Image
image/gif

104.84.57.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEAsPkHGG6zK62MHiRA7aGtQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNXdN9NXrXeI-563NJuY2O4PTMyfv2V5yo3NuFS2bhiP2yA2byC3t-VIQQHuO4npZjr1lG2nK0B5OKWxRqTbMcDBnK8Ocw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.84.57.138 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-57-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNXdN9NXrXeI-563NJuY2O4PTMyfv2V5yo3NuFS2bhiP2yA2byC3t-VIQQHuO4npZjr1lG2nK0B5OKWxRqTbMcDBnK8Ocw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:30 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1613411430274027-151
Expires: Mon, 15 Feb 2021 17:50:30 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEAsPkHGG6zK62MHiRA7aGtQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 317
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 3D97
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YmMxM2Y3NTc2OGM0OTM3MGEzODg4NGZlMjdhMzIzOTM=&gdpr=0&gdpr_consent=

170 B
190 B

17ms
17ms

Image
image/png

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YmMxM2Y3NTc2OGM0OTM3MGEzODg4NGZlMjdhMzIzOTM=&gdpr=0&gdpr_consent=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNXdN9NXrXeI-563NJuY2O4PTMyfv2V5yo3NuFS2bhiP2yA2byC3t-VIQQHuO4npZjr1lG2nK0B5OKWxRqTbMcDBnK8Ocw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNXdN9NXrXeI-563NJuY2O4PTMyfv2V5yo3NuFS2bhiP2yA2byC3t-VIQQHuO4npZjr1lG2nK0B5OKWxRqTbMcDBnK8Ocw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:30 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YmMxM2Y3NTc2OGM0OTM3MGEzODg4NGZlMjdhMzIzOTM=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1613411430150085-161
Expires: Mon, 15 Feb 2021 17:50:30 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 3D97
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_dbm
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEAEBLmwGsLEjYHJPPIv7CWA&google_cver=1

43 B
693 B

121ms
39ms

Image
image/gif

185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEAEBLmwGsLEjYHJPPIv7CWA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNXdN9NXrXeI-563NJuY2O4PTMyfv2V5yo3NuFS2bhiP2yA2byC3t-VIQQHuO4npZjr1lG2nK0B5OKWxRqTbMcDBnK8Ocw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNXdN9NXrXeI-563NJuY2O4PTMyfv2V5yo3NuFS2bhiP2yA2byC3t-VIQQHuO4npZjr1lG2nK0B5OKWxRqTbMcDBnK8Ocw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
cache-control: no-cache,no-store
x-smrt-reason: 5
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEAEBLmwGsLEjYHJPPIv7CWA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 3D97
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMAR...
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_hm=ODk0MTQxMTIxMzU5NTM4MTQ0MQ==
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEAEBLmwGsLEjYHJPPIv7CWA&google_cver=1

43 B
434 B

41ms
40ms

Image
image/gif

185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEAEBLmwGsLEjYHJPPIv7CWA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNXdN9NXrXeI-563NJuY2O4PTMyfv2V5yo3NuFS2bhiP2yA2byC3t-VIQQHuO4npZjr1lG2nK0B5OKWxRqTbMcDBnK8Ocw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNXdN9NXrXeI-563NJuY2O4PTMyfv2V5yo3NuFS2bhiP2yA2byC3t-VIQQHuO4npZjr1lG2nK0B5OKWxRqTbMcDBnK8Ocw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:29 GMT
cache-control: no-cache,no-store
x-smrt-reason: 5
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEAEBLmwGsLEjYHJPPIv7CWA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK jaca9pdc7b7l Show response
hal9000.redintelligence.net/zone/ Frame 9112 11 KB
4 KB 119ms
38ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/jaca9pdc7b7l?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCBt5eZLQqYPyVGcWo7gOe75TACOS0qoNXl8qo_64H8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBNYBT9B9BwHGGnsrVgL7gyhkDFBPOWav5TLkRP6SD_7IMYZ8cIrSrW0caJY_3sXX-SaI3AFYUq7KdRTh9Cw0HWM9BJKcFn51OEey4gTSAcz-hdBWDcxs0OUZW7BluIAJcfgBVOHGHs0GgdBmxbNHN97eE6Fz2A4sxcswIkZPiOhVT6FS2EdtrdAexO_JaY6eCkIDrGdpmr4lLv6MT48_gf2kjPBhck8letdpX1Ldi_8ZT_4Zm-qE-HLUKqUlZBSf8u0i3YT7IEIHqFqgqTZuREbY9xKiQkhgBcAE5ZTf0c4B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00MTk3ODQ0NzAyMDE3MzA1gAoDmAsByAsBgAwBsBOFwLUK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoVRkKb1TiSC-RlGAHCVDfynMw_glRGLHcdz59eagE6lHUwWYvm2EB7168jpSVKxMU7Jb8B9Y0cuH-to0%26sig%3DAOD64_0z9xxZq8mN4TWob0fn_w92_0mOsA%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-DVFne3XLMnBjHM9doZ87gonMY81WF8YclE8CjHhKFn0D_EfsnmzGz9MshIWkg1GCNKuqa655IllzsY5UnzFThaazaQfkbDquy_FNCRuYpf3pIh0j00FlrGnCEvtOI4PsGTNNVO9CXS_vcovEOyzxT8FcUUwQ%26cry%3D1%26dbm_d%3DAKAmf-CCi3I3W6Nmk4421_vEyryeqIUcl6VsXRpzWYE2_BN-ysiQtHqsXb-DBxbfA7KYgW9VsmCSE6qOtkrUGV-iTrruhL6MF0bUMnN6BVGCfSshDosEE0XPXhtV9qd5pSdpwaC7BCZzcynUAUhUs0szDqLhcKrlvEo-FJQmtFoKFSgihKxtBAAUfr3xlL0ZRlW0LsTkIPJxIUU69lYndQ_QtwFyc_YHemJVvpkSgAORfyB505Lt9RkzK1Xmo3lx_GX0sLeNnv8aijf9rxjwyQT4my7t-iB5fEp1MlEKQeE7-ABVRLiWJtDkGEszZqdr3OjrOBbWB_Aj6DW5Ex_OlFzKuaWpP3pTRI6sz-xYV31NFF1bJygUqy2gc0uqFZeJi6_pLjCiC4k5sKcK9Cb4HUMWNehoNOUEe7cuHXrErj15u46LxHfwXupvS_qSUvkBNBGOMVz4C5D4%26adurl%3D
Requested by: Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 73a7d988d8d7d6b847db6070c318b5707be094ef3b8cc18f77e42e8d07dcf4ee

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:30 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3933
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F94D 22 KB
8 KB 9ms
9ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 15 Feb 2021 14:48:46 GMT
expires: Tue, 15 Feb 2022 14:48:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10904
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C326 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 15 Feb 2021 14:48:46 GMT
expires: Tue, 15 Feb 2022 14:48:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10904
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6834 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 15 Feb 2021 14:48:46 GMT
expires: Tue, 15 Feb 2022 14:48:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10904
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F87F 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 15 Feb 2021 14:48:46 GMT
expires: Tue, 15 Feb 2022 14:48:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10904
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EDDF 22 KB
8 KB 6ms
5ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 15 Feb 2021 14:48:46 GMT
expires: Tue, 15 Feb 2022 14:48:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10904
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK fmcs5wnh4tfi Show response
hal9000.redintelligence.net/zone/ Frame 9951 11 KB
4 KB 112ms
36ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/fmcs5wnh4tfi?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKZlOZLQqYP-VGcWo7gOe75TACOS0qoNXmuHOw60K8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBN0BT9Bw9zE5nenPqPRlffpUQSyowuEL1CDoxETDNt2bOaFW1tmN19JAK0eLO9ot2GlXlFIojybiUm5RG5j33ssxWeKq0QRJr4y1x9MIqKxNmeI41AtuhcdUS92n92L7QpjPF1RgSCUb67SuoQEvaDRONm1oauN6tjFhP7ioSlnyzQI7tEWbN1315ef7yAfz7xgHb_FgHq5w8QX6r4Hubla3kfGN1lPdfexV77uv504-gUXEUnY1ASGCcXMVrrTD-UUZqCK5KOjqxdX6JynEKw4wS7HpBhQH4Z22NvezFdbABOWU39HOAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBAEAEYHfIIG2FkeC1zdWJzeW4tNDE5Nzg0NDcwMjAxNzMwNYAKA5gLAcgLAYAMAbAThcC1CtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoRSCA6VJYeKpENUvMvhFGu0L7lAYgeOjM69wY5qPrO_WIZdii0VZW5H8DZjEP-8HmqV3Zp_FFNq1FyNg%26sig%3DAOD64_32D9-Cj8UiRvYY12yT2TOlDyzqNQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-CGVXe5fYh_qkecv1He4Usl87lzY_we1Dz-cbzsb470UtATWi18dfE-ZqDpuqAKZM2cNv0fFQg6iQmpom45wEkIHMX3OWLb8e84Q6hnTdBbBoLn9B604lOPHO5FmUbaiiH-gA1XXbfnhkYQWkPNZOvLVtBwqg%26cry%3D1%26dbm_d%3DAKAmf-BsvvcDxMPBtcpClkDfkTqOmFObHS4BsEXdzR26913Qw_ktkfWgfIo7mbL0XEcnu-GHYsARhUDJeMU6Z22VnqknaJnR0QDGpKrMEWL8SGMSrOMo1wuxEjpACYAAAkvv21GGAC2l9m_I_7szQa0_kwzFzXvjumrW-jak4Vo28ALnwS8_SI26u5Ex9Wge_PJEl18hs2YEsZWw54xvfcDBfV4z8TTpUvIQsOX4eOBbwetzgmWzyhw3Rs8vVh-3MAjqTyzCkuaQ_NNmouuLt0qgHvN7BaylUwN6onl1gg3gWuVWMzr87eLf5UBAp2QNpQNxNmoEVlh5MKDzwSotRW2MKEyoMY6vuvk_rKBX0P8yC1f6TddBkOlAqQhBEqUaOIC0JZRpafKlrXJ6ho64iTVhUdNqqMV9S0LTV619R5ieicHCDJO_la4rkKJaWQYO3xg-xpObU7ba%26adurl%3D
Requested by: Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 99b2730345cc7c5c789cd76db7de538620cd7d3fc633a906bf0dded9b2e91ee1

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:30 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3941
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK belwq516sv9v Show response
hal9000.redintelligence.net/zone/ Frame E871 11 KB
4 KB 107ms
35ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/belwq516sv9v?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq9XnZLQqYIGWGcWo7gOe75TACOS0qoNXs_nW3O8K8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBNoBT9Cx02LKG1K1vVMd5FVnDafA0Ry-n7ZAprfAJAivbAzZ_Tj9_14wqOw63kO-8-5TKXRa1tu5dtROm5XZ4D7knFzkyic2_mCLFQ9DLcSlNuzSlvwBgDoDpZph8YN3VUAEkwh9fI5rgn5YK62cYi9BFTlUkpB4FAozel5FkqAvGQge7XvFDt21qIVOAcaJr5x5kkg4PERKWTMCltSCjCzDJv4OLYi_4ye_AsZxm_T_-VrXvQjrUJptyJF0MI5BMmtAFWjOVfSLTvXhMCF9dncqM-43Oav07ePiJ0DABOWU39HOAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBAEAEYHfIIG2FkeC1zdWJzeW4tNDE5Nzg0NDcwMjAxNzMwNYAKA5gLAcgLAYAMAbAThcC1CtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoBTUGQHtTTDHKGjdBA_5vjGSyVY2RLLYIoTqC_4oK1QAvWHw-IdXy3np33A-vSM829JCmPeovhp8AuYA%26sig%3DAOD64_28ncL-z9stM-Kg_smFQ_Ng3uq_Fg%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-Dzvk_xmCWSLMFP66a0QAttW2z3vH2UpXchk7dDlmZm4Z2LHk64b23FSJ_EL5Skhavucl6i8tPNDUcpy8NyjL2WLKlOfDJ5rNZODbwgc0Kj5UGGAMMnna1lddTnbA9x0UIIBXAUUxdwniJYKjueLiRsxe679w%26cry%3D1%26dbm_d%3DAKAmf-CoLvzKI109IMlQCfF56g4hBBqKty03FzvOujcBrCFT83N1s0pR2U1dqzy5L0K2Q_mlGZbMutaxGauRIEsIAqrCcUOPKyF7h1q1H7ec0Jq8hh8l-xt1ieDMSbgkwkG8hIjnO1r_5Jiwni-RHhEMd4K3DtfJCbfLmYJ740IMmKKWkVzk9BMhBLxM8RIAWBJ64_TqH0gHDXDCnTTbYwyi71-JlsK0UaXHwbtvbkZTa0N811KVs-4QCLOQcvJJBFOwbGojiL9qRfg0RgSV5HauyOSwOfGjpU4RX1264bh1ucRblL858kLpmiJfix518e1lsG20yz3Wz4dZ-4PeRaZJCqs6wwV0G-vowpmMykKLac2FexMIHcbU9RaaN7ET5GI2HT1k7reb52sAISU4A4ASW_j9YecsKLogpRssBd6noAdGPJi9Po30rD5UxYu0Nt5-AvPRQiRw%26adurl%3D
Requested by: Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 2920caa8d3d8f2ce29655d5f27a64e08d2479f1dc2edce9ebad60f6563274c17

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:30 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3936
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK jaca9pdc7b7l Show response
hal9000.redintelligence.net/zone/ Frame 9D1C 11 KB
4 KB 119ms
41ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/jaca9pdc7b7l?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdcmDZLQqYIKWGcWo7gOe75TACOS0qoNXl8qo_64H8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBNkBT9C2Ym2ctjBZuJP1rGW_JonFLNpeBmv17KVBuFAK8mt3ZNOj3lrAGLZx9ADZc4GjcfHsOfobMxhg74_FeAf73RFv4WoTahEjNi7AGBbTeGNJM0UNOyESi0w6Bbd_WPd_t8HafNCVBz4i5idEZZmaM1EoNFIjWce942PCGkkpvWebxwRzso1wKq5BY4Y7qrVY9su0HSSl9gQn9IIIDkL9gJp4N-d4V7BNGUcheVRadPz8o7pDA1RF0avd91Afel65UCM1JQ-FYglNZ99cJxq5znuS8XZl8jO9lsAE5ZTf0c4B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00MTk3ODQ0NzAyMDE3MzA1gAoDmAsByAsBgAwBsBOFwLUK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoVG18dAOn8A9p44qKpYpfeonp6mKumTOlpYm_Cb2imbCTUB0kng8k4-2yJw4eWc30uSNHSUe1i-pohDg%26sig%3DAOD64_0A5ELTw-fjhN4MwqE4g7PFgrcAcQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-BjGu0EAqPtXJrAYeqDxLuJ78Hx4DHoomOYBhsTyJDqPuL3aHXXL9qIBTjbt0_-F3iDqv2fBUOwpC6E3QWBIG7GsKvB2TE9Ngsd3hXEhIaPjsAdtMNJbfCl2FJGRp6yPvcp3KUzmkMeNIsTdohYM4iM9uMM1Q%26cry%3D1%26dbm_d%3DAKAmf-BI6kLxI9DeRX8U8u_80DDk6Uwatg-EaqkxPuRVk7q8_HprRAWExT3LPHX_UymhhJYsYEIg-wwspMcbpQFPPucQfQsu4p7bkRGKl9Pmg18SmUWM80zTolbuq-sKT6FRLUftNcNUDZsacMjWcrTHs5jxU6PooM-d_QVcTjV7sYtfZlzr6rPoX-EPueGYG6qgUoFHUGZIQdj0fRLHk7ygfc_F2Hr6iw6R67yUha5kMcetdIgbjhbBGZMcQvDF9OQLyPXgim4EkPjclsp2ySpRjuwX4ujhoHBFc0pTlADy60uJM8euECU__HD8_4wRLnC9UFNKok2hjKoRPzXeibiWHW0yyJ2C_wcqBs8XPf1aNOkd84ArKRhqYm7U9oWJkpuAjwg9kzwI0l56PszF9W42-h7S6iM15F-X9KH5JJ2SyA-nsRGaNW7_AKCTyGeV3S-FuIBVFAz7%26adurl%3D
Requested by: Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 40a1c1bf206e4bccaf0a756f002309d29751f2cdcb893781cae05411b19921df

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:30 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3935
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3-Q050 200 logo.png
s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/ Frame D32B 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9b51e1b7d099699c240f12c7ab9fc69bf1b755c5386ca73801cc58f56d4622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 12:26:39 GMT
x-content-type-options: nosniff
age: 537831
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3475
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 09:06:52 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 12:26:39 GMT

GET
H3-Q050 200 back1.jpg
s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/ Frame D32B 38 KB
38 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/back1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068fbcfe2424b219e521f07a2badd86cbc82a3739fb5cb0aff8b8b592aecb9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 12:26:39 GMT
x-content-type-options: nosniff
age: 537831
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38746
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 09:06:52 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 12:26:39 GMT

GET
H3-Q050 200 txt1.png
s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/ Frame D32B 2 KB
2 KB 14ms
7ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/txt1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f4a95f76c4cbef88776b1abc7e81c8349783352ea6caea5b135c4f6e2e1cd53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 12:26:39 GMT
x-content-type-options: nosniff
age: 537831
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2494
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 09:06:52 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 12:26:39 GMT

GET
H3-Q050 200 txt2.png
s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/ Frame D32B 3 KB
3 KB 14ms
7ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/txt2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1b660df3a508a2b3e0c8f56d5a50616f630131b7f78e1543c778c2803f23ca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 12:26:39 GMT
x-content-type-options: nosniff
age: 537831
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2894
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 09:06:52 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 12:26:39 GMT

GET
H3-Q050 200 txt6.png
s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/ Frame D32B 3 KB
3 KB 17ms
10ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/txt6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3da01cbc539c1c140f2acd55c1ecd78af718a99a0707737e05a86e8a6d6df0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 12:26:39 GMT
x-content-type-options: nosniff
age: 537831
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2603
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 09:06:52 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 12:26:39 GMT

GET
H3-Q050 200 txt6a.png
s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/ Frame D32B 2 KB
2 KB 16ms
9ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/txt6a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08a70f1d016b7b6ff862da250b1900e641dc5e62622d80e7bafb42d09daffda6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 12:26:39 GMT
x-content-type-options: nosniff
age: 537831
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2066
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 09:06:52 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 12:26:39 GMT

GET
H3-Q050 200 back2.jpg
s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/ Frame D32B 204 KB
204 KB 19ms
14ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/back2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c470145ec5a0e138c286bde1be6224cb9f3ae02184ea93106db792a4ba72c18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 12:26:39 GMT
x-content-type-options: nosniff
age: 537831
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 209047
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 09:06:52 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 12:26:39 GMT

GET
H3-Q050 200 txt7.png
s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/ Frame D32B 5 KB
5 KB 13ms
8ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/txt7.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e3de2df57e1d59629a74b8ccf64dc347f4c42fd2f33e372d8155c14722126a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 12:26:39 GMT
x-content-type-options: nosniff
age: 537831
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4740
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 09:06:52 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 12:26:39 GMT

GET
H3-Q050 200 txt11.png
s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/ Frame D32B 3 KB
3 KB 19ms
13ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/txt11.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4449213aa4e94ffdf10cd408b6735c07b06ec92c849f9a96fd3506415b53d1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 12:26:39 GMT
x-content-type-options: nosniff
age: 537831
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2567
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 09:06:52 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 12:26:39 GMT

GET
H3-Q050 200 camera.png
s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/ Frame D32B 75 KB
75 KB 17ms
11ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/camera.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8a93c18d175d09885c18794275b731477ff229c66eb3d194d65d0a180d85452

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 12:26:40 GMT
x-content-type-options: nosniff
age: 537830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77273
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 09:06:52 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 12:26:40 GMT

GET
H3-Q050 200 txt12.png
s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/ Frame D32B 2 KB
2 KB 17ms
12ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/txt12.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e138cdcf488c06f326b112a2f26561cf4c27db346cb7f22d850404f9db4c42a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 12:26:40 GMT
x-content-type-options: nosniff
age: 537830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2184
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 09:06:52 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 12:26:40 GMT

GET
H3-Q050 200 txt13.png
s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/ Frame D32B 2 KB
2 KB 15ms
10ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/txt13.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258810c69182ea4e728e3d2852dab24685356af647207aa6a4f85ec8f1460519

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 12:26:40 GMT
x-content-type-options: nosniff
age: 537830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1955
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 09:06:52 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 12:26:40 GMT

GET
H3-Q050 200 txt14.png
s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/ Frame D32B 2 KB
2 KB 14ms
9ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/img/txt14.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea6a17b03adfaa055742a4ca247f1ad1f376d32cbee4a765ac2172a36df020a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 12:26:40 GMT
x-content-type-options: nosniff
age: 537830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2088
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 09:06:52 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 12:26:40 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/ Frame D32B 60 KB
22 KB 24ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 409893
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21845
cf-request-id: 084869c7a50000c2bd7320c000000001
timing-allow-origin: *
last-modified: Wed, 26 Aug 2020 23:14:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f46ecc0-eeae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FTGkWxbLzTrR7%2FhtfyDx7pwvtEUbymYjhT44bC0N0tJqAwYc1FQ%2F%2FB2WFSxRC7Ke%2B08MhxjT5wcZU47d6sJsuZ3jMfbcpEOTmRD1ZtknXgKRwMdpb4vewRjZZVlOjS6%2BWA%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6220df1f6b1dc2bd-FRA
expires: Sat, 05 Feb 2022 17:50:30 GMT

GET
H3-Q050 200 main.js Show response
s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/ Frame D32B 2 KB
597 B 13ms
6ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56a128c37d9e1e847091746e7198c3cad056054b2d98b2e0b136648c435ff6d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17930633180081382628/LEICA_300x600_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 10:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27148
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 502
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 09:06:52 GMT
server: sffe
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Feb 2022 10:18:02 GMT

GET
H3-Q050 200 logo.png
s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/ Frame 0A33 2 KB
2 KB 8ms
8ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c739473a419182f3606c27434dd7a1321fda96760ca01fedbbdc9e406a98026f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 14:06:31 GMT
x-content-type-options: nosniff
age: 531839
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1862
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 10:17:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 14:06:31 GMT

GET
H3-Q050 200 back1.jpg
s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/ Frame 0A33 24 KB
24 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/back1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02e0d85900e2086c4202c09fad005daa5b0b66cafa9e139b59053ed6099376cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 14:06:31 GMT
x-content-type-options: nosniff
age: 531839
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24628
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 10:17:44 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 14:06:31 GMT

GET
H3-Q050 200 txt1.png
s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/ Frame 0A33 2 KB
2 KB 10ms
7ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/txt1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56141609b7b2353e822e3cad4f3a6cbf9597ee0a99d5c430c8bed9f61ae429e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 14:06:31 GMT
x-content-type-options: nosniff
age: 531839
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2403
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 10:17:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 14:06:31 GMT

GET
H3-Q050 200 txt6.png
s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/ Frame 0A33 3 KB
3 KB 16ms
13ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/txt6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fbc8a3e6e0f25a9daf0bf0c545350fae5c2053f86c9806f2ff09adad2a182b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 14:06:31 GMT
x-content-type-options: nosniff
age: 531839
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3404
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 10:17:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 14:06:31 GMT

GET
H3-Q050 200 txt6a.png
s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/ Frame 0A33 1 KB
1 KB 19ms
16ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/txt6a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32156bf045f055c2b8d2138ce191eab9324c9a22c32e3527be9a9366f9372969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 14:06:31 GMT
x-content-type-options: nosniff
age: 531839
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1280
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 10:17:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 14:06:31 GMT

GET
H3-Q050 200 back2.jpg
s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/ Frame 0A33 100 KB
100 KB 18ms
16ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/back2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

612a4f0a8dd30506cca8fab43b4ad35e850466927cb1b16920e431e4ed776e84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 14:06:31 GMT
x-content-type-options: nosniff
age: 531839
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102501
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 10:17:44 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 14:06:31 GMT

GET
H3-Q050 200 txt7.png
s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/ Frame 0A33 3 KB
3 KB 18ms
16ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/txt7.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df22a55559f73af73a6fa0467742ca5ff3eb2d6908e41cdd392fcf71e64fec46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 14:06:31 GMT
x-content-type-options: nosniff
age: 531839
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2566
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 10:17:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 14:06:31 GMT

GET
H3-Q050 200 txt11.png
s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/ Frame 0A33 3 KB
3 KB 15ms
13ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/txt11.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20ee94fc84c80d403d1c776a988a756656ba2611aea9c3fa76bdb57cf73093d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 14:06:31 GMT
x-content-type-options: nosniff
age: 531839
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3417
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 10:17:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 14:06:31 GMT

GET
H3-Q050 200 camera.png
s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/ Frame 0A33 39 KB
39 KB 14ms
12ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/camera.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e01d86ef97a0e65a76d2df92761e53114fcb63bb3eede1edad17e4aaf57d527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 14:06:31 GMT
x-content-type-options: nosniff
age: 531839
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40179
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 10:17:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 14:06:31 GMT

GET
H3-Q050 200 txt12.png
s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/ Frame 0A33 2 KB
2 KB 14ms
13ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/txt12.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e280b91a7adc6e3a5c309c2915f1c18c4e1c90a1b3c65e9ab09081e7d981100

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 14:06:31 GMT
x-content-type-options: nosniff
age: 531839
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1769
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 10:17:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 14:06:31 GMT

GET
H3-Q050 200 txt13.png
s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/ Frame 0A33 1 KB
1 KB 13ms
11ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/txt13.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab92b195b6757e822847810f0c2c7299854b5a90cc683bc334d797c398397657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 14:06:31 GMT
x-content-type-options: nosniff
age: 531839
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1452
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 10:17:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 14:06:31 GMT

GET
H3-Q050 200 txt14.png
s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/ Frame 0A33 1 KB
1 KB 19ms
18ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/img/txt14.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfa0e17a0c4971d79add9cf1d7fd45bd753de391853a1cb4ce4d89e810feb14d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 14:06:31 GMT
x-content-type-options: nosniff
age: 531839
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1336
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 10:17:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 14:06:31 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/ Frame 0A33 60 KB
22 KB 23ms
20ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 409893
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21845
cf-request-id: 084869c7c70000c2bd3f0e5000000001
timing-allow-origin: *
last-modified: Wed, 26 Aug 2020 23:14:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f46ecc0-eeae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z7vU0evHSFGaur4f7USAmO78Te%2FByekNxZ75%2BmuFlp4PW0zZ6cqgnMR1jlXPgtKVAQTQOfjVsYT70DPN1l3uOBVxnIj7mn1qYoTO22viJEOdC3UyY3iHiMqiqcoxdPDXVw%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6220df1fab78c2bd-FRA
expires: Sat, 05 Feb 2022 17:50:30 GMT

GET
H3-Q050 200 main.js Show response
s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/ Frame 0A33 2 KB
514 B 9ms
7ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a23e303f7c6c67b3bd6f1093da365537f0d74126f997f2820e320599c8329b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13263134453736607750/LEICA_300x250_SARAH/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 14:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 531839
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 482
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 10:17:44 GMT
server: sffe
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 14:06:31 GMT

GET
H3-Q050 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3BBC 0
20 B 30ms
30ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIYBEOSudBj2xfyWATAB&v=APEucNUafwMRva5pKEMF4NFArGtxOHFekB_AuHqmgdyNouAm96AoJf5kkkHlx0kBaYs5a0jIVbVJu8Gxj32ajRyW6xl0fqEmKQ

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CIYBEOSudBj2xfyWATAB&v=APEucNUafwMRva5pKEMF4NFArGtxOHFekB_AuHqmgdyNouAm96AoJf5kkkHlx0kBaYs5a0jIVbVJu8Gxj32ajRyW6xl0fqEmKQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlSHMOiOuQQCQUhSA9eGutSp99lIhzwZeMjyFWc0g50iv3yo3ESumiPJ4X1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 15 Feb 2021 17:50:30 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F31B 53 KB
21 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BuZebQkA6Z74iv8hNvFZJoT2fb4O2GnJybO6HEJcoMaB6mWVCDHh60B6r3IZnHM2BnvxU0H-BPUAWjMw0Xr3mzQ0Euazmiqso7z18W3RXTNOiut6kzLEo60sYmpHsZA093SGhU83M1KenKHu8X7QPLD7fXOQ&dbm_d=AKAmf-CQkBlLp7eKcvJPb1oR6NlO6r-msTE7Rm9HNAKdwtSFSG5lLzdVxNQwhYS3FYOplfB_Npa3Zip1JX6JKi-CCze75b8HODcyEOaIOoMoAQ2J60nx2otaeiYP-cZl6qo6ZQlqlAebOq0QrZjDVbe7H47BroGoJKCQo2dxht5-nvPfwtpX4t58UQykf3g88taPoNanSHMCg-VDIqlpoX6bAm2S_NuYmjXYLVnK1DhT-5NG8kZear7Wb_OgAwp9TflRwI5orSg_Ugy8gCAxaSxVcVy_cYrlxYOwjR1_nS5lRWfR6DbRndJPgCROc2UezxFso3pxb4jF2SU6rtMsnweQJvEtBTbT3yOO1ZJ4MR6SQ_wm8svfmvnAISjOxmS0D8YI7pYk6rZOqSeDXn_LqrIr2Wr-yprx4QrX-ZIudMbSzCrVFxeAgJ8nsDSFjZ95gCr1cSce4b7oiPszr2vcvB0AjPL7FUqLW0PEHgcL84xvIje2Y_4oKVPXrZNmRR_ijidHy_487zJCRfIWxW7CmjjSYxIpyMMS4T8JRDaoGg8nl7oiEIHeL1PaHakiGADqONDF0FPY8UrMRtiI6aRvhTjx48OkSgjGGuUvhQeKaRtpW1gZfswT4wYBDoxq0KYaD9ITRulRiC7GM6l0duo8rANNeglVOpoOA6DaFrDsTl52iaQx7Uez5-ZEnrdfGiQ5SyAvQ2Pra5I0vPuEH2osobVqJPvziZRGT-P28fpN7AWlLHDrlyejqY_xNKhMf7YXtnpEPOLRbk9BrY_CV1NdTkS9vjym3K913uNk3PXqgnMceefcYHQ5Sj8ry1Pw_hJxN2JJ-CIZerGiRcxdqyKteivfTslwjm59Ra5zN2KEqjkcdLDXd1B_0rUDb-XW96ov2FzLSKy8XtT5BNA0nkXFv8pa97a_-uWzegi6G5wsAYdeQPl6WTNFlOjpgFZsWCRDWsuFivpoFGnzBdBnuJ64-klD6uTrMjt4dM3G9kMEO5lMVWOl-yX2EIzltA5JfgV0gbNWzVpIwPuwWPcUmNV4I1_LLEr8PO9gYCouEz-pZ6BP_aI0SDNqDB5FDFWp1VYuX-cQt9niGSyoWfxFQpMI13xiJA7JLgGSaanmp_AW0eeALE2qr5-fcL9JO3CAgcuwW8LqR9qXYt2z1Nt2LD0A1ahnIzA-7UXIR5DArqgOnVwrC5Y48LjUZl8ZQR1vCDZcnXgoRSnp1NgvSXTushgDzqZP6e38NNr1oguCFveeFKoO8APfFMj_lf7_lL3Ad5nw8UAJDArWj1dryV1jhj5CWYFPoUMtg9G1Ne5jtZsKE_iXyy3py-g5yZ6txKkA2TEn3aBRwA60R8FVOVYjQ5oqW3PX4IPksqhsRM1kw2WQ69mmZ5JxxTDGsw_ThcpOB7YEyHz9rCwC4NHgNzAiaEN8zKUoAJ0rLeig2qaOh7646J1ufkX7AbolL28WIKL5lVYCMswR-d6t4yIzwwMghOGwQ2tGom9tGOIDmY9hGO-w9QJkWzcscV8BvPPDNtbvFKi3Wui9m00pVwHKp8xYHYXQorzPjqwmb6MF-09eeAGpZ_pTYow50QWZU2sIbU4ADpr3bl_qJltWRPQo9EwTMAXiGdPpbUXKrXXLy99C1iP5oR_AaNiTivjtSQTBwwqM2ZKesEKNv769D3kmIXWKNKvd0foR2MGz0-W5BituKObEGvrlOzZCD8z2OcsXXfNdmWjI2sOG23xu07sEbl5vAxhzv4ZpPbIV-iYRjreBDUpIVHY31NCc80ogfHZOHqtxVk0gtA-eNgjv70-_YPfb7L3LPPKhWuQQQheudORczeZZGFeJAdlbnVgZtF7vAPos-ksoy6bQnMA86sVXQe8OfUeIga4cOjtUIBiAO7_VGij0V7MEZuS1T7wd36asbVf_K5b8Vq6g9XSrlqkHkRdP0A0Bd0YYCbDB_5B2JHi2ShghlhfsG6LAR6TsPaxQHtsknxu0kgLrafxDbB_kReEh2eDR9qaZtuvd7CTNuNlNmq7LBXAHbMeS04ZAZtWtvpXqm3n66SrOTh5x6gylFaZGABCPNHarkMQF5BR8ACZvFHZgH8rl0ZdQNcjDYR6gAYNF2EB0SgDiY52aoM2A4f4zQc1luXQO7n2AUhDtRcRPtdKHVjKVbMUuTfGEFoPn9UP30pGyXWTP1Pddza0v9gI2qnoxS-48YoyXjsflryd26e4DMCkOGBZIDLHD-7q4yMy0Hi0Buc5Yj3uoj9md1tIr4EVfJtxaBU0deM4QHfcP-inyT577cvP12BDVobLunz7woTE1oA3uxf2w5BgjBC_zpv0vYxvPs2cx7rFBlB-aT48wgBrmHs2i-JomiA36kW8bjCWqX8ZJSftDhkYNxafp4BZydzAOSiR9TrKQpq0nmlhc6xltrHK1whOBbOT84_-OKZN_kXCyZnRoESUMvMk5bi-tx28jbfXltliCzpxEL1wRe8tUGev6ErNvBtveoobU5A82AWgr-L4dmOW8PcCMY1MeLMANfmdt2Ykxl5oz-wdeY_fh8DS7Q9tH7b7gGG4LbFl9TtZX13esaF_e3T07Dyd-8B0TIswRZSYepjdz54gxzy4ESqxooLFBN_x1PKPiORZ8C9rZircgy2KoKEPiqUi8rDGgFmSSIdt0uHL2HEcp1kH7458meB-cGNNO4l93saCj3A8LiHg_rOath1cWyJK7SfT9BApB_897k0rTQJg6SCA6FJo7feQKuGWIpBqLQ0ZNriAV5tVUUXhFLQ3jSisGDK8ArTlhz5uqzpPo7zls8OryGtN-B1pVtzYHnSG5MSxtZf0C1rfkMCQAlR6cNVXXLSGLKah-kbNvfbzPeFsyTQRuIo1sCGK9hDf-KJRaNYBFmbQPDQqbsvCwomnsZlkCErttE-5XR-oycpLkpVOmB5Tltfqww579ilrfYQqH_3PlM_oHQ5uWZUOGQM0vsK1vaAAWSUGYEdCilonsLeue75LA4jdwNvUP6XVm8ed0FjgzrfgSUOrZEMe0&cid=CAASEuRowXSDJ-__ckl2xxBQ2MozUQ

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15193fcc70cd8bfa55fc79d6ea1c07808abf922087ba4476a896ba32a8b86135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 21749
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F31B 42 B
68 B 42ms
40ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DjlaYhYXqKhECPAzt5nci8LPrxbFHZnA4vaSjXiGv33QXiXhUm5czDNrE4bOijLqqyjFhr0mULsvDX3_Burh4OWS51QzG9aQp3EWKMKJyJM9a4p2g

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame F31B 3 KB
2 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2582
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:07:28 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F31B 107 KB
33 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:30 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame F31B 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2385
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:10:45 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame F31B 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS7REFUnJXe2pDwiqB7ft0HFV2aLsW5nMsMiprS6CYHjzC5Q-GXk5WyHsMkoRANvgq8lrcmk28axkJriaNwzocbwNb2tA
Requested by: Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1

200
OK

request.php Show response
hal900012.redintelligence.net/ Frame 9112
Redirect Chain

https://hal900012.redintelligence.net/request.php?zone=jaca9pdc7b7l&nw=20&renderingType=javascript&namespace=bfebb1a4ac&subid=&uid=bfe1da1287ec4494&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900012.redintelligence.net/request.php?zone=jaca9pdc7b7l&nw=20&renderingType=javascript&namespace=bfebb1a4ac&subid=&uid=bfe1da1287ec4494&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

183ms
110ms

Script
application/x-javascript

94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request.php?zone=jaca9pdc7b7l&nw=20&renderingType=javascript&namespace=bfebb1a4ac&subid=&uid=bfe1da1287ec4494&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCBt5eZLQqYPyVGcWo7gOe75TACOS0qoNXl8qo_64H8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBNYBT9B9BwHGGnsrVgL7gyhkDFBPOWav5TLkRP6SD_7IMYZ8cIrSrW0caJY_3sXX-SaI3AFYUq7KdRTh9Cw0HWM9BJKcFn51OEey4gTSAcz-hdBWDcxs0OUZW7BluIAJcfgBVOHGHs0GgdBmxbNHN97eE6Fz2A4sxcswIkZPiOhVT6FS2EdtrdAexO_JaY6eCkIDrGdpmr4lLv6MT48_gf2kjPBhck8letdpX1Ldi_8ZT_4Zm-qE-HLUKqUlZBSf8u0i3YT7IEIHqFqgqTZuREbY9xKiQkhgBcAE5ZTf0c4B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00MTk3ODQ0NzAyMDE3MzA1gAoDmAsByAsBgAwBsBOFwLUK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoVRkKb1TiSC-RlGAHCVDfynMw_glRGLHcdz59eagE6lHUwWYvm2EB7168jpSVKxMU7Jb8B9Y0cuH-to0%26sig%3DAOD64_0z9xxZq8mN4TWob0fn_w92_0mOsA%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-DVFne3XLMnBjHM9doZ87gonMY81WF8YclE8CjHhKFn0D_EfsnmzGz9MshIWkg1GCNKuqa655IllzsY5UnzFThaazaQfkbDquy_FNCRuYpf3pIh0j00FlrGnCEvtOI4PsGTNNVO9CXS_vcovEOyzxT8FcUUwQ%26cry%3D1%26dbm_d%3DAKAmf-CCi3I3W6Nmk4421_vEyryeqIUcl6VsXRpzWYE2_BN-ysiQtHqsXb-DBxbfA7KYgW9VsmCSE6qOtkrUGV-iTrruhL6MF0bUMnN6BVGCfSshDosEE0XPXhtV9qd5pSdpwaC7BCZzcynUAUhUs0szDqLhcKrlvEo-FJQmtFoKFSgihKxtBAAUfr3xlL0ZRlW0LsTkIPJxIUU69lYndQ_QtwFyc_YHemJVvpkSgAORfyB505Lt9RkzK1Xmo3lx_GX0sLeNnv8aijf9rxjwyQT4my7t-iB5fEp1MlEKQeE7-ABVRLiWJtDkGEszZqdr3OjrOBbWB_Aj6DW5Ex_OlFzKuaWpP3pTRI6sz-xYV31NFF1bJygUqy2gc0uqFZeJi6_pLjCiC4k5sKcK9Cb4HUMWNehoNOUEe7cuHXrErj15u46LxHfwXupvS_qSUvkBNBGOMVz4C5D4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tinthethao.com.vn%2F&ancestorOrigins=https%3A%2F%2Fwww.tinthethao.com.vn&random=3765720953986&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Requested by: Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 0971c3544369155f8d026b17c6c27f713859148d03ed9f347ea21252c03f4e39

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:30 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 31603600207147300710152011506012
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 821
Expires: Mon, 15 Feb 2021 17:50:30 +0100

Redirect headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:30 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=jaca9pdc7b7l&nw=20&renderingType=javascript&namespace=bfebb1a4ac&subid=&uid=bfe1da1287ec4494&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCBt5eZLQqYPyVGcWo7gOe75TACOS0qoNXl8qo_64H8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBNYBT9B9BwHGGnsrVgL7gyhkDFBPOWav5TLkRP6SD_7IMYZ8cIrSrW0caJY_3sXX-SaI3AFYUq7KdRTh9Cw0HWM9BJKcFn51OEey4gTSAcz-hdBWDcxs0OUZW7BluIAJcfgBVOHGHs0GgdBmxbNHN97eE6Fz2A4sxcswIkZPiOhVT6FS2EdtrdAexO_JaY6eCkIDrGdpmr4lLv6MT48_gf2kjPBhck8letdpX1Ldi_8ZT_4Zm-qE-HLUKqUlZBSf8u0i3YT7IEIHqFqgqTZuREbY9xKiQkhgBcAE5ZTf0c4B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00MTk3ODQ0NzAyMDE3MzA1gAoDmAsByAsBgAwBsBOFwLUK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoVRkKb1TiSC-RlGAHCVDfynMw_glRGLHcdz59eagE6lHUwWYvm2EB7168jpSVKxMU7Jb8B9Y0cuH-to0%26sig%3DAOD64_0z9xxZq8mN4TWob0fn_w92_0mOsA%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-DVFne3XLMnBjHM9doZ87gonMY81WF8YclE8CjHhKFn0D_EfsnmzGz9MshIWkg1GCNKuqa655IllzsY5UnzFThaazaQfkbDquy_FNCRuYpf3pIh0j00FlrGnCEvtOI4PsGTNNVO9CXS_vcovEOyzxT8FcUUwQ%26cry%3D1%26dbm_d%3DAKAmf-CCi3I3W6Nmk4421_vEyryeqIUcl6VsXRpzWYE2_BN-ysiQtHqsXb-DBxbfA7KYgW9VsmCSE6qOtkrUGV-iTrruhL6MF0bUMnN6BVGCfSshDosEE0XPXhtV9qd5pSdpwaC7BCZzcynUAUhUs0szDqLhcKrlvEo-FJQmtFoKFSgihKxtBAAUfr3xlL0ZRlW0LsTkIPJxIUU69lYndQ_QtwFyc_YHemJVvpkSgAORfyB505Lt9RkzK1Xmo3lx_GX0sLeNnv8aijf9rxjwyQT4my7t-iB5fEp1MlEKQeE7-ABVRLiWJtDkGEszZqdr3OjrOBbWB_Aj6DW5Ex_OlFzKuaWpP3pTRI6sz-xYV31NFF1bJygUqy2gc0uqFZeJi6_pLjCiC4k5sKcK9Cb4HUMWNehoNOUEe7cuHXrErj15u46LxHfwXupvS_qSUvkBNBGOMVz4C5D4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tinthethao.com.vn%2F&ancestorOrigins=https%3A%2F%2Fwww.tinthethao.com.vn&random=3765720953986&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 15 Feb 2021 17:50:30 +0100

GET
H/1.1

200
OK

request.php Show response
hal900017.redintelligence.net/ Frame 9951
Redirect Chain

https://hal900017.redintelligence.net/request.php?zone=fmcs5wnh4tfi&nw=20&renderingType=javascript&namespace=b4e946282d&subid=&uid=c07f69f3a765c901&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900017.redintelligence.net/request.php?zone=fmcs5wnh4tfi&nw=20&renderingType=javascript&namespace=b4e946282d&subid=&uid=c07f69f3a765c901&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

186ms
116ms

Script
application/x-javascript

159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/request.php?zone=fmcs5wnh4tfi&nw=20&renderingType=javascript&namespace=b4e946282d&subid=&uid=c07f69f3a765c901&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKZlOZLQqYP-VGcWo7gOe75TACOS0qoNXmuHOw60K8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBN0BT9Bw9zE5nenPqPRlffpUQSyowuEL1CDoxETDNt2bOaFW1tmN19JAK0eLO9ot2GlXlFIojybiUm5RG5j33ssxWeKq0QRJr4y1x9MIqKxNmeI41AtuhcdUS92n92L7QpjPF1RgSCUb67SuoQEvaDRONm1oauN6tjFhP7ioSlnyzQI7tEWbN1315ef7yAfz7xgHb_FgHq5w8QX6r4Hubla3kfGN1lPdfexV77uv504-gUXEUnY1ASGCcXMVrrTD-UUZqCK5KOjqxdX6JynEKw4wS7HpBhQH4Z22NvezFdbABOWU39HOAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBAEAEYHfIIG2FkeC1zdWJzeW4tNDE5Nzg0NDcwMjAxNzMwNYAKA5gLAcgLAYAMAbAThcC1CtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoRSCA6VJYeKpENUvMvhFGu0L7lAYgeOjM69wY5qPrO_WIZdii0VZW5H8DZjEP-8HmqV3Zp_FFNq1FyNg%26sig%3DAOD64_32D9-Cj8UiRvYY12yT2TOlDyzqNQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-CGVXe5fYh_qkecv1He4Usl87lzY_we1Dz-cbzsb470UtATWi18dfE-ZqDpuqAKZM2cNv0fFQg6iQmpom45wEkIHMX3OWLb8e84Q6hnTdBbBoLn9B604lOPHO5FmUbaiiH-gA1XXbfnhkYQWkPNZOvLVtBwqg%26cry%3D1%26dbm_d%3DAKAmf-BsvvcDxMPBtcpClkDfkTqOmFObHS4BsEXdzR26913Qw_ktkfWgfIo7mbL0XEcnu-GHYsARhUDJeMU6Z22VnqknaJnR0QDGpKrMEWL8SGMSrOMo1wuxEjpACYAAAkvv21GGAC2l9m_I_7szQa0_kwzFzXvjumrW-jak4Vo28ALnwS8_SI26u5Ex9Wge_PJEl18hs2YEsZWw54xvfcDBfV4z8TTpUvIQsOX4eOBbwetzgmWzyhw3Rs8vVh-3MAjqTyzCkuaQ_NNmouuLt0qgHvN7BaylUwN6onl1gg3gWuVWMzr87eLf5UBAp2QNpQNxNmoEVlh5MKDzwSotRW2MKEyoMY6vuvk_rKBX0P8yC1f6TddBkOlAqQhBEqUaOIC0JZRpafKlrXJ6ho64iTVhUdNqqMV9S0LTV619R5ieicHCDJO_la4rkKJaWQYO3xg-xpObU7ba%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tinthethao.com.vn%2F&ancestorOrigins=https%3A%2F%2Fwww.tinthethao.com.vn&random=8847694358455&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Requested by: Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: dc7b46770a1cd45ae7462ebdeb45c5fa369a0e0b43e703d6b11f62da4ffe9304

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:30 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 71761100242143300710156011506017
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 817
Expires: Mon, 15 Feb 2021 17:50:30 +0100

Redirect headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:30 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=fmcs5wnh4tfi&nw=20&renderingType=javascript&namespace=b4e946282d&subid=&uid=c07f69f3a765c901&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKZlOZLQqYP-VGcWo7gOe75TACOS0qoNXmuHOw60K8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBN0BT9Bw9zE5nenPqPRlffpUQSyowuEL1CDoxETDNt2bOaFW1tmN19JAK0eLO9ot2GlXlFIojybiUm5RG5j33ssxWeKq0QRJr4y1x9MIqKxNmeI41AtuhcdUS92n92L7QpjPF1RgSCUb67SuoQEvaDRONm1oauN6tjFhP7ioSlnyzQI7tEWbN1315ef7yAfz7xgHb_FgHq5w8QX6r4Hubla3kfGN1lPdfexV77uv504-gUXEUnY1ASGCcXMVrrTD-UUZqCK5KOjqxdX6JynEKw4wS7HpBhQH4Z22NvezFdbABOWU39HOAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBAEAEYHfIIG2FkeC1zdWJzeW4tNDE5Nzg0NDcwMjAxNzMwNYAKA5gLAcgLAYAMAbAThcC1CtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoRSCA6VJYeKpENUvMvhFGu0L7lAYgeOjM69wY5qPrO_WIZdii0VZW5H8DZjEP-8HmqV3Zp_FFNq1FyNg%26sig%3DAOD64_32D9-Cj8UiRvYY12yT2TOlDyzqNQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-CGVXe5fYh_qkecv1He4Usl87lzY_we1Dz-cbzsb470UtATWi18dfE-ZqDpuqAKZM2cNv0fFQg6iQmpom45wEkIHMX3OWLb8e84Q6hnTdBbBoLn9B604lOPHO5FmUbaiiH-gA1XXbfnhkYQWkPNZOvLVtBwqg%26cry%3D1%26dbm_d%3DAKAmf-BsvvcDxMPBtcpClkDfkTqOmFObHS4BsEXdzR26913Qw_ktkfWgfIo7mbL0XEcnu-GHYsARhUDJeMU6Z22VnqknaJnR0QDGpKrMEWL8SGMSrOMo1wuxEjpACYAAAkvv21GGAC2l9m_I_7szQa0_kwzFzXvjumrW-jak4Vo28ALnwS8_SI26u5Ex9Wge_PJEl18hs2YEsZWw54xvfcDBfV4z8TTpUvIQsOX4eOBbwetzgmWzyhw3Rs8vVh-3MAjqTyzCkuaQ_NNmouuLt0qgHvN7BaylUwN6onl1gg3gWuVWMzr87eLf5UBAp2QNpQNxNmoEVlh5MKDzwSotRW2MKEyoMY6vuvk_rKBX0P8yC1f6TddBkOlAqQhBEqUaOIC0JZRpafKlrXJ6ho64iTVhUdNqqMV9S0LTV619R5ieicHCDJO_la4rkKJaWQYO3xg-xpObU7ba%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tinthethao.com.vn%2F&ancestorOrigins=https%3A%2F%2Fwww.tinthethao.com.vn&random=8847694358455&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 15 Feb 2021 17:50:30 +0100

GET
H/1.1 200
OK request.php Show response
hal900028.redintelligence.net/ Frame E871 2 KB
1 KB 178ms
93ms Script
application/x-javascript 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request.php?zone=belwq516sv9v&nw=20&renderingType=javascript&namespace=12e8a4888d&subid=&uid=bae0fbb284408b2a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq9XnZLQqYIGWGcWo7gOe75TACOS0qoNXs_nW3O8K8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBNoBT9Cx02LKG1K1vVMd5FVnDafA0Ry-n7ZAprfAJAivbAzZ_Tj9_14wqOw63kO-8-5TKXRa1tu5dtROm5XZ4D7knFzkyic2_mCLFQ9DLcSlNuzSlvwBgDoDpZph8YN3VUAEkwh9fI5rgn5YK62cYi9BFTlUkpB4FAozel5FkqAvGQge7XvFDt21qIVOAcaJr5x5kkg4PERKWTMCltSCjCzDJv4OLYi_4ye_AsZxm_T_-VrXvQjrUJptyJF0MI5BMmtAFWjOVfSLTvXhMCF9dncqM-43Oav07ePiJ0DABOWU39HOAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBAEAEYHfIIG2FkeC1zdWJzeW4tNDE5Nzg0NDcwMjAxNzMwNYAKA5gLAcgLAYAMAbAThcC1CtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoBTUGQHtTTDHKGjdBA_5vjGSyVY2RLLYIoTqC_4oK1QAvWHw-IdXy3np33A-vSM829JCmPeovhp8AuYA%26sig%3DAOD64_28ncL-z9stM-Kg_smFQ_Ng3uq_Fg%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-Dzvk_xmCWSLMFP66a0QAttW2z3vH2UpXchk7dDlmZm4Z2LHk64b23FSJ_EL5Skhavucl6i8tPNDUcpy8NyjL2WLKlOfDJ5rNZODbwgc0Kj5UGGAMMnna1lddTnbA9x0UIIBXAUUxdwniJYKjueLiRsxe679w%26cry%3D1%26dbm_d%3DAKAmf-CoLvzKI109IMlQCfF56g4hBBqKty03FzvOujcBrCFT83N1s0pR2U1dqzy5L0K2Q_mlGZbMutaxGauRIEsIAqrCcUOPKyF7h1q1H7ec0Jq8hh8l-xt1ieDMSbgkwkG8hIjnO1r_5Jiwni-RHhEMd4K3DtfJCbfLmYJ740IMmKKWkVzk9BMhBLxM8RIAWBJ64_TqH0gHDXDCnTTbYwyi71-JlsK0UaXHwbtvbkZTa0N811KVs-4QCLOQcvJJBFOwbGojiL9qRfg0RgSV5HauyOSwOfGjpU4RX1264bh1ucRblL858kLpmiJfix518e1lsG20yz3Wz4dZ-4PeRaZJCqs6wwV0G-vowpmMykKLac2FexMIHcbU9RaaN7ET5GI2HT1k7reb52sAISU4A4ASW_j9YecsKLogpRssBd6noAdGPJi9Po30rD5UxYu0Nt5-AvPRQiRw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tinthethao.com.vn%2F&ancestorOrigins=https%3A%2F%2Fwww.tinthethao.com.vn&random=9424894416349&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/belwq516sv9v?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq9XnZLQqYIGWGcWo7gOe75TACOS0qoNXs_nW3O8K8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBNoBT9Cx02LKG1K1vVMd5FVnDafA0Ry-n7ZAprfAJAivbAzZ_Tj9_14wqOw63kO-8-5TKXRa1tu5dtROm5XZ4D7knFzkyic2_mCLFQ9DLcSlNuzSlvwBgDoDpZph8YN3VUAEkwh9fI5rgn5YK62cYi9BFTlUkpB4FAozel5FkqAvGQge7XvFDt21qIVOAcaJr5x5kkg4PERKWTMCltSCjCzDJv4OLYi_4ye_AsZxm_T_-VrXvQjrUJptyJF0MI5BMmtAFWjOVfSLTvXhMCF9dncqM-43Oav07ePiJ0DABOWU39HOAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBAEAEYHfIIG2FkeC1zdWJzeW4tNDE5Nzg0NDcwMjAxNzMwNYAKA5gLAcgLAYAMAbAThcC1CtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoBTUGQHtTTDHKGjdBA_5vjGSyVY2RLLYIoTqC_4oK1QAvWHw-IdXy3np33A-vSM829JCmPeovhp8AuYA%26sig%3DAOD64_28ncL-z9stM-Kg_smFQ_Ng3uq_Fg%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-Dzvk_xmCWSLMFP66a0QAttW2z3vH2UpXchk7dDlmZm4Z2LHk64b23FSJ_EL5Skhavucl6i8tPNDUcpy8NyjL2WLKlOfDJ5rNZODbwgc0Kj5UGGAMMnna1lddTnbA9x0UIIBXAUUxdwniJYKjueLiRsxe679w%26cry%3D1%26dbm_d%3DAKAmf-CoLvzKI109IMlQCfF56g4hBBqKty03FzvOujcBrCFT83N1s0pR2U1dqzy5L0K2Q_mlGZbMutaxGauRIEsIAqrCcUOPKyF7h1q1H7ec0Jq8hh8l-xt1ieDMSbgkwkG8hIjnO1r_5Jiwni-RHhEMd4K3DtfJCbfLmYJ740IMmKKWkVzk9BMhBLxM8RIAWBJ64_TqH0gHDXDCnTTbYwyi71-JlsK0UaXHwbtvbkZTa0N811KVs-4QCLOQcvJJBFOwbGojiL9qRfg0RgSV5HauyOSwOfGjpU4RX1264bh1ucRblL858kLpmiJfix518e1lsG20yz3Wz4dZ-4PeRaZJCqs6wwV0G-vowpmMykKLac2FexMIHcbU9RaaN7ET5GI2HT1k7reb52sAISU4A4ASW_j9YecsKLogpRssBd6noAdGPJi9Po30rD5UxYu0Nt5-AvPRQiRw%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: f790a3ed7beb9510e977cc8a31b0c1264fd10694033498ef6a86f2effd13f262

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:30 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 86781900196382800710164011506028
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 828
Expires: Mon, 15 Feb 2021 17:50:30 +0100

GET
H/1.1 200
OK request.php Show response
hal90001.redintelligence.net/ Frame 9D1C 2 KB
1 KB 184ms
98ms Script
application/x-javascript 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/request.php?zone=jaca9pdc7b7l&nw=20&renderingType=javascript&namespace=86e51a8e53&subid=&uid=0829872d8b8b479a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdcmDZLQqYIKWGcWo7gOe75TACOS0qoNXl8qo_64H8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBNkBT9C2Ym2ctjBZuJP1rGW_JonFLNpeBmv17KVBuFAK8mt3ZNOj3lrAGLZx9ADZc4GjcfHsOfobMxhg74_FeAf73RFv4WoTahEjNi7AGBbTeGNJM0UNOyESi0w6Bbd_WPd_t8HafNCVBz4i5idEZZmaM1EoNFIjWce942PCGkkpvWebxwRzso1wKq5BY4Y7qrVY9su0HSSl9gQn9IIIDkL9gJp4N-d4V7BNGUcheVRadPz8o7pDA1RF0avd91Afel65UCM1JQ-FYglNZ99cJxq5znuS8XZl8jO9lsAE5ZTf0c4B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00MTk3ODQ0NzAyMDE3MzA1gAoDmAsByAsBgAwBsBOFwLUK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoVG18dAOn8A9p44qKpYpfeonp6mKumTOlpYm_Cb2imbCTUB0kng8k4-2yJw4eWc30uSNHSUe1i-pohDg%26sig%3DAOD64_0A5ELTw-fjhN4MwqE4g7PFgrcAcQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-BjGu0EAqPtXJrAYeqDxLuJ78Hx4DHoomOYBhsTyJDqPuL3aHXXL9qIBTjbt0_-F3iDqv2fBUOwpC6E3QWBIG7GsKvB2TE9Ngsd3hXEhIaPjsAdtMNJbfCl2FJGRp6yPvcp3KUzmkMeNIsTdohYM4iM9uMM1Q%26cry%3D1%26dbm_d%3DAKAmf-BI6kLxI9DeRX8U8u_80DDk6Uwatg-EaqkxPuRVk7q8_HprRAWExT3LPHX_UymhhJYsYEIg-wwspMcbpQFPPucQfQsu4p7bkRGKl9Pmg18SmUWM80zTolbuq-sKT6FRLUftNcNUDZsacMjWcrTHs5jxU6PooM-d_QVcTjV7sYtfZlzr6rPoX-EPueGYG6qgUoFHUGZIQdj0fRLHk7ygfc_F2Hr6iw6R67yUha5kMcetdIgbjhbBGZMcQvDF9OQLyPXgim4EkPjclsp2ySpRjuwX4ujhoHBFc0pTlADy60uJM8euECU__HD8_4wRLnC9UFNKok2hjKoRPzXeibiWHW0yyJ2C_wcqBs8XPf1aNOkd84ArKRhqYm7U9oWJkpuAjwg9kzwI0l56PszF9W42-h7S6iM15F-X9KH5JJ2SyA-nsRGaNW7_AKCTyGeV3S-FuIBVFAz7%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tinthethao.com.vn%2F&ancestorOrigins=https%3A%2F%2Fwww.tinthethao.com.vn&random=6691975141503&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/jaca9pdc7b7l?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdcmDZLQqYIKWGcWo7gOe75TACOS0qoNXl8qo_64H8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBNkBT9C2Ym2ctjBZuJP1rGW_JonFLNpeBmv17KVBuFAK8mt3ZNOj3lrAGLZx9ADZc4GjcfHsOfobMxhg74_FeAf73RFv4WoTahEjNi7AGBbTeGNJM0UNOyESi0w6Bbd_WPd_t8HafNCVBz4i5idEZZmaM1EoNFIjWce942PCGkkpvWebxwRzso1wKq5BY4Y7qrVY9su0HSSl9gQn9IIIDkL9gJp4N-d4V7BNGUcheVRadPz8o7pDA1RF0avd91Afel65UCM1JQ-FYglNZ99cJxq5znuS8XZl8jO9lsAE5ZTf0c4B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00MTk3ODQ0NzAyMDE3MzA1gAoDmAsByAsBgAwBsBOFwLUK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoVG18dAOn8A9p44qKpYpfeonp6mKumTOlpYm_Cb2imbCTUB0kng8k4-2yJw4eWc30uSNHSUe1i-pohDg%26sig%3DAOD64_0A5ELTw-fjhN4MwqE4g7PFgrcAcQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-BjGu0EAqPtXJrAYeqDxLuJ78Hx4DHoomOYBhsTyJDqPuL3aHXXL9qIBTjbt0_-F3iDqv2fBUOwpC6E3QWBIG7GsKvB2TE9Ngsd3hXEhIaPjsAdtMNJbfCl2FJGRp6yPvcp3KUzmkMeNIsTdohYM4iM9uMM1Q%26cry%3D1%26dbm_d%3DAKAmf-BI6kLxI9DeRX8U8u_80DDk6Uwatg-EaqkxPuRVk7q8_HprRAWExT3LPHX_UymhhJYsYEIg-wwspMcbpQFPPucQfQsu4p7bkRGKl9Pmg18SmUWM80zTolbuq-sKT6FRLUftNcNUDZsacMjWcrTHs5jxU6PooM-d_QVcTjV7sYtfZlzr6rPoX-EPueGYG6qgUoFHUGZIQdj0fRLHk7ygfc_F2Hr6iw6R67yUha5kMcetdIgbjhbBGZMcQvDF9OQLyPXgim4EkPjclsp2ySpRjuwX4ujhoHBFc0pTlADy60uJM8euECU__HD8_4wRLnC9UFNKok2hjKoRPzXeibiWHW0yyJ2C_wcqBs8XPf1aNOkd84ArKRhqYm7U9oWJkpuAjwg9kzwI0l56PszF9W42-h7S6iM15F-X9KH5JJ2SyA-nsRGaNW7_AKCTyGeV3S-FuIBVFAz7%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 6b5db5894ad5c5e22b11348886a247e25ee072c7e08df8449b4564b48d5d6fe7

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:30 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 15486100244936000710152011506001
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 825
Expires: Mon, 15 Feb 2021 17:50:30 +0100

GET
H3-Q050 200 YrTt2nCnHeKxmHilKBZXmnSHLNBYl9Kx70apKwZmX28.js Show response
pagead2.googlesyndication.com/bg/ Frame D944 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YrTt2nCnHeKxmHilKBZXmnSHLNBYl9Kx70apKwZmX28.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b4edda70a71de2b19878a52816579a74872cd05897d2b1ef46a92b06665f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 11:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 00:15:00 GMT
server: sffe
age: 367766
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6263
x-xss-protection: 0
expires: Fri, 11 Feb 2022 11:41:04 GMT

GET
H3-Q050 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame F31B 111 KB
38 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 08:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33134
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Feb 2021 08:38:16 GMT

GET
H3-Q050 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/elements/html/ Frame F31B 6 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BuZebQkA6Z74iv8hNvFZJoT2fb4O2GnJybO6HEJcoMaB6mWVCDHh60B6r3IZnHM2BnvxU0H-BPUAWjMw0Xr3mzQ0Euazmiqso7z18W3RXTNOiut6kzLEo60sYmpHsZA093SGhU83M1KenKHu8X7QPLD7fXOQ&dbm_d=AKAmf-CQkBlLp7eKcvJPb1oR6NlO6r-msTE7Rm9HNAKdwtSFSG5lLzdVxNQwhYS3FYOplfB_Npa3Zip1JX6JKi-CCze75b8HODcyEOaIOoMoAQ2J60nx2otaeiYP-cZl6qo6ZQlqlAebOq0QrZjDVbe7H47BroGoJKCQo2dxht5-nvPfwtpX4t58UQykf3g88taPoNanSHMCg-VDIqlpoX6bAm2S_NuYmjXYLVnK1DhT-5NG8kZear7Wb_OgAwp9TflRwI5orSg_Ugy8gCAxaSxVcVy_cYrlxYOwjR1_nS5lRWfR6DbRndJPgCROc2UezxFso3pxb4jF2SU6rtMsnweQJvEtBTbT3yOO1ZJ4MR6SQ_wm8svfmvnAISjOxmS0D8YI7pYk6rZOqSeDXn_LqrIr2Wr-yprx4QrX-ZIudMbSzCrVFxeAgJ8nsDSFjZ95gCr1cSce4b7oiPszr2vcvB0AjPL7FUqLW0PEHgcL84xvIje2Y_4oKVPXrZNmRR_ijidHy_487zJCRfIWxW7CmjjSYxIpyMMS4T8JRDaoGg8nl7oiEIHeL1PaHakiGADqONDF0FPY8UrMRtiI6aRvhTjx48OkSgjGGuUvhQeKaRtpW1gZfswT4wYBDoxq0KYaD9ITRulRiC7GM6l0duo8rANNeglVOpoOA6DaFrDsTl52iaQx7Uez5-ZEnrdfGiQ5SyAvQ2Pra5I0vPuEH2osobVqJPvziZRGT-P28fpN7AWlLHDrlyejqY_xNKhMf7YXtnpEPOLRbk9BrY_CV1NdTkS9vjym3K913uNk3PXqgnMceefcYHQ5Sj8ry1Pw_hJxN2JJ-CIZerGiRcxdqyKteivfTslwjm59Ra5zN2KEqjkcdLDXd1B_0rUDb-XW96ov2FzLSKy8XtT5BNA0nkXFv8pa97a_-uWzegi6G5wsAYdeQPl6WTNFlOjpgFZsWCRDWsuFivpoFGnzBdBnuJ64-klD6uTrMjt4dM3G9kMEO5lMVWOl-yX2EIzltA5JfgV0gbNWzVpIwPuwWPcUmNV4I1_LLEr8PO9gYCouEz-pZ6BP_aI0SDNqDB5FDFWp1VYuX-cQt9niGSyoWfxFQpMI13xiJA7JLgGSaanmp_AW0eeALE2qr5-fcL9JO3CAgcuwW8LqR9qXYt2z1Nt2LD0A1ahnIzA-7UXIR5DArqgOnVwrC5Y48LjUZl8ZQR1vCDZcnXgoRSnp1NgvSXTushgDzqZP6e38NNr1oguCFveeFKoO8APfFMj_lf7_lL3Ad5nw8UAJDArWj1dryV1jhj5CWYFPoUMtg9G1Ne5jtZsKE_iXyy3py-g5yZ6txKkA2TEn3aBRwA60R8FVOVYjQ5oqW3PX4IPksqhsRM1kw2WQ69mmZ5JxxTDGsw_ThcpOB7YEyHz9rCwC4NHgNzAiaEN8zKUoAJ0rLeig2qaOh7646J1ufkX7AbolL28WIKL5lVYCMswR-d6t4yIzwwMghOGwQ2tGom9tGOIDmY9hGO-w9QJkWzcscV8BvPPDNtbvFKi3Wui9m00pVwHKp8xYHYXQorzPjqwmb6MF-09eeAGpZ_pTYow50QWZU2sIbU4ADpr3bl_qJltWRPQo9EwTMAXiGdPpbUXKrXXLy99C1iP5oR_AaNiTivjtSQTBwwqM2ZKesEKNv769D3kmIXWKNKvd0foR2MGz0-W5BituKObEGvrlOzZCD8z2OcsXXfNdmWjI2sOG23xu07sEbl5vAxhzv4ZpPbIV-iYRjreBDUpIVHY31NCc80ogfHZOHqtxVk0gtA-eNgjv70-_YPfb7L3LPPKhWuQQQheudORczeZZGFeJAdlbnVgZtF7vAPos-ksoy6bQnMA86sVXQe8OfUeIga4cOjtUIBiAO7_VGij0V7MEZuS1T7wd36asbVf_K5b8Vq6g9XSrlqkHkRdP0A0Bd0YYCbDB_5B2JHi2ShghlhfsG6LAR6TsPaxQHtsknxu0kgLrafxDbB_kReEh2eDR9qaZtuvd7CTNuNlNmq7LBXAHbMeS04ZAZtWtvpXqm3n66SrOTh5x6gylFaZGABCPNHarkMQF5BR8ACZvFHZgH8rl0ZdQNcjDYR6gAYNF2EB0SgDiY52aoM2A4f4zQc1luXQO7n2AUhDtRcRPtdKHVjKVbMUuTfGEFoPn9UP30pGyXWTP1Pddza0v9gI2qnoxS-48YoyXjsflryd26e4DMCkOGBZIDLHD-7q4yMy0Hi0Buc5Yj3uoj9md1tIr4EVfJtxaBU0deM4QHfcP-inyT577cvP12BDVobLunz7woTE1oA3uxf2w5BgjBC_zpv0vYxvPs2cx7rFBlB-aT48wgBrmHs2i-JomiA36kW8bjCWqX8ZJSftDhkYNxafp4BZydzAOSiR9TrKQpq0nmlhc6xltrHK1whOBbOT84_-OKZN_kXCyZnRoESUMvMk5bi-tx28jbfXltliCzpxEL1wRe8tUGev6ErNvBtveoobU5A82AWgr-L4dmOW8PcCMY1MeLMANfmdt2Ykxl5oz-wdeY_fh8DS7Q9tH7b7gGG4LbFl9TtZX13esaF_e3T07Dyd-8B0TIswRZSYepjdz54gxzy4ESqxooLFBN_x1PKPiORZ8C9rZircgy2KoKEPiqUi8rDGgFmSSIdt0uHL2HEcp1kH7458meB-cGNNO4l93saCj3A8LiHg_rOath1cWyJK7SfT9BApB_897k0rTQJg6SCA6FJo7feQKuGWIpBqLQ0ZNriAV5tVUUXhFLQ3jSisGDK8ArTlhz5uqzpPo7zls8OryGtN-B1pVtzYHnSG5MSxtZf0C1rfkMCQAlR6cNVXXLSGLKah-kbNvfbzPeFsyTQRuIo1sCGK9hDf-KJRaNYBFmbQPDQqbsvCwomnsZlkCErttE-5XR-oycpLkpVOmB5Tltfqww579ilrfYQqH_3PlM_oHQ5uWZUOGQM0vsK1vaAAWSUGYEdCilonsLeue75LA4jdwNvUP6XVm8ed0FjgzrfgSUOrZEMe0&cid=CAASEuRowXSDJ-__ckl2xxBQ2MozUQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02a94215980e0a9b1534964bf8c1fe26b45710405f9e0c9ebfab99ee961bf84e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 15787534883320419827
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:14:28 GMT

GET
H3-Q050 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame F31B 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bbb1cf040948bea2829656ed20814d5ecabdeb106bff79cad43af8e6ed78161

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 8953
x-xss-protection: 0
server: cafe
etag: 10862945726693812791
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 17:22:29 GMT

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame A918 0
63 B 44ms
43ms Other
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame 12B7 0
22 B 43ms
42ms Other
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 YrTt2nCnHeKxmHilKBZXmnSHLNBYl9Kx70apKwZmX28.js Show response
pagead2.googlesyndication.com/bg/ Frame F94D 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YrTt2nCnHeKxmHilKBZXmnSHLNBYl9Kx70apKwZmX28.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b4edda70a71de2b19878a52816579a74872cd05897d2b1ef46a92b06665f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 11:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 00:15:00 GMT
server: sffe
age: 367766
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6263
x-xss-protection: 0
expires: Fri, 11 Feb 2022 11:41:04 GMT

GET
H3-Q050 200 YrTt2nCnHeKxmHilKBZXmnSHLNBYl9Kx70apKwZmX28.js Show response
pagead2.googlesyndication.com/bg/ Frame C326 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YrTt2nCnHeKxmHilKBZXmnSHLNBYl9Kx70apKwZmX28.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b4edda70a71de2b19878a52816579a74872cd05897d2b1ef46a92b06665f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 11:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 00:15:00 GMT
server: sffe
age: 367766
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6263
x-xss-protection: 0
expires: Fri, 11 Feb 2022 11:41:04 GMT

GET
H3-Q050 200 Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js Show response
pagead2.googlesyndication.com/bg/ Frame 6834 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 01:48:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 00:15:00 GMT
server: sffe
age: 230498
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6290
x-xss-protection: 0
expires: Sun, 13 Feb 2022 01:48:52 GMT

GET
H3-Q050 200 YrTt2nCnHeKxmHilKBZXmnSHLNBYl9Kx70apKwZmX28.js Show response
pagead2.googlesyndication.com/bg/ Frame F87F 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YrTt2nCnHeKxmHilKBZXmnSHLNBYl9Kx70apKwZmX28.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b4edda70a71de2b19878a52816579a74872cd05897d2b1ef46a92b06665f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 11:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 00:15:00 GMT
server: sffe
age: 367766
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6263
x-xss-protection: 0
expires: Fri, 11 Feb 2022 11:41:04 GMT

GET
H3-Q050 200 Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js Show response
pagead2.googlesyndication.com/bg/ Frame EDDF 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 01:48:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 00:15:00 GMT
server: sffe
age: 230498
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6290
x-xss-protection: 0
expires: Sun, 13 Feb 2022 01:48:52 GMT

GET
H3-Q050 200 index.html Show response
s0.2mdn.net/4720433/1607533449862/ Frame CEB6 27 KB
9 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4720433/1607533449862/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76dbddf9690e35248d11a26bb9fae8d8cb0ebfea1bdfdcb2b371ee5fb580b037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /4720433/1607533449862/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 8629
date: Mon, 15 Feb 2021 15:33:10 GMT
expires: Tue, 16 Feb 2021 15:33:10 GMT
last-modified: Wed, 09 Dec 2020 17:04:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 8240
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame F31B 0
69 B 48ms
47ms Other
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstsw85pPb9p0MTkmrcO5ZSVyRrC7TVsVyJOzMEx7ljMfqCuFPcEinhcVsmLTpk5RrHlAr6jEv-AmXpodOYmP30JIN2mFob3SXQ6OTrG4DRwLcnHhzq2Poiw9s5m1Wnf6PDXe0yexTwpZ77KyeJjqCVF_-AXr3InqUgq9epMf8yO3KsxbN9SwUEpYouVj0DCUE3F_xCtUJkXVl1aMnC0qkij7_Rmzwag0jbtqJZdNTu651FTB5f7jOT9s1S7S3wH5adNnO8xF-dDZVu5VZibpDxi2C2ZjjtQm-Kf0vwJ5jV41f0XQWJ8InKpp9tBeqDT1qpNWeBB63_S_a1O3fhL6OwYxvBHYpjk0C0Gj9sTV5Q_-MwgUWKklKDH1GSw9SRb_qT-YtVK2QJWw23Xcn3j5Tjym9cYi52-SKVczGC3H-OSBSPXuBwDjgKg0C0Z9BYG47zwpke9iRioCRDcBjzH7mb-tXmaaG047BkEfMPpZv2fxW-QDBjfDsdP6rpiAjVf5T3nH3XmUhLn5KvYPcH6htdsZ3ro2o35O9BCDHY_7ez8FTZXGtQT5QpCe66HyPKkB7E0stuVLoBWIXFl8nvyVWnv7WWv8VgB602W4wALegBqU4t39kCPiazlvvxvioojHSiBu88MfydPKsSg7_-cxzyvB0Zlv6WsfPmqTW3wFXa2RNPaqZ18RZkAhPNuzBn0zU0ZiUGTEYZr1NcvdNwq-4QVvDzXKBWXL821l4V-PJNPwJRlJKFhjIBgTu8iFxiohU_GzBgvwVxqVjQWEOp0GqDRig1kstE_JXWnWwDksoVxEdWy7hnNU0USeApeEyWqaqR2tJE3DxIt4yOit-GP-izUzzta-LytSVxjsWypIqIsxuop97z9I9puLQr8Z1JwNVzM5tm5965wXULDPtosHAGvCbwAw958Ldw2yv5hLaSVBMY_Xle9VS4QNEhkQQzgas4HGJZc6JUILz9kO9Kw41f5bAvQWYW2_UE62sqTtgyum5jbtvmEelc78kPy6PPmYXYIsJPX2u3kcTUV9dy2YBUX5d3JK1q6OsGfM9b6dhrHE6ahN-sY9kgq_2cEmK7M1KQF8cVKqi_Tyqd3BFR_IFLXO6t24xjmT5IoUsBaMGVT3-DYnD_ayTnP4OrkBs28ivd6cOVObtEFdw4odDLbAsEeWzE-E-49C8ZVq1mCLG-gCewk-_w91KdMbNxC-80OZJo04WnGTiwAtxC1mKd-sTJq-QB4&sai=AMfl-YRf_pcGQMtJcoHqpXXcuIjVVtaSlsn_ONPYLAJ8Wt_gejH6sGG3qsQK4BcFZqrsHlyn30Rmrd6SicZYURvgGzHqYhIChfqDlPbt6ogRyd1d89D8IPCntsepjuToA6rdescyEf_Iv3Bc-Ho5yKV6DitD9j5-8UW6m2pJ0DMYyxp6kq37ZS6i&sig=Cg0ArKJSzFWqVIMgfpnmEAE&urlfix=1&omid=0&rm=1&ctpt=221&cbvp=1&cstd=216&cisv=r20210211.96807&adurl=

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 15 Feb 2021 17:50:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F31B 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 14:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10904
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Feb 2022 14:48:46 GMT

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EADB 1 KB
853 B 14ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 15 Feb 2021 15:30:58 GMT
expires: Tue, 16 Feb 2021 15:30:58 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 8372
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F31B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8bc9283e8bbb60922a328c573886f928b759768156548f285fd8c062ed503a9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK Cookie set cshow.php Show response
www.awin1.com/ Frame BBB5 43 B
705 B 126ms
59ms Document
image/gif 104.109.83.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2347560&v=14114&q=358322&r=414915&pref1=86781900196382800710164011506028&pv=1

Requested by

Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=belwq516sv9v&nw=20&renderingType=javascript&namespace=12e8a4888d&subid=&uid=bae0fbb284408b2a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq9XnZLQqYIGWGcWo7gOe75TACOS0qoNXs_nW3O8K8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBNoBT9Cx02LKG1K1vVMd5FVnDafA0Ry-n7ZAprfAJAivbAzZ_Tj9_14wqOw63kO-8-5TKXRa1tu5dtROm5XZ4D7knFzkyic2_mCLFQ9DLcSlNuzSlvwBgDoDpZph8YN3VUAEkwh9fI5rgn5YK62cYi9BFTlUkpB4FAozel5FkqAvGQge7XvFDt21qIVOAcaJr5x5kkg4PERKWTMCltSCjCzDJv4OLYi_4ye_AsZxm_T_-VrXvQjrUJptyJF0MI5BMmtAFWjOVfSLTvXhMCF9dncqM-43Oav07ePiJ0DABOWU39HOAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBAEAEYHfIIG2FkeC1zdWJzeW4tNDE5Nzg0NDcwMjAxNzMwNYAKA5gLAcgLAYAMAbAThcC1CtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoBTUGQHtTTDHKGjdBA_5vjGSyVY2RLLYIoTqC_4oK1QAvWHw-IdXy3np33A-vSM829JCmPeovhp8AuYA%26sig%3DAOD64_28ncL-z9stM-Kg_smFQ_Ng3uq_Fg%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-Dzvk_xmCWSLMFP66a0QAttW2z3vH2UpXchk7dDlmZm4Z2LHk64b23FSJ_EL5Skhavucl6i8tPNDUcpy8NyjL2WLKlOfDJ5rNZODbwgc0Kj5UGGAMMnna1lddTnbA9x0UIIBXAUUxdwniJYKjueLiRsxe679w%26cry%3D1%26dbm_d%3DAKAmf-CoLvzKI109IMlQCfF56g4hBBqKty03FzvOujcBrCFT83N1s0pR2U1dqzy5L0K2Q_mlGZbMutaxGauRIEsIAqrCcUOPKyF7h1q1H7ec0Jq8hh8l-xt1ieDMSbgkwkG8hIjnO1r_5Jiwni-RHhEMd4K3DtfJCbfLmYJ740IMmKKWkVzk9BMhBLxM8RIAWBJ64_TqH0gHDXDCnTTbYwyi71-JlsK0UaXHwbtvbkZTa0N811KVs-4QCLOQcvJJBFOwbGojiL9qRfg0RgSV5HauyOSwOfGjpU4RX1264bh1ucRblL858kLpmiJfix518e1lsG20yz3Wz4dZ-4PeRaZJCqs6wwV0G-vowpmMykKLac2FexMIHcbU9RaaN7ET5GI2HT1k7reb52sAISU4A4ASW_j9YecsKLogpRssBd6noAdGPJi9Po30rD5UxYu0Nt5-AvPRQiRw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tinthethao.com.vn%2F&ancestorOrigins=https%3A%2F%2Fwww.tinthethao.com.vn&random=9424894416349&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.109.83.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-109-83-210.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Host: www.awin1.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Content-Type: image/gif
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Content-Length: 43
Date: Mon, 15 Feb 2021 17:50:31 GMT
Connection: keep-alive
Set-Cookie: awpv14114=414915|1613411431|4bbf95b0-6fb6-11eb-b15c-692d064d6d31;domain=.awin1.com;path=/;expires=Wednesday, 17-Mar-2021 17:50:31 UTC;Secure;SameSite=None AWSESS=358322:2347560;domain=.awin1.com;path=/;Secure;SameSite=None
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H/1.1 200
OK request_content.php Show response
hal900028.redintelligence.net/ Frame F87D 6 KB
2 KB 109ms
37ms Document
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request_content.php?s=86781900196382800710164011506028&a=3cf9cfc5
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=belwq516sv9v&nw=20&renderingType=javascript&namespace=12e8a4888d&subid=&uid=bae0fbb284408b2a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq9XnZLQqYIGWGcWo7gOe75TACOS0qoNXs_nW3O8K8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBNoBT9Cx02LKG1K1vVMd5FVnDafA0Ry-n7ZAprfAJAivbAzZ_Tj9_14wqOw63kO-8-5TKXRa1tu5dtROm5XZ4D7knFzkyic2_mCLFQ9DLcSlNuzSlvwBgDoDpZph8YN3VUAEkwh9fI5rgn5YK62cYi9BFTlUkpB4FAozel5FkqAvGQge7XvFDt21qIVOAcaJr5x5kkg4PERKWTMCltSCjCzDJv4OLYi_4ye_AsZxm_T_-VrXvQjrUJptyJF0MI5BMmtAFWjOVfSLTvXhMCF9dncqM-43Oav07ePiJ0DABOWU39HOAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBAEAEYHfIIG2FkeC1zdWJzeW4tNDE5Nzg0NDcwMjAxNzMwNYAKA5gLAcgLAYAMAbAThcC1CtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoBTUGQHtTTDHKGjdBA_5vjGSyVY2RLLYIoTqC_4oK1QAvWHw-IdXy3np33A-vSM829JCmPeovhp8AuYA%26sig%3DAOD64_28ncL-z9stM-Kg_smFQ_Ng3uq_Fg%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-Dzvk_xmCWSLMFP66a0QAttW2z3vH2UpXchk7dDlmZm4Z2LHk64b23FSJ_EL5Skhavucl6i8tPNDUcpy8NyjL2WLKlOfDJ5rNZODbwgc0Kj5UGGAMMnna1lddTnbA9x0UIIBXAUUxdwniJYKjueLiRsxe679w%26cry%3D1%26dbm_d%3DAKAmf-CoLvzKI109IMlQCfF56g4hBBqKty03FzvOujcBrCFT83N1s0pR2U1dqzy5L0K2Q_mlGZbMutaxGauRIEsIAqrCcUOPKyF7h1q1H7ec0Jq8hh8l-xt1ieDMSbgkwkG8hIjnO1r_5Jiwni-RHhEMd4K3DtfJCbfLmYJ740IMmKKWkVzk9BMhBLxM8RIAWBJ64_TqH0gHDXDCnTTbYwyi71-JlsK0UaXHwbtvbkZTa0N811KVs-4QCLOQcvJJBFOwbGojiL9qRfg0RgSV5HauyOSwOfGjpU4RX1264bh1ucRblL858kLpmiJfix518e1lsG20yz3Wz4dZ-4PeRaZJCqs6wwV0G-vowpmMykKLac2FexMIHcbU9RaaN7ET5GI2HT1k7reb52sAISU4A4ASW_j9YecsKLogpRssBd6noAdGPJi9Po30rD5UxYu0Nt5-AvPRQiRw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tinthethao.com.vn%2F&ancestorOrigins=https%3A%2F%2Fwww.tinthethao.com.vn&random=9424894416349&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 6d230bb660f1ee348cff9edadd47bfc8d04d9d6af0bb691d1eb7dbeaf8c1eb20

Request headers

Host: hal900028.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=6b79517b4f6ad0df
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

Date: Mon, 15 Feb 2021 17:50:31 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 15 Feb 2021 17:50:31 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1979
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2

200

spacer.gif
cct.connects.ch/images/ Frame E871
Redirect Chain

https://cct.connects.ch/tpv.php?t=116827V1869151989B&subid=86781900196382800710164011506028
https://cct.connects.ch/images/spacer.gif

43 B
221 B

46ms
41ms

Image
image/gif

84.200.5.215
ACCELERATED-IT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cct.connects.ch/images/spacer.gif

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.200.5.215 , Germany, ASN31400 (ACCELERATED-IT, DE),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Nov 2018 09:35:57 GMT
server: nginx
etag: "5bf526fd-2b"
content-type: image/gif
accept-ranges: bytes
content-length: 43
x-xss-protection: 1; mode=block

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:31 GMT
x-content-type-options: nosniff
server: nginx
content-type: text/html; charset=UTF-8
location: images/spacer.gif
cache-control: no-store, no-cache, must-revalidate
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E871 43 B
702 B 131ms
58ms Image
image/gif 104.109.83.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2528692&v=13872&q=388081&r=414915&pref1=86781900196382800710164011506028&pv=1

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.109.83.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-109-83-210.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:31 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ Frame E871 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9224040d7a59a793ef0f7acec349a383d6df9dcb72c451ca0f458ae7e0bd8b90

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK Cookie set cshow.php Show response
www.awin1.com/ Frame EEB3 43 B
705 B 60ms
57ms Document
image/gif 104.109.83.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2347560&v=14114&q=358322&r=414915&pref1=15486100244936000710152011506001&pv=1

Requested by

Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=jaca9pdc7b7l&nw=20&renderingType=javascript&namespace=86e51a8e53&subid=&uid=0829872d8b8b479a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdcmDZLQqYIKWGcWo7gOe75TACOS0qoNXl8qo_64H8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBNkBT9C2Ym2ctjBZuJP1rGW_JonFLNpeBmv17KVBuFAK8mt3ZNOj3lrAGLZx9ADZc4GjcfHsOfobMxhg74_FeAf73RFv4WoTahEjNi7AGBbTeGNJM0UNOyESi0w6Bbd_WPd_t8HafNCVBz4i5idEZZmaM1EoNFIjWce942PCGkkpvWebxwRzso1wKq5BY4Y7qrVY9su0HSSl9gQn9IIIDkL9gJp4N-d4V7BNGUcheVRadPz8o7pDA1RF0avd91Afel65UCM1JQ-FYglNZ99cJxq5znuS8XZl8jO9lsAE5ZTf0c4B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00MTk3ODQ0NzAyMDE3MzA1gAoDmAsByAsBgAwBsBOFwLUK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoVG18dAOn8A9p44qKpYpfeonp6mKumTOlpYm_Cb2imbCTUB0kng8k4-2yJw4eWc30uSNHSUe1i-pohDg%26sig%3DAOD64_0A5ELTw-fjhN4MwqE4g7PFgrcAcQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-BjGu0EAqPtXJrAYeqDxLuJ78Hx4DHoomOYBhsTyJDqPuL3aHXXL9qIBTjbt0_-F3iDqv2fBUOwpC6E3QWBIG7GsKvB2TE9Ngsd3hXEhIaPjsAdtMNJbfCl2FJGRp6yPvcp3KUzmkMeNIsTdohYM4iM9uMM1Q%26cry%3D1%26dbm_d%3DAKAmf-BI6kLxI9DeRX8U8u_80DDk6Uwatg-EaqkxPuRVk7q8_HprRAWExT3LPHX_UymhhJYsYEIg-wwspMcbpQFPPucQfQsu4p7bkRGKl9Pmg18SmUWM80zTolbuq-sKT6FRLUftNcNUDZsacMjWcrTHs5jxU6PooM-d_QVcTjV7sYtfZlzr6rPoX-EPueGYG6qgUoFHUGZIQdj0fRLHk7ygfc_F2Hr6iw6R67yUha5kMcetdIgbjhbBGZMcQvDF9OQLyPXgim4EkPjclsp2ySpRjuwX4ujhoHBFc0pTlADy60uJM8euECU__HD8_4wRLnC9UFNKok2hjKoRPzXeibiWHW0yyJ2C_wcqBs8XPf1aNOkd84ArKRhqYm7U9oWJkpuAjwg9kzwI0l56PszF9W42-h7S6iM15F-X9KH5JJ2SyA-nsRGaNW7_AKCTyGeV3S-FuIBVFAz7%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tinthethao.com.vn%2F&ancestorOrigins=https%3A%2F%2Fwww.tinthethao.com.vn&random=6691975141503&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.109.83.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-109-83-210.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Host: www.awin1.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: awpv14114=414915|1613411431|4bbf95b0-6fb6-11eb-b15c-692d064d6d31; AWSESS=358322:2347560
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Content-Type: image/gif
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Content-Length: 43
Date: Mon, 15 Feb 2021 17:50:31 GMT
Connection: keep-alive
Set-Cookie: awpv14114=414915|1613411431|4bc8bd70-6fb6-11eb-975f-692d0f3afe45;domain=.awin1.com;path=/;expires=Wednesday, 17-Mar-2021 17:50:31 UTC;Secure;SameSite=None AWSESS=358322:2347560;domain=.awin1.com;path=/;Secure;SameSite=None
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H/1.1 200
OK request_content.php Show response
hal90001.redintelligence.net/ Frame 75D2 6 KB
2 KB 111ms
37ms Document
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/request_content.php?s=15486100244936000710152011506001&a=a495ecc0
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=jaca9pdc7b7l&nw=20&renderingType=javascript&namespace=86e51a8e53&subid=&uid=0829872d8b8b479a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdcmDZLQqYIKWGcWo7gOe75TACOS0qoNXl8qo_64H8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBNkBT9C2Ym2ctjBZuJP1rGW_JonFLNpeBmv17KVBuFAK8mt3ZNOj3lrAGLZx9ADZc4GjcfHsOfobMxhg74_FeAf73RFv4WoTahEjNi7AGBbTeGNJM0UNOyESi0w6Bbd_WPd_t8HafNCVBz4i5idEZZmaM1EoNFIjWce942PCGkkpvWebxwRzso1wKq5BY4Y7qrVY9su0HSSl9gQn9IIIDkL9gJp4N-d4V7BNGUcheVRadPz8o7pDA1RF0avd91Afel65UCM1JQ-FYglNZ99cJxq5znuS8XZl8jO9lsAE5ZTf0c4B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00MTk3ODQ0NzAyMDE3MzA1gAoDmAsByAsBgAwBsBOFwLUK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoVG18dAOn8A9p44qKpYpfeonp6mKumTOlpYm_Cb2imbCTUB0kng8k4-2yJw4eWc30uSNHSUe1i-pohDg%26sig%3DAOD64_0A5ELTw-fjhN4MwqE4g7PFgrcAcQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-BjGu0EAqPtXJrAYeqDxLuJ78Hx4DHoomOYBhsTyJDqPuL3aHXXL9qIBTjbt0_-F3iDqv2fBUOwpC6E3QWBIG7GsKvB2TE9Ngsd3hXEhIaPjsAdtMNJbfCl2FJGRp6yPvcp3KUzmkMeNIsTdohYM4iM9uMM1Q%26cry%3D1%26dbm_d%3DAKAmf-BI6kLxI9DeRX8U8u_80DDk6Uwatg-EaqkxPuRVk7q8_HprRAWExT3LPHX_UymhhJYsYEIg-wwspMcbpQFPPucQfQsu4p7bkRGKl9Pmg18SmUWM80zTolbuq-sKT6FRLUftNcNUDZsacMjWcrTHs5jxU6PooM-d_QVcTjV7sYtfZlzr6rPoX-EPueGYG6qgUoFHUGZIQdj0fRLHk7ygfc_F2Hr6iw6R67yUha5kMcetdIgbjhbBGZMcQvDF9OQLyPXgim4EkPjclsp2ySpRjuwX4ujhoHBFc0pTlADy60uJM8euECU__HD8_4wRLnC9UFNKok2hjKoRPzXeibiWHW0yyJ2C_wcqBs8XPf1aNOkd84ArKRhqYm7U9oWJkpuAjwg9kzwI0l56PszF9W42-h7S6iM15F-X9KH5JJ2SyA-nsRGaNW7_AKCTyGeV3S-FuIBVFAz7%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tinthethao.com.vn%2F&ancestorOrigins=https%3A%2F%2Fwww.tinthethao.com.vn&random=6691975141503&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: bafbd03ea0a875395443568ce70a208521a6698eb2a8201bff38938c1e608c73

Request headers

Host: hal90001.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=6b79517b4f6ad0df
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

Date: Mon, 15 Feb 2021 17:50:31 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 15 Feb 2021 17:50:31 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2015
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2

200

spacer.gif
cct.connects.ch/images/ Frame 9D1C
Redirect Chain

https://cct.connects.ch/tpv.php?t=116827V1869151989B&subid=15486100244936000710152011506001
https://cct.connects.ch/images/spacer.gif

43 B
221 B

48ms
41ms

Image
image/gif

84.200.5.215
ACCELERATED-IT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cct.connects.ch/images/spacer.gif

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.200.5.215 , Germany, ASN31400 (ACCELERATED-IT, DE),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Nov 2018 09:35:57 GMT
server: nginx
etag: "5bf526fd-2b"
content-type: image/gif
accept-ranges: bytes
content-length: 43
x-xss-protection: 1; mode=block

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:31 GMT
x-content-type-options: nosniff
server: nginx
content-type: text/html; charset=UTF-8
location: images/spacer.gif
cache-control: no-store, no-cache, must-revalidate
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9D1C 43 B
702 B 113ms
58ms Image
image/gif 104.109.83.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2528692&v=13872&q=388081&r=414915&pref1=15486100244936000710152011506001&pv=1

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.109.83.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-109-83-210.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:31 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ Frame 9D1C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1a86127dd00d4c60852d6c02f097b66a50b630490cc51d82a85c62f0b0c3052

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

ztpv.php Show response
www.conrad.ch/ Frame EEE5
Redirect Chain

https://www.awin1.com/cshow.php?s=2246541&v=11482&q=346449&r=414915&pref1=31603600207147300710152011506012&pv=1
https://www.zenaps.com/cshow.php?pvr=4bdae5e0-6fb6-11eb-975f-692d0f3afe45&v=11482&r=414915&q=346449&s=2246541&viewref=31603600207147300710152011506012&pv=1
https://www.conrad.ch/ztpv.php?insert=AW

3 B
331 B

106ms
79ms

Document
text/html

2606:4700::6812:d25f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.conrad.ch/ztpv.php?insert=AW

Requested by

Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=jaca9pdc7b7l&nw=20&renderingType=javascript&namespace=bfebb1a4ac&subid=&uid=bfe1da1287ec4494&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCBt5eZLQqYPyVGcWo7gOe75TACOS0qoNXl8qo_64H8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBNYBT9B9BwHGGnsrVgL7gyhkDFBPOWav5TLkRP6SD_7IMYZ8cIrSrW0caJY_3sXX-SaI3AFYUq7KdRTh9Cw0HWM9BJKcFn51OEey4gTSAcz-hdBWDcxs0OUZW7BluIAJcfgBVOHGHs0GgdBmxbNHN97eE6Fz2A4sxcswIkZPiOhVT6FS2EdtrdAexO_JaY6eCkIDrGdpmr4lLv6MT48_gf2kjPBhck8letdpX1Ldi_8ZT_4Zm-qE-HLUKqUlZBSf8u0i3YT7IEIHqFqgqTZuREbY9xKiQkhgBcAE5ZTf0c4B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00MTk3ODQ0NzAyMDE3MzA1gAoDmAsByAsBgAwBsBOFwLUK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoVRkKb1TiSC-RlGAHCVDfynMw_glRGLHcdz59eagE6lHUwWYvm2EB7168jpSVKxMU7Jb8B9Y0cuH-to0%26sig%3DAOD64_0z9xxZq8mN4TWob0fn_w92_0mOsA%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-DVFne3XLMnBjHM9doZ87gonMY81WF8YclE8CjHhKFn0D_EfsnmzGz9MshIWkg1GCNKuqa655IllzsY5UnzFThaazaQfkbDquy_FNCRuYpf3pIh0j00FlrGnCEvtOI4PsGTNNVO9CXS_vcovEOyzxT8FcUUwQ%26cry%3D1%26dbm_d%3DAKAmf-CCi3I3W6Nmk4421_vEyryeqIUcl6VsXRpzWYE2_BN-ysiQtHqsXb-DBxbfA7KYgW9VsmCSE6qOtkrUGV-iTrruhL6MF0bUMnN6BVGCfSshDosEE0XPXhtV9qd5pSdpwaC7BCZzcynUAUhUs0szDqLhcKrlvEo-FJQmtFoKFSgihKxtBAAUfr3xlL0ZRlW0LsTkIPJxIUU69lYndQ_QtwFyc_YHemJVvpkSgAORfyB505Lt9RkzK1Xmo3lx_GX0sLeNnv8aijf9rxjwyQT4my7t-iB5fEp1MlEKQeE7-ABVRLiWJtDkGEszZqdr3OjrOBbWB_Aj6DW5Ex_OlFzKuaWpP3pTRI6sz-xYV31NFF1bJygUqy2gc0uqFZeJi6_pLjCiC4k5sKcK9Cb4HUMWNehoNOUEe7cuHXrErj15u46LxHfwXupvS_qSUvkBNBGOMVz4C5D4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tinthethao.com.vn%2F&ancestorOrigins=https%3A%2F%2Fwww.tinthethao.com.vn&random=3765720953986&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d25f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3cf5192354f71615ac51034b3e97c20eda99643fcaf5bbe6d41ad59bd12167

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: www.conrad.ch
:scheme: https
:path: /ztpv.php?insert=AW
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

date: Mon, 15 Feb 2021 17:50:31 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d2225542982bf289a0146ce941e6a02fa1613411431; expires=Wed, 17-Mar-21 17:50:31 GMT; path=/; domain=.www.conrad.ch; HttpOnly; SameSite=Lax; Secure __cf_bm=1ac81a6d5396a130e09abc1259e9730d25161705-1613411431-1800-AUML4uHeZIZNIvpSwnYCSLbXV8OgXpxIqfcy5kKflvxpLxCkJX9FUezDp/4zpfcun6bFB42hlP/yQbSqsl3ZPKI=; path=/; expires=Mon, 15-Feb-21 18:20:31 GMT; domain=.www.conrad.ch; HttpOnly; Secure; SameSite=None
server-timing: intid;desc=5e52c4cbfcc29807 intid;desc=00137d2299e1a49d
cache-control: no-cache
expires: -1
vary: Accept-Encoding
p3p: policyref="http://www.conrad.ch/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
age: 0
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
cf-request-id: 084869cbef00004a861fa9a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6220df264f2a4a86-FRA
content-encoding: br

Redirect headers

Location: https://www.conrad.ch/ztpv.php?insert=AW
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Content-Length: 0
Date: Mon, 15 Feb 2021 17:50:31 GMT
Connection: keep-alive
Set-Cookie: awpv11482=414915|1613411431|4bdae5e0-6fb6-11eb-975f-692d0f3afe45;domain=.zenaps.com;path=/;expires=Monday, 22-Feb-2021 17:50:31 UTC;Secure;SameSite=None AWSESS=346449:2246541;domain=.zenaps.com;path=/;Secure;SameSite=None
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H2

404

aff_c.html Show response
www.parship.ch/lp/v00/ Frame BE2F
Redirect Chain

https://www.awin1.com/cshow.php?s=2524213&v=11690&q=377451&r=414915&pref1=31603600207147300710152011506012&pv=1
https://www.zenaps.com/cshow.php?pvr=4bdabed0-6fb6-11eb-b15c-692d064d6d31&v=11690&r=414915&q=377451&s=2524213&viewref=31603600207147300710152011506012&pv=1
https://trf.greatviews.de/cl?m315=c&q=bcFmSNwtSyFj8cl6fn8v8CX8&pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV00ID
https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID

12 KB
4 KB

109ms
71ms

Document
text/html

2606:4700::6813:ba79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a79029fecda2e3b5657df9665e07f8edf88924eca8268c3aebb63289b376afb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.parship.ch
:scheme: https
:path: /lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

date: Mon, 15 Feb 2021 17:50:31 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=d38fc63e7033d14cb0b18073b0f2bad4e1613411431; expires=Wed, 17-Mar-21 17:50:31 GMT; path=/; domain=.www.parship.ch; HttpOnly; SameSite=Lax; Secure peg_session=!2tW6oRsPVb1Ef8BkGFqRzmIClh5rRtU11vUu+JJa1dPMWps/TFb41j5TkXDiT9egj2QPDRGC/pm0eg==; path=/; Httponly; Secure __cf_bm=aeb1e43698c0978b35fd5ffa30889d0b9aeeb974-1613411431-1800-AVteVJQIsp6eOpNJ53LEKNW35YokVBLWFOYgH+CLCQHKk3AMIx1hT85/gwd7WFGsVGMvnBlsZT4sPCarr9kKSUQ=; path=/; expires=Mon, 15-Feb-21 18:20:31 GMT; domain=.www.parship.ch; HttpOnly; Secure; SameSite=None
server-timing: intid;desc=c0dbe3ad128d1b27
instanatraceid: c0dbe3ad128d1b27
ownerid: 40
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
content-language: de-CH
p3p: CP="ALL CUR OUR STP UNI PUR"
vary: User-Agent
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
cf-request-id: 084869cc6700004a9e03172000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6220df270c984a9e-FRA
content-encoding: br

Redirect headers

server: nginx
date: Mon, 15 Feb 2021 17:50:24 GMT
content-type: text/html; charset=UTF-8
location: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
set-cookie: ads_si=a%3A3%3A%7Bs%3A2%3A%22si%22%3Bs%3A36%3A%2247fb2bb0-6fb6-11eb-8253-00155d53a129%22%3Bs%3A3%3A%22sit%22%3Bi%3A1613497824%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D; path=/; secure; HttpOnly; SameSite=None cjcookie=a%3A2%3A%7Bs%3A2%3A%22id%22%3Bs%3A38%3A%22cj47fb4596-6fb6-11eb-8253-00155d53a129%22%3Bs%3A6%3A%22expire%22%3Bi%3A1676483424%3B%7D; expires=Wed, 15-Feb-2023 17:50:24 GMT; Max-Age=63072000; path=/; secure; SameSite=None mcookie=a%3A3%3A%7Bs%3A4%3A%22m316%22%3Bs%3A36%3A%2247fb2b4c-6fb6-11eb-8253-00155d53a129%22%3Bs%3A11%3A%22click_12791%22%3Bs%3A57%3A%221613411424%25%255529584%25%2547fb2a8e-6fb6-11eb-8253-00155d53a129%22%3Bs%3A6%3A%22expire%22%3Bi%3A1628963424%3B%7D; expires=Sat, 14-Aug-2021 17:50:24 GMT; Max-Age=15552000; path=/; secure; HttpOnly; SameSite=None ads_pu=a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A1614016224%3B%7D; expires=Mon, 22-Feb-2021 17:50:24 GMT; Max-Age=604800; path=/; secure; HttpOnly; SameSite=None ads_ps=a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D; path=/; secure; HttpOnly; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server-id: 11
x-robots-tag: noindex, nofollow
access-control-allow-origin: *

GET
H/1.1 200
OK request_content.php Show response
hal900012.redintelligence.net/ Frame 5188 6 KB
2 KB 112ms
43ms Document
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request_content.php?s=31603600207147300710152011506012&a=91dcff08
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=jaca9pdc7b7l&nw=20&renderingType=javascript&namespace=bfebb1a4ac&subid=&uid=bfe1da1287ec4494&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCBt5eZLQqYPyVGcWo7gOe75TACOS0qoNXl8qo_64H8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBNYBT9B9BwHGGnsrVgL7gyhkDFBPOWav5TLkRP6SD_7IMYZ8cIrSrW0caJY_3sXX-SaI3AFYUq7KdRTh9Cw0HWM9BJKcFn51OEey4gTSAcz-hdBWDcxs0OUZW7BluIAJcfgBVOHGHs0GgdBmxbNHN97eE6Fz2A4sxcswIkZPiOhVT6FS2EdtrdAexO_JaY6eCkIDrGdpmr4lLv6MT48_gf2kjPBhck8letdpX1Ldi_8ZT_4Zm-qE-HLUKqUlZBSf8u0i3YT7IEIHqFqgqTZuREbY9xKiQkhgBcAE5ZTf0c4B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00MTk3ODQ0NzAyMDE3MzA1gAoDmAsByAsBgAwBsBOFwLUK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoVRkKb1TiSC-RlGAHCVDfynMw_glRGLHcdz59eagE6lHUwWYvm2EB7168jpSVKxMU7Jb8B9Y0cuH-to0%26sig%3DAOD64_0z9xxZq8mN4TWob0fn_w92_0mOsA%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-DVFne3XLMnBjHM9doZ87gonMY81WF8YclE8CjHhKFn0D_EfsnmzGz9MshIWkg1GCNKuqa655IllzsY5UnzFThaazaQfkbDquy_FNCRuYpf3pIh0j00FlrGnCEvtOI4PsGTNNVO9CXS_vcovEOyzxT8FcUUwQ%26cry%3D1%26dbm_d%3DAKAmf-CCi3I3W6Nmk4421_vEyryeqIUcl6VsXRpzWYE2_BN-ysiQtHqsXb-DBxbfA7KYgW9VsmCSE6qOtkrUGV-iTrruhL6MF0bUMnN6BVGCfSshDosEE0XPXhtV9qd5pSdpwaC7BCZzcynUAUhUs0szDqLhcKrlvEo-FJQmtFoKFSgihKxtBAAUfr3xlL0ZRlW0LsTkIPJxIUU69lYndQ_QtwFyc_YHemJVvpkSgAORfyB505Lt9RkzK1Xmo3lx_GX0sLeNnv8aijf9rxjwyQT4my7t-iB5fEp1MlEKQeE7-ABVRLiWJtDkGEszZqdr3OjrOBbWB_Aj6DW5Ex_OlFzKuaWpP3pTRI6sz-xYV31NFF1bJygUqy2gc0uqFZeJi6_pLjCiC4k5sKcK9Cb4HUMWNehoNOUEe7cuHXrErj15u46LxHfwXupvS_qSUvkBNBGOMVz4C5D4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tinthethao.com.vn%2F&ancestorOrigins=https%3A%2F%2Fwww.tinthethao.com.vn&random=3765720953986&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: b7e3fc312937085645380baa78d0d6382dba0e5a67dc0df71934e98d6a7d18ef

Request headers

Host: hal900012.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=6b79517b4f6ad0df
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

Date: Mon, 15 Feb 2021 17:50:31 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 15 Feb 2021 17:50:31 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1965
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2

200

spacer.gif
cct.connects.ch/images/ Frame 9112
Redirect Chain

https://cct.connects.ch/tpv.php?t=116827V1410150335B&subid=31603600207147300710152011506012
https://cct.connects.ch/images/spacer.gif

43 B
221 B

41ms
39ms

Image
image/gif

84.200.5.215
ACCELERATED-IT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cct.connects.ch/images/spacer.gif

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.200.5.215 , Germany, ASN31400 (ACCELERATED-IT, DE),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Nov 2018 09:35:57 GMT
server: nginx
etag: "5bf526fd-2b"
content-type: image/gif
accept-ranges: bytes
content-length: 43
x-xss-protection: 1; mode=block

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:31 GMT
x-content-type-options: nosniff
server: nginx
content-type: text/html; charset=UTF-8
location: images/spacer.gif
cache-control: no-store, no-cache, must-revalidate
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ Frame 9112 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 139256f257d37dcf690eff4cb18e134871fba6c7db08a08491553ba8ef50e540

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A918 42 B
89 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuuA7uF6AwVHIIbw2F99qCkAGyLCAeX40Tw7QyYXbk_xP_3gackaE1NT1OHYi_mUi9mNsSTE59JMSj0TVL9HGM6oCqjwgM55MVLgf7Zwnjf00Zm&sai=AMfl-YTMpgUxeBOkGISLyjzHdRXXCOmMwOQsfvHuhmWI1xsF53kU0yEVvlexmlOCXfhqKWfp8iwfw73Y2Qdiei8zv8aIne-_nRgvbqNYjJ_JjBBP2tzI08cSx0wBioAEDKG8&sig=Cg0ArKJSzPgRXxB95CXJEAE&cid=CAASPeRoiqs6FNS1C08CXNlWy51YKmhdxmApeEHhnHxMg3K8hKG9zy5gH7w1wSaOKV55T6AGXk5r-HmiqEMHM_o&id=osdim&mcvt=1184&p=379,1075,629,1375&mtos=1184,1184,1184,1184,1184&tos=1184,0,0,0,0&v=20210210&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1927958951&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1613411429525&dlt=26&rpt=2&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1x1.gif Show response
cct.connects.ch/public/12/images/ Frame 08C9
Redirect Chain

https://cct.connects.ch/tpv.php?t=116827C1507143201M&subid=71761100242143300710156011506017
https://cct.connects.ch/public/12/images/1x1.gif?x=1&lea_source=2021021518503145075879447X116827V1507143201MS71761100242143300710156011506017

42 B
220 B

44ms
41ms

Document
image/gif

84.200.5.215
ACCELERATED-IT

General

Check archive.org

Show headers Download Go to

Full URL

https://cct.connects.ch/public/12/images/1x1.gif?x=1&lea_source=2021021518503145075879447X116827V1507143201MS71761100242143300710156011506017

Requested by

Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=fmcs5wnh4tfi&nw=20&renderingType=javascript&namespace=b4e946282d&subid=&uid=c07f69f3a765c901&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKZlOZLQqYP-VGcWo7gOe75TACOS0qoNXmuHOw60K8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBN0BT9Bw9zE5nenPqPRlffpUQSyowuEL1CDoxETDNt2bOaFW1tmN19JAK0eLO9ot2GlXlFIojybiUm5RG5j33ssxWeKq0QRJr4y1x9MIqKxNmeI41AtuhcdUS92n92L7QpjPF1RgSCUb67SuoQEvaDRONm1oauN6tjFhP7ioSlnyzQI7tEWbN1315ef7yAfz7xgHb_FgHq5w8QX6r4Hubla3kfGN1lPdfexV77uv504-gUXEUnY1ASGCcXMVrrTD-UUZqCK5KOjqxdX6JynEKw4wS7HpBhQH4Z22NvezFdbABOWU39HOAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBAEAEYHfIIG2FkeC1zdWJzeW4tNDE5Nzg0NDcwMjAxNzMwNYAKA5gLAcgLAYAMAbAThcC1CtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoRSCA6VJYeKpENUvMvhFGu0L7lAYgeOjM69wY5qPrO_WIZdii0VZW5H8DZjEP-8HmqV3Zp_FFNq1FyNg%26sig%3DAOD64_32D9-Cj8UiRvYY12yT2TOlDyzqNQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-CGVXe5fYh_qkecv1He4Usl87lzY_we1Dz-cbzsb470UtATWi18dfE-ZqDpuqAKZM2cNv0fFQg6iQmpom45wEkIHMX3OWLb8e84Q6hnTdBbBoLn9B604lOPHO5FmUbaiiH-gA1XXbfnhkYQWkPNZOvLVtBwqg%26cry%3D1%26dbm_d%3DAKAmf-BsvvcDxMPBtcpClkDfkTqOmFObHS4BsEXdzR26913Qw_ktkfWgfIo7mbL0XEcnu-GHYsARhUDJeMU6Z22VnqknaJnR0QDGpKrMEWL8SGMSrOMo1wuxEjpACYAAAkvv21GGAC2l9m_I_7szQa0_kwzFzXvjumrW-jak4Vo28ALnwS8_SI26u5Ex9Wge_PJEl18hs2YEsZWw54xvfcDBfV4z8TTpUvIQsOX4eOBbwetzgmWzyhw3Rs8vVh-3MAjqTyzCkuaQ_NNmouuLt0qgHvN7BaylUwN6onl1gg3gWuVWMzr87eLf5UBAp2QNpQNxNmoEVlh5MKDzwSotRW2MKEyoMY6vuvk_rKBX0P8yC1f6TddBkOlAqQhBEqUaOIC0JZRpafKlrXJ6ho64iTVhUdNqqMV9S0LTV619R5ieicHCDJO_la4rkKJaWQYO3xg-xpObU7ba%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tinthethao.com.vn%2F&ancestorOrigins=https%3A%2F%2Fwww.tinthethao.com.vn&random=8847694358455&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.200.5.215 , Germany, ASN31400 (ACCELERATED-IT, DE),

Reverse DNS

Software

nginx /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cct.connects.ch
:scheme: https
:path: /public/12/images/1x1.gif?x=1&lea_source=2021021518503145075879447X116827V1507143201MS71761100242143300710156011506017
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PHPSESSID=226u8m3ftnenvtb0mbg6u6ijn2; ppv1869=2021021518503127066045879X116827V1869151989BS86781900196382800710164011506028; ppv1410=2021021518503127066045921X116827V1410150335BS31603600207147300710152011506012; ppv1507=2021021518503145075879447X116827V1507143201MS71761100242143300710156011506017
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

server: nginx
date: Mon, 15 Feb 2021 17:50:31 GMT
content-type: image/gif
content-length: 42
last-modified: Wed, 29 Jul 2020 17:40:10 GMT
etag: "5f21b47a-2a"
accept-ranges: bytes
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

server: nginx
date: Mon, 15 Feb 2021 17:50:31 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID= 226u8m3ftnenvtb0mbg6u6ijn2; SameSite=None; Secure ppv1507=2021021518503145075879447X116827V1507143201MS71761100242143300710156011506017; expires=Mon, 22-Feb-2021 17:50:31 GMT; Max-Age=604800; path=/; domain=.connects.ch; SameSite=None; secure; HttpOnly
location: https://cct.connects.ch/public/12/images/1x1.gif?x=1&lea_source=2021021518503145075879447X116827V1507143201MS71761100242143300710156011506017
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

index.html Show response
www.elitepartner.ch/cms_lp/16/u/ht/ Frame D329
Redirect Chain

https://www.awin1.com/cshow.php?s=2520058&v=9306&q=377095&r=414915&pref1=71761100242143300710156011506017&pv=1
https://trf.greatviews.de/cl?m315=c&q=Grv3XWaQiME2c3i18P5mgkhg&pscode=03_120_60078_0001_0001_0001_empty_AF9306_414915_1613411431_4bec7211-6fb6-11eb-b15c-692d064d6d31ID_GV00ID
https://www.elitepartner.ch/cms_lp/16/u/ht/index.html?pscode=03_120_60078_0001_0001_0001_empty_AF9306_414915_1613411431_4bec7211-6fb6-11eb-b15c-692d064d6d31ID_GV1613411424.5564004.47fb4834-6fb6-11e...

482 B
925 B

82ms
37ms

Document
text/html

2606:4700::6813:fb79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elitepartner.ch/cms_lp/16/u/ht/index.html?pscode=03_120_60078_0001_0001_0001_empty_AF9306_414915_1613411431_4bec7211-6fb6-11eb-b15c-692d064d6d31ID_GV1613411424.5564004.47fb4834-6fb6-11eb-9148-00155d53a129ID

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:fb79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a73b5ab43cf666cda325f42da8e1d9079fda00292b93b94ab4ff76dc38fb7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.elitepartner.ch
:scheme: https
:path: /cms_lp/16/u/ht/index.html?pscode=03_120_60078_0001_0001_0001_empty_AF9306_414915_1613411431_4bec7211-6fb6-11eb-b15c-692d064d6d31ID_GV1613411424.5564004.47fb4834-6fb6-11eb-9148-00155d53a129ID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

date: Mon, 15 Feb 2021 17:50:31 GMT
content-type: text/html
set-cookie: __cfduid=de8af0a2429b277f0c279a46f3aaf5abd1613411431; expires=Wed, 17-Mar-21 17:50:31 GMT; path=/; domain=.www.elitepartner.ch; HttpOnly; SameSite=Lax; Secure __cf_bm=3ed3aa2a8a005b6330224a546fdb24d16238e22c-1613411431-1800-Ac2NpohQn5637B2CB6oB1G+P3+LJStWwlTsVbLK5ISFQkFt6p7ISke5iwPk87Dsm5diUoFpEJbjgFTKtvJbphCw=; path=/; expires=Mon, 15-Feb-21 18:20:31 GMT; domain=.www.elitepartner.ch; HttpOnly; Secure; SameSite=None
last-modified: Wed, 09 May 2018 08:40:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
cf-request-id: 084869cc6e00004abdce2be000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6220df271fa64abd-FRA
content-encoding: br

Redirect headers

server: nginx
date: Mon, 15 Feb 2021 17:50:24 GMT
content-type: text/html; charset=UTF-8
location: https://www.elitepartner.ch/cms_lp/16/u/ht/index.html?pscode=03_120_60078_0001_0001_0001_empty_AF9306_414915_1613411431_4bec7211-6fb6-11eb-b15c-692d064d6d31ID_GV1613411424.5564004.47fb4834-6fb6-11eb-9148-00155d53a129ID
set-cookie: ads_si=a%3A3%3A%7Bs%3A2%3A%22si%22%3Bs%3A36%3A%2247fb4956-6fb6-11eb-9148-00155d53a129%22%3Bs%3A3%3A%22sit%22%3Bi%3A1613497824%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D; path=/; secure; HttpOnly; SameSite=None cjcookie=a%3A2%3A%7Bs%3A2%3A%22id%22%3Bs%3A38%3A%22cj47fb6314-6fb6-11eb-9148-00155d53a129%22%3Bs%3A6%3A%22expire%22%3Bi%3A1676483424%3B%7D; expires=Wed, 15-Feb-2023 17:50:24 GMT; Max-Age=63072000; path=/; secure; SameSite=None mcookie=a%3A3%3A%7Bs%3A4%3A%22m316%22%3Bs%3A36%3A%2247fb48f2-6fb6-11eb-9148-00155d53a129%22%3Bs%3A11%3A%22click_13264%22%3Bs%3A57%3A%221613411424%25%255564004%25%2547fb4834-6fb6-11eb-9148-00155d53a129%22%3Bs%3A6%3A%22expire%22%3Bi%3A1628963424%3B%7D; expires=Sat, 14-Aug-2021 17:50:24 GMT; Max-Age=15552000; path=/; secure; HttpOnly; SameSite=None ads_pu=a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A1614016224%3B%7D; expires=Mon, 22-Feb-2021 17:50:24 GMT; Max-Age=604800; path=/; secure; HttpOnly; SameSite=None ads_ps=a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D; path=/; secure; HttpOnly; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server-id: 11
x-robots-tag: noindex, nofollow
access-control-allow-origin: *

GET
H2

200

ztpv.php Show response
www.conrad.ch/ Frame FF21
Redirect Chain

https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=71761100242143300710156011506017&pv=1
https://www.conrad.ch/ztpv.php?insert=AW

3 B
718 B

65ms
37ms

Document
text/html

2606:4700::6812:d25f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.conrad.ch/ztpv.php?insert=AW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d25f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3cf5192354f71615ac51034b3e97c20eda99643fcaf5bbe6d41ad59bd12167

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: www.conrad.ch
:scheme: https
:path: /ztpv.php?insert=AW
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

date: Mon, 15 Feb 2021 17:50:31 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d2225542982bf289a0146ce941e6a02fa1613411431; expires=Wed, 17-Mar-21 17:50:31 GMT; path=/; domain=.www.conrad.ch; HttpOnly; SameSite=Lax; Secure __cf_bm=a79212c592c4b39fd8795e100977f1da5ad737c0-1613411431-1800-ARjmjwcGifoO7kwdjfjRQnQhnSobe3weN0VEgDi7QemFXvAeGgzpiXC+U68lMq/fPPOvvTlBx7UbK/0TvDW2AWI=; path=/; expires=Mon, 15-Feb-21 18:20:31 GMT; domain=.www.conrad.ch; HttpOnly; Secure; SameSite=None
server-timing: intid;desc=4fa9565e632ddef1 intid;desc=da4cb8b99b31b0cf
cache-control: no-cache
expires: -1
vary: Accept-Encoding
p3p: policyref="http://www.conrad.ch/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
age: 0
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
cf-request-id: 084869cbee00004a863f80d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6220df264f284a86-FRA
content-encoding: br

Redirect headers

Location: https://www.conrad.ch/ztpv.php?insert=AW
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Content-Length: 0
Date: Mon, 15 Feb 2021 17:50:31 GMT
Connection: keep-alive
Set-Cookie: awpv11467=414915|1613411431|4bece740-6fb6-11eb-b15c-692d064d6d31;domain=.awin1.com;path=/;expires=Monday, 22-Feb-2021 17:50:31 UTC;Secure;SameSite=None AWSESS=346432:2246412;domain=.awin1.com;path=/;Secure;SameSite=None
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H/1.1 200
OK request_content.php Show response
hal900017.redintelligence.net/ Frame 4D72 6 KB
2 KB 110ms
38ms Document
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/request_content.php?s=71761100242143300710156011506017&a=cdb2c97d
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=fmcs5wnh4tfi&nw=20&renderingType=javascript&namespace=b4e946282d&subid=&uid=c07f69f3a765c901&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKZlOZLQqYP-VGcWo7gOe75TACOS0qoNXmuHOw60K8C4QASDqp6RXYPWVzoHgBMgBCakCOye_2rRbtD6oAwGqBN0BT9Bw9zE5nenPqPRlffpUQSyowuEL1CDoxETDNt2bOaFW1tmN19JAK0eLO9ot2GlXlFIojybiUm5RG5j33ssxWeKq0QRJr4y1x9MIqKxNmeI41AtuhcdUS92n92L7QpjPF1RgSCUb67SuoQEvaDRONm1oauN6tjFhP7ioSlnyzQI7tEWbN1315ef7yAfz7xgHb_FgHq5w8QX6r4Hubla3kfGN1lPdfexV77uv504-gUXEUnY1ASGCcXMVrrTD-UUZqCK5KOjqxdX6JynEKw4wS7HpBhQH4Z22NvezFdbABOWU39HOAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBAEAEYHfIIG2FkeC1zdWJzeW4tNDE5Nzg0NDcwMjAxNzMwNYAKA5gLAcgLAYAMAbAThcC1CtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoRSCA6VJYeKpENUvMvhFGu0L7lAYgeOjM69wY5qPrO_WIZdii0VZW5H8DZjEP-8HmqV3Zp_FFNq1FyNg%26sig%3DAOD64_32D9-Cj8UiRvYY12yT2TOlDyzqNQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-CGVXe5fYh_qkecv1He4Usl87lzY_we1Dz-cbzsb470UtATWi18dfE-ZqDpuqAKZM2cNv0fFQg6iQmpom45wEkIHMX3OWLb8e84Q6hnTdBbBoLn9B604lOPHO5FmUbaiiH-gA1XXbfnhkYQWkPNZOvLVtBwqg%26cry%3D1%26dbm_d%3DAKAmf-BsvvcDxMPBtcpClkDfkTqOmFObHS4BsEXdzR26913Qw_ktkfWgfIo7mbL0XEcnu-GHYsARhUDJeMU6Z22VnqknaJnR0QDGpKrMEWL8SGMSrOMo1wuxEjpACYAAAkvv21GGAC2l9m_I_7szQa0_kwzFzXvjumrW-jak4Vo28ALnwS8_SI26u5Ex9Wge_PJEl18hs2YEsZWw54xvfcDBfV4z8TTpUvIQsOX4eOBbwetzgmWzyhw3Rs8vVh-3MAjqTyzCkuaQ_NNmouuLt0qgHvN7BaylUwN6onl1gg3gWuVWMzr87eLf5UBAp2QNpQNxNmoEVlh5MKDzwSotRW2MKEyoMY6vuvk_rKBX0P8yC1f6TddBkOlAqQhBEqUaOIC0JZRpafKlrXJ6ho64iTVhUdNqqMV9S0LTV619R5ieicHCDJO_la4rkKJaWQYO3xg-xpObU7ba%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tinthethao.com.vn%2F&ancestorOrigins=https%3A%2F%2Fwww.tinthethao.com.vn&random=8847694358455&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: b7090c0cca6e3b98541429282f027918c911b36b080008ebb20827f3eb524726

Request headers

Host: hal900017.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=6b79517b4f6ad0df
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

Date: Mon, 15 Feb 2021 17:50:31 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 15 Feb 2021 17:50:31 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1934
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 9951 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9f2058501781dddcbec34fc68abe721eab585e9c6ee0803cf9bd5abe7ec772e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 12B7 42 B
66 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwaV5ZXt5THXM0sMOZFmq6Fk1ISsUNuSAG013Qvbnl9bNCifqOm-M3zeB9c_dJ45ZHmT2TOh1mw65yrvruM--RfsZ4X0oP-qzrXR6J1S1wy9nj&sai=AMfl-YS6Qrcko9_lV8fUcGulwzmE4-_ADopS52UlcNQGkls7ZY6eR0TY3t-dq65p_r3trJ0aLe_6y0tk2mwIapYPBR9OFK-hpz7ZXcJot-7bRx0n2VXut_y8m6b6qMBTZ7dD&sig=Cg0ArKJSzPXrEwQBRyTREAE&cid=CAASPeRoXo4c5mg6-K6A3NXBV-P4cKQ4DwvfdC5yVEf1w9Kv1lycPCTywh8DLRDO3YXqEeA46vhRNfAZK_0lLf0&id=osdim&mcvt=1189&p=663,1075,1263,1375&mtos=0,1189,1189,1189,1189&tos=0,1189,0,0,0&v=20210210&bin=7&avms=nio&bs=0,0&mc=0.89&if=1&app=0&itpl=20&adk=2278927287&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1613411429528&dlt=31&rpt=0&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 376A 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 15 Feb 2021 14:48:46 GMT
expires: Tue, 15 Feb 2022 14:48:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10905
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 e3e6c2b7.jpg
s0.2mdn.net/4720433/1607533449862/images/ Frame CEB6 9 KB
9 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4720433/1607533449862/images/e3e6c2b7.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4720433/1607533449862/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a4b7921a535cfefd0cc9387f30fa8a852249a84aa509d4e4f6d707ecd6567bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4720433/1607533449862/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 22:07:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 Dec 2020 17:04:10 GMT
server: sffe
age: 70990
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9331
x-xss-protection: 0
expires: Mon, 15 Feb 2021 22:07:21 GMT

GET
H3-Q050 200 3d3d6490.png
s0.2mdn.net/4720433/1607533449862/images/ Frame CEB6 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4720433/1607533449862/images/3d3d6490.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4720433/1607533449862/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

263cdb21b4793bf236111dd8b5b839ab92268532c469c0cdb9e4cdb3066b0bfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4720433/1607533449862/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 22:07:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 Dec 2020 17:04:10 GMT
server: sffe
age: 70990
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2569
x-xss-protection: 0
expires: Mon, 15 Feb 2021 22:07:21 GMT

GET
H3-Q050 200 7fac3979.png
s0.2mdn.net/4720433/1607533449862/images/ Frame CEB6 3 KB
3 KB 9ms
7ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4720433/1607533449862/images/7fac3979.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4720433/1607533449862/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77228179c90f1df7d2899e4a83369af39fc7f84472e3758c2ad6b22813a2678d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4720433/1607533449862/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 16:19:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 Dec 2020 17:04:10 GMT
server: sffe
age: 5463
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3268
x-xss-protection: 0
expires: Tue, 16 Feb 2021 16:19:28 GMT

GET
H3-Q050 200 c49c7e6f.png
s0.2mdn.net/4720433/1607533449862/images/ Frame CEB6 6 KB
6 KB 10ms
8ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4720433/1607533449862/images/c49c7e6f.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4720433/1607533449862/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

563c5eff66f0c438c9576b188a003b5860596930ad5f368b1552f75a0200d371

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4720433/1607533449862/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 22:07:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 Dec 2020 17:04:10 GMT
server: sffe
age: 70990
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6259
x-xss-protection: 0
expires: Mon, 15 Feb 2021 22:07:21 GMT

GET
H3-Q050 200 23945c07.png
s0.2mdn.net/4720433/1607533449862/images/ Frame CEB6 6 KB
6 KB 8ms
7ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4720433/1607533449862/images/23945c07.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4720433/1607533449862/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e81b7dc1bd37349500dfebd560874872b8c38a2e54ac95afa114bebab559254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4720433/1607533449862/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 22:07:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 Dec 2020 17:04:10 GMT
server: sffe
age: 70990
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6591
x-xss-protection: 0
expires: Mon, 15 Feb 2021 22:07:21 GMT

GET
H3-Q050 200 22d0bc36.png
s0.2mdn.net/4720433/1607533449862/images/ Frame CEB6 17 KB
17 KB 9ms
7ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4720433/1607533449862/images/22d0bc36.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4720433/1607533449862/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c54ced20427b4963319aaaeb78af233a234162321c41eec6017a9d1ba40c31d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4720433/1607533449862/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 22:07:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 Dec 2020 17:04:09 GMT
server: sffe
age: 70990
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17271
x-xss-protection: 0
expires: Mon, 15 Feb 2021 22:07:21 GMT

GET
H3-Q050 200 2d82f6f6.png
s0.2mdn.net/4720433/1607533449862/images/ Frame CEB6 2 KB
2 KB 10ms
8ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4720433/1607533449862/images/2d82f6f6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4720433/1607533449862/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da9ad85b06cb9c691fd6ada15b0b5e490a757f10be640e2d9baa07169d0c7e12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4720433/1607533449862/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 05:55:29 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 Dec 2020 17:04:10 GMT
server: sffe
age: 42902
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1758
x-xss-protection: 0
expires: Tue, 16 Feb 2021 05:55:29 GMT

GET
H3-Q050 200 e06b191b.png
s0.2mdn.net/4720433/1607533449862/images/ Frame CEB6 2 KB
3 KB 10ms
8ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4720433/1607533449862/images/e06b191b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4720433/1607533449862/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ce5deeb309b9a633466cd6cd488196e9fc8aaf8b8f55e0711cea0f6c51b8fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4720433/1607533449862/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 23:08:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 Dec 2020 17:04:09 GMT
server: sffe
age: 67300
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2546
x-xss-protection: 0
expires: Mon, 15 Feb 2021 23:08:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F87D 4 KB
754 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=86781900196382800710164011506028&a=3cf9cfc5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e203332bdb8a0c387ae96935481aee57996419bc60598b9162b841d7bbd9ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hal900028.redintelligence.net/request_content.php?s=86781900196382800710164011506028&a=3cf9cfc5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Feb 2021 16:29:13 GMT
server: ESF
date: Mon, 15 Feb 2021 17:50:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Feb 2021 17:50:31 GMT

GET
H2

200

CHUNKY_120x60.jpg
www.adtracker.ch/upload/modissa/chunky/ Frame F87D
Redirect Chain

https://cct.connects.ch/tb.php?t=116827V1869151989B&subid=86781900196382800710164011506028
https://www.adtracker.ch/upload/modissa/chunky/CHUNKY_120x60.jpg

10 KB
11 KB

99ms
19ms

Image
image/jpeg

5.148.168.135
NINE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.adtracker.ch/upload/modissa/chunky/CHUNKY_120x60.jpg
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=86781900196382800710164011506028&a=3cf9cfc5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.148.168.135 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: adresult08.nine.ch
Software: Apache /
Resource Hash: 6c15543164017966f4b8c08377fc6612665682030fd83a4696bc6640daa9cd16

Request headers

Referer: https://hal900028.redintelligence.net/request_content.php?s=86781900196382800710164011506028&a=3cf9cfc5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:31 GMT
last-modified: Tue, 26 Jan 2021 10:54:16 GMT
server: Apache
accept-ranges: bytes
etag: "295e-5b9cb79ca4708"
content-length: 10590
content-type: image/jpeg

Redirect headers

location: https://www.adtracker.ch/upload/modissa/chunky/CHUNKY_120x60.jpg
date: Mon, 15 Feb 2021 17:50:31 GMT
x-content-type-options: nosniff
server: nginx
accept-ranges: bytes
x-xss-protection: 1; mode=block
content-type: image/gif

GET
H2

200

120x60px_Linsenkontakt_a.png
www.linsenkontakt.ch/banner/ Frame F87D
Redirect Chain

https://www.awin1.com/cshow.php?s=2347560&v=14114&q=358322&r=414915&pref1=86781900196382800710164011506028&pv=0
https://www.linsenkontakt.ch/banner/120x60px_Linsenkontakt_a.png

73 KB
60 KB

42ms
15ms

Image
image/png

2a00:d70:0:b:2002:0:d91a:365b
HOSTPOINT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.linsenkontakt.ch/banner/120x60px_Linsenkontakt_a.png
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=86781900196382800710164011506028&a=3cf9cfc5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:d70:0:b:2002:0:d91a:365b , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
Software: Apache /
Resource Hash: 7e473ad8e516170972fbe5c4760bf81cfcae18b065d87651ac534509daf29824

Request headers

Referer: https://hal900028.redintelligence.net/request_content.php?s=86781900196382800710164011506028&a=3cf9cfc5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:31 GMT
content-encoding: gzip
last-modified: Mon, 15 Jan 2018 10:58:54 GMT
server: Apache
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate
accept-ranges: bytes
expires: Wed, 17 Mar 2021 17:50:31 GMT

Redirect headers

Date: Mon, 15 Feb 2021 17:50:31 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.linsenkontakt.ch/banner/120x60px_Linsenkontakt_a.png
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame F87D 79 KB
79 KB 117ms
44ms Image
image/png 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=86781900196382800710164011506028&a=3cf9cfc5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e48f7de9f4f0a098fc743d477ffc95125f081ca426964b11a20460a6471c4e4e

Request headers

Referer: https://hal900028.redintelligence.net/request_content.php?s=86781900196382800710164011506028&a=3cf9cfc5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A73D 0
470 B 42ms
39ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByLp_ZLQqYMX0FteUgQfe5ZWgCgAAAAA4AeAEAg&bg=!GxilGFvNAAWP4B5EjzsAKQB2-DxawfukxR6adQvpWOHUcX6lXpQxU4n_NhuilHEBt4EuG_426WjXAgAABGFSAAABOGgBBwoARXJ8lS0uJHFgeZRPRemK_gbo9M1f4Xnp3l00MMR-0tt-Xrl1ATHZm_ovmim9sMQIggzIGa0q53qO0cNX0qr5LDMibuClD5kCeTW_2z09gk_Y4ICrN_jIl8fD5EKWV4sVBVAkA-AALraWmNBLIETaUL79FNPpYZsMGEo0wrLCXZFcELOXSmB8PmlSzzeD7b4lGb0-iCc4Qt3NWP8rQrwGfvTEudO9T0gV8AJh5-b6gNHe34z95JreAdqnk22KdOgeVdi5LoCEZiZqWsA56dqBpbgI6KAJ2h1Z5c71TPJj7Ba7qev2gNx-cu5FrAoorNmnJ0k7HVpnCytDSYAzuAVu3hlIfWR_3uQrQ2ZQTEwgrJws9AeQlMCXI6kvO55PYLRqs6VxvFEBtU2L4cdZ4Kow1shUSL_7fNfDDP8k_-pIq7Vwij9xKmQiQsyJGll-DvHF14aY0Qa7qGvfLjtfdW3K1ULm7m7jgkpEyaMvzVxpoQ29-7hZHs0awmui-Z0tcyYKLGG-cOS8iG_PmhYMoK-dx0QKIPN6mX2AdpWLx9grxjZQJadpwtjNlaCSHiGtLAM15bVLRPQwPAPlUN-lFMYVRKzidMG--5gzq6f8KU7LGJ3rggcSpJo9kJGodp4renU64ZuPjPQR371paOI7Wt5_rOiZNfZPUbY3CwUcMZHlZD57fCm2O2bWGKM05HaWizagNRxLrx6vWM_VdoqBFe-0bOZBeaqIlI1AUXJLC7NmMp_no4BpAXuyfMZVEJhKn5nXfAXEowS87ZvG_Ber3NrYt9_zixWR-L0IKXLbFreatyHbIEg2ZXfpD1ryb5m3RKN50CxSHEjYQMp2pI8QzuMCBPo96aMgNfYzx6-YjLEPLrZ3afjnnAtUDIixP9zJU7dfzxlSfi3eimnLsSnUBdJ5t5YskHMktUulFpbi62Lkkom9zQ

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F3B 0
23 B 41ms
41ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUbdHZLQqYNTyFteUgQfe5ZWgCgAAAAA4AeAEAg&bg=!MjGlMXLNAAWP4B5EjzsAKQB2-DxaZD9rxWdFu-qSatbSPvzF8QJUF1ZmBSBpCXD6sBX1k1x0x_-BAgAABFRSAAABPGgBB5kCenPMBrq-Ls4XoRCKxt_bJxhmqPUz5ANRJVa8SRXcIAj-1G1Ql4S53CPHRHbqHWP9c9XtiZeO6zzNqeGFCZFllTGhlhpoZT399JsJvDHpxOHQcqUhxTGoJebR_U3FbRGQSwEt6u0W6eaPfQLP9GPOD72i5rHYwF-NH6H2UiElj0DUo5hoMCOUMcDYbwXO34Cut0M506csX0fkxEC_bHZT8GxteNfZrRedAi0aiTgkd6nsgTbNgx8mgwYkkpQcEIih8wNndE48-TCGY6xPMXjbFX_kR8y33tkZ9gUrdqmPvzOuEVEPNm-OoPflHMxBYUkrBb3YxvJlC5UgtSNcMGMwVKADM86TyK0FbI37k8RKD3u_AJjIi4mt-lycrH4guxQ29WpG_JeQ2zW-AdPyUFt1YYd9LBG087arwYWUCCuWBhjDpnAb4ROqDRJIRhrm2sCadYjc6mj2hkKPUR5f8tlFqEMwhM7_4Y5F9orQD-yysCAMNBnxCYseNmX8Fs7F5dSAAEeAiESM00hxlkneepKA7cxbSaiKTbUbOSm4d-Hma5Chqnx3NzWXW2TmN-X629N6Z512fQDEwfr9KhwC45fagRdjY2WBPqvF49qTv-CjmC8EFoF2nEfcI3xgJNiJla_Rw1HgI4zCD02lkm7NDaFJsI4-jbrCsagQn0JrNqkq_rE36rZjjYxxrmocyepvZRrg8V7AzxpXBTrO_8Ld3fHdJ2az_r9vEftvZQDJDb-SJA7DlKWZd5rtNqkqmAhXjdGuTT7hZtNu2-_kK4FR5WZhKxAMzyHzZc9u7f8q6X2BLSWzBPZO0D6apjQ_OVtNGcGyP_cbdtBaTM27Zho

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5259 0
23 B 41ms
41ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6UuxZLQqYKT2FteUgQfe5ZWgCgAAAAA4AeAEAg&bg=!paalpuXNAAWP4B5EjzsAKQB2-Dxau8Jv52SAGC2fSbqkmQurG8GPMu4Kh7PDJgQzIFLkPjYmwVCHAgAABFhSAAABOmgBBwoA_Tv-H0j7Qdq2iOa330KMvBYArHfR17BbsXHh5SLuIOwWjuYrwN6f5fTdDRUZf7trVTB-4OPftooHghO0ksp98umiCeXhcREHCz-bpkXE0yejjS_wgvbkhSHggcCnl5QX6h6O9xQvMPqbk6r9CXqKcntfAFlSFXMLnOMgheYr3loQaTW4a1C1_TIrZsmV-i4KqmaxPluUyIkFud6KmDaHR1a_B1ic_p-A1lv4X0qkiYLOLiObIoo36UpYoLqI4o9co4rEFrIpTEVO56bZ5vUAgYVGIXHgiGyBNQ-VESsk6pK7Y6zlnoP3IQbwS2ujx4GIEYC9XaltkmZDra2BPoeZAnizSw59EVuyeVTuz_lbp0G6tZqlXSAQ3ihqdkAhVUODT9yBOPm8fYK-D39PIXE-SUxHDQBQErkiHybdJ_vHbZDLJYBB8-FmH8NhLtAJFkdVbrPBlO_8E15OVTKckDwBMoipcNTRflh5blF8PGY8dv8OJl_8RWdTJn8kD4il4de7j-P3bwwxXOSdrvwCJ0TJO3fkWuO1BwDW1ITW6bFhLpQUz0l-ywwoAPZ1_yNqj4w9wud-VsypcRGxCWr5a1aajIAU0GXbyBHbzvClTw-Z1oQkIfC9KFtRsQO6NtDo5GO-5nMsDovtfCVWFYt9l5UoPIcytKjlFmACju075I8HXqJp80jIfDUUEpA_kkO_nf-A-FafCqBYFt6fl47bnUvoLeJZQE3xob_vwLTZPPAIg8JeXUGUKzf-lkXE4Jgzbep0AtuKxTpUZ2Kizqc1Vy6p26gLIG-z6VJBW5C0N1ylGTfjNG1WYgdFcVtJWcYZKXXRX50RLT9GWJHc_twTNsr4nfdxoShq607G0HFMxBYX4EpAWONYWRvOY5YR9is8vZmiZCU8H3lTuL3xwzE3b9aWqjSiRghpd819OBCRwi8xLvxVLMKRifKM78thGmtX2-nxmeaFdCsMcI61KgCQgT6dKcikofBK_ZFShI8lZqDuYify33qnsNpK4U9C-ZyqjyUxfcmW1WiI6F_LijSaS_Gf15IniRH0R1O4NVk_32sz-QiO8Lm1IKLEhPmTJXOetnTDnh6CxLdGT8-pvvCFtTCAsqy7B878YMU1hKP8a5Pjt97a1YMspg4mzjqIj0Z635WImhZJ3ttfx8RQES2yMakXruipIJG4BCWdFw

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 75D2 1 KB
449 B 43ms
29ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=15486100244936000710152011506001&a=a495ecc0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4127355ac290363de8507cea422bf5505963d5334ff120e908bc21b35df1287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hal90001.redintelligence.net/request_content.php?s=15486100244936000710152011506001&a=a495ecc0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Feb 2021 17:17:12 GMT
server: ESF
date: Mon, 15 Feb 2021 17:50:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Feb 2021 17:50:31 GMT

GET
H2

200

CHUNKY_120x60.jpg
www.adtracker.ch/upload/modissa/chunky/ Frame 75D2
Redirect Chain

https://cct.connects.ch/tb.php?t=116827V1869151989B&subid=15486100244936000710152011506001
https://www.adtracker.ch/upload/modissa/chunky/CHUNKY_120x60.jpg

10 KB
10 KB

19ms
19ms

Image
image/jpeg

5.148.168.135
NINE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.adtracker.ch/upload/modissa/chunky/CHUNKY_120x60.jpg
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=15486100244936000710152011506001&a=a495ecc0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.148.168.135 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: adresult08.nine.ch
Software: Apache /
Resource Hash: 6c15543164017966f4b8c08377fc6612665682030fd83a4696bc6640daa9cd16

Request headers

Referer: https://hal90001.redintelligence.net/request_content.php?s=15486100244936000710152011506001&a=a495ecc0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:31 GMT
last-modified: Tue, 26 Jan 2021 10:54:16 GMT
server: Apache
accept-ranges: bytes
etag: "295e-5b9cb79ca4708"
content-length: 10590
content-type: image/jpeg

Redirect headers

location: https://www.adtracker.ch/upload/modissa/chunky/CHUNKY_120x60.jpg
date: Mon, 15 Feb 2021 17:50:31 GMT
x-content-type-options: nosniff
server: nginx
accept-ranges: bytes
x-xss-protection: 1; mode=block
content-type: image/gif

GET
H2

200

120x60px_Linsenkontakt_a.png
www.linsenkontakt.ch/banner/ Frame 75D2
Redirect Chain

https://www.awin1.com/cshow.php?s=2347560&v=14114&q=358322&r=414915&pref1=15486100244936000710152011506001&pv=0
https://www.linsenkontakt.ch/banner/120x60px_Linsenkontakt_a.png

73 KB
60 KB

15ms
14ms

Image
image/png

2a00:d70:0:b:2002:0:d91a:365b
HOSTPOINT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.linsenkontakt.ch/banner/120x60px_Linsenkontakt_a.png
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=15486100244936000710152011506001&a=a495ecc0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:d70:0:b:2002:0:d91a:365b , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
Software: Apache /
Resource Hash: 7e473ad8e516170972fbe5c4760bf81cfcae18b065d87651ac534509daf29824

Request headers

Referer: https://hal90001.redintelligence.net/request_content.php?s=15486100244936000710152011506001&a=a495ecc0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:31 GMT
content-encoding: gzip
last-modified: Mon, 15 Jan 2018 10:58:54 GMT
server: Apache
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate
accept-ranges: bytes
expires: Wed, 17 Mar 2021 17:50:31 GMT

Redirect headers

Date: Mon, 15 Feb 2021 17:50:31 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.linsenkontakt.ch/banner/120x60px_Linsenkontakt_a.png
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 75D2 17 KB
17 KB 113ms
42ms Image
image/png 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=15486100244936000710152011506001&a=a495ecc0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 54ba4ec827a361281cd0823752e458be5ef4e670a0833e5b96468e23c068cbf7

Request headers

Referer: https://hal90001.redintelligence.net/request_content.php?s=15486100244936000710152011506001&a=a495ecc0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:31 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16857
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 AwMtC3La-31852314.mp4-8.ts Show response
videos-cloudflare.jwpsrv.com/content/conversions/pLhE9KGt/videos/ 100 KB
101 KB 34ms
33ms XHR
video/mp2t 2606:4700::6812:da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-cloudflare.jwpsrv.com/content/conversions/pLhE9KGt/videos/AwMtC3La-31852314.mp4-8.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.18.4/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ac45ba7390d5dc1901dadd50c4a8e45e0e377941eb30a0bd2e847efca3c8e78

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:31 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
x-backend: https://s3-external-1.amazonaws.com
age: 48477
x-cache: HIT, HIT
fastly-stats: otfp=1
content-length: 102648
cf-request-id: 084869ccf20000175a711c8000000001
x-served-by: cache-bwi5148-BWI, cache-fra19135-FRA
access-control-allow-origin: *
server: cloudflare
x-timer: S1613362955.641855,VS0,VE1
etag: "e3uUXCtR-GQvChhlPC0Yex_VThB02vojZ2ygXY5q4Mw2nXaO1eSxvjLFCUXJvvbLArQHjj5bCnAfA3NCZGvCUUwmbg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: video/mp2t
x-fastly-otfp-info: ss=28.000 sl=2.280 vl=30.280 rs=320x180
accept-ranges: bytes
cf-ray: 6220df27ece6175a-FRA
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame EADB
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFwVDN0s0RxxjeC0L4Nj4hU&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFwVDN0s0RxxjeC0L4Nj4hU&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S2FYTTg1c3ExTGJJMTE1&google_gid=CAESEFwVDN0s0RxxjeC0L4Nj4hU&google_cver=1&google_push=AQvitUISxN53o94uqgNOGEK5ZAA41xD9LVDByCStrtSrEm6...

170 B
190 B

17ms
17ms

Image
image/png

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S2FYTTg1c3ExTGJJMTE1&google_gid=CAESEFwVDN0s0RxxjeC0L4Nj4hU&google_cver=1&google_push=AQvitUISxN53o94uqgNOGEK5ZAA41xD9LVDByCStrtSrEm64l95latdHfk6j0046HkZ6QTKFc4e2xwnztHyn1NbCAWA3rMIDZTL0

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:30 GMT
Server: PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-015d5badb48c29580@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S2FYTTg1c3ExTGJJMTE1&google_gid=CAESEFwVDN0s0RxxjeC0L4Nj4hU&google_cver=1&google_push=AQvitUISxN53o94uqgNOGEK5ZAA41xD9LVDByCStrtSrEm64l95latdHfk6j0046HkZ6QTKFc4e2xwnztHyn1NbCAWA3rMIDZTL0
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame EADB
Redirect Chain

https://px.adhigh.net/p/gm/rub?google_gid=CAESEFcTLuqCOUiNYnKVNYxadOA&google_cver=1&google_push=AQvitUKBhpEoaxgFsjeoRMopaOgy8K1_Ai4HwpgEQHZ7j7dBBdHmJ9Zi6nnYLb_qQ95lYEJZiPiqYWs7373dw3tN84a0wgDeHx3-4g
https://px.adhigh.net/p/gm/rub?google_gid=CAESEFcTLuqCOUiNYnKVNYxadOA&google_cver=1&google_push=AQvitUKBhpEoaxgFsjeoRMopaOgy8K1_Ai4HwpgEQHZ7j7dBBdHmJ9Zi6nnYLb_qQ95lYEJZiPiqYWs7373dw3tN84a0wgDeHx3-4...
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AQvitUKBhpEoaxgFsjeoRMopaOgy8K1_Ai4HwpgEQHZ7j7dBBdHmJ9Zi6nnYLb_qQ95lYEJZiPiqYWs7373dw3tN84a0wgDeHx3-4g&google_hm=ZOjq8bM-LosAAikABlF3p...

170 B
213 B

17ms
16ms

Image
image/png

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AQvitUKBhpEoaxgFsjeoRMopaOgy8K1_Ai4HwpgEQHZ7j7dBBdHmJ9Zi6nnYLb_qQ95lYEJZiPiqYWs7373dw3tN84a0wgDeHx3-4g&google_hm=ZOjq8bM-LosAAikABlF3ptB3Gw%3D%3D

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:15 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f20-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AQvitUKBhpEoaxgFsjeoRMopaOgy8K1_Ai4HwpgEQHZ7j7dBBdHmJ9Zi6nnYLb_qQ95lYEJZiPiqYWs7373dw3tN84a0wgDeHx3-4g&google_hm=ZOjq8bM-LosAAikABlF3ptB3Gw%3D%3D
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 google
pix.impdesk.com/csync/ Frame EADB 0
86 B 73ms
32ms Image
text/plain 35.244.147.96
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.impdesk.com/csync/google?google_gid=CAESEO70HxL77wpwm1wBnfLY0WE&google_cver=1&google_push=AQvitULOWCSDq1PHrVOZrT5gpwm-vSNE9uyhKHcN2yR72PXyfVpYjpE-Po_gnSYgI6GdZDxwgy5CDwI-ZuksAZfq5l8OAJUbN2xr
Requested by: Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.147.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.147.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:31 GMT
via: 1.1 google
cache-control: public, max-age=31536000
alt-svc: clear
vary: Origin

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame EADB
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDtFaHDKME7Ba6h4pmfdt_M&google_cver=1&google_push=AQvitUKZzCVbQHTsffUAcYKma-M5AGEg1ZDnIR0_c4Hk6e7ny2i-xGvlkJYGouQOEl_TBRb_hkM...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0w2VklDN08tRS1NRTVI&google_push=AQvitUKZzCVbQHTsffUAcYKma-M5AGEg1ZDnIR0_c4Hk6e7ny2i-xGvlkJYGouQOEl_TBRb_hkMTaF3hnZgatqgYMZtMN2IJoOQ-kA

170 B
201 B

17ms
17ms

Image
image/png

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0w2VklDN08tRS1NRTVI&google_push=AQvitUKZzCVbQHTsffUAcYKma-M5AGEg1ZDnIR0_c4Hk6e7ny2i-xGvlkJYGouQOEl_TBRb_hkMTaF3hnZgatqgYMZtMN2IJoOQ-kA

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0w2VklDN08tRS1NRTVI&google_push=AQvitUKZzCVbQHTsffUAcYKma-M5AGEg1ZDnIR0_c4Hk6e7ny2i-xGvlkJYGouQOEl_TBRb_hkMTaF3hnZgatqgYMZtMN2IJoOQ-kA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame EADB
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEPbI5MCkxqK2ySSVVd4ormI&google_cver=1&google_push=AQvitULssGrKtVa31M5ovMY0fjfdNhKWjRy_H4HNlIV__oixv62Atu_qBlXkmNvd5QjA80yEvtnyeNTV_Pr1nTyEtzT6QN...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEPbI5MCkxqK2ySSVVd4ormI&google_cver=1&google_push=AQvitULssGrKtVa31M5ovMY0fjfdNhKWjRy_H4HNlIV__oixv62Atu_qBlXkmNvd5QjA80yEvtnyeNTV_Pr1nTyE...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=EhMl2MiPSO66QQkxHymHbA&google_push=AQvitULssGrKtVa31M5ovMY0fjfdNhKWjRy_H4HNlIV__oixv62Atu_qBlXkmNvd5QjA80yEvtnyeNTV_Pr1nTy...

170 B
190 B

17ms
16ms

Image
image/png

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=EhMl2MiPSO66QQkxHymHbA&google_push=AQvitULssGrKtVa31M5ovMY0fjfdNhKWjRy_H4HNlIV__oixv62Atu_qBlXkmNvd5QjA80yEvtnyeNTV_Pr1nTyEtzT6QNpdiFVblw

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=EhMl2MiPSO66QQkxHymHbA&google_push=AQvitULssGrKtVa31M5ovMY0fjfdNhKWjRy_H4HNlIV__oixv62Atu_qBlXkmNvd5QjA80yEvtnyeNTV_Pr1nTyEtzT6QNpdiFVblw
date: Mon, 15 Feb 2021 17:50:31 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame EADB
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEAixW4KEfoAwMR9WHUqkhBc&google_cver=1&google_push=AQvitUJnDIGpGaD_u95MB0Nfi_FicvAL9uSEMq8uZKIwXAcmTqCo9UqEqnoE4jx7Ys78kjjbcgWksXq8H0RsV6ZY2tdKJEi_9tUG
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjU2NDEzMDMxNTM0ODMyMzAwMFYxMA%3d%3d&mn_hm=MjU2NDEzMDMxNTM0ODMyMzAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUJnDIGpGaD_u95MB0Nfi_FicvA...

170 B
190 B

17ms
15ms

Image
image/png

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjU2NDEzMDMxNTM0ODMyMzAwMFYxMA%3d%3d&mn_hm=MjU2NDEzMDMxNTM0ODMyMzAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUJnDIGpGaD_u95MB0Nfi_FicvAL9uSEMq8uZKIwXAcmTqCo9UqEqnoE4jx7Ys78kjjbcgWksXq8H0RsV6ZY2tdKJEi_9tUG

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:31 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjU2NDEzMDMxNTM0ODMyMzAwMFYxMA%3d%3d&mn_hm=MjU2NDEzMDMxNTM0ODMyMzAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUJnDIGpGaD_u95MB0Nfi_FicvAL9uSEMq8uZKIwXAcmTqCo9UqEqnoE4jx7Ys78kjjbcgWksXq8H0RsV6ZY2tdKJEi_9tUG
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html
Content-Length: 154
X-MNET-HL2: E
Expires: Mon, 15 Feb 2021 17:50:31 GMT

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame EADB 0
43 B 15ms
14ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JREX1txiJxU-xKsvVlNjNmyaX38i4y_XWolZQxnNtVKMW3Gq2kwbUiTk2G1xSPNg

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:31 GMT
server: HTTP server (unknown)
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 5188 1 KB
865 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=31603600207147300710152011506012&a=91dcff08

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4127355ac290363de8507cea422bf5505963d5334ff120e908bc21b35df1287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hal900012.redintelligence.net/request_content.php?s=31603600207147300710152011506012&a=91dcff08
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Feb 2021 16:50:44 GMT
server: ESF
date: Mon, 15 Feb 2021 17:50:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Feb 2021 17:50:31 GMT

GET
H2

200

pied120x60.jpg
www.adtracker.ch/upload/Zizzz/Bilder/ Frame 5188
Redirect Chain

https://cct.connects.ch/tb.php?t=116827V1410150335B&subid=31603600207147300710152011506012
https://www.adtracker.ch/upload/Zizzz/Bilder/pied120x60.jpg

37 KB
37 KB

23ms
22ms

Image
image/jpeg

5.148.168.135
NINE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.adtracker.ch/upload/Zizzz/Bilder/pied120x60.jpg
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=31603600207147300710152011506012&a=91dcff08
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.148.168.135 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: adresult08.nine.ch
Software: Apache /
Resource Hash: 2bcf26566211c926eec5d81ca2fd779f373a765c0a1555f6e05fdc6d783b9efe

Request headers

Referer: https://hal900012.redintelligence.net/request_content.php?s=31603600207147300710152011506012&a=91dcff08
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:31 GMT
last-modified: Fri, 27 Sep 2019 13:57:59 GMT
server: Apache
accept-ranges: bytes
etag: "949c-5938946199073"
content-length: 38044
content-type: image/jpeg

Redirect headers

location: https://www.adtracker.ch/upload/Zizzz/Bilder/pied120x60.jpg
date: Mon, 15 Feb 2021 17:50:31 GMT
x-content-type-options: nosniff
server: nginx
accept-ranges: bytes
x-xss-protection: 1; mode=block
content-type: image/gif

GET
H2

200

120x060fr.gif
www.conrad.ch/affiliate/banner/classic/ Frame 5188
Redirect Chain

https://www.awin1.com/cshow.php?s=2246541&v=11482&q=346449&r=414915&pref1=31603600207147300710152011506012&pv=0
https://www.conrad.ch/affiliate/scripts/aktionsbanner/cch_initialise_affiliate_banner.php?width=120&height=060&language=fr
https://www.conrad.ch/affiliate/banner/classic/120x060fr.gif

4 KB
4 KB

24ms
24ms

Image
image/webp

2606:4700::6812:d25f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.ch/affiliate/banner/classic/120x060fr.gif

Requested by

Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=31603600207147300710152011506012&a=91dcff08

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d25f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

763a6a8cadde20703ef872684cd59884720256402bc12966e8fa380f4cfd8be0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://hal900012.redintelligence.net/request_content.php?s=31603600207147300710152011506012&a=91dcff08
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:31 GMT
vary: Accept
cf-cache-status: HIT
age: 5607
cf-polished: origFmt=gif, origSize=5872
p3p: policyref="http://www.conrad.ch/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
content-disposition: inline; filename="120x060fr.webp"
server-timing: intid;desc=43006572ae3aad3f
content-length: 3948
cf-request-id: 084869ce1300004a8694948000000001
last-modified: Wed, 26 Feb 2020 09:03:54 GMT
server: cloudflare
etag: "16f0-59f76e23b9b07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: image/webp
accept-ranges: bytes
cf-ray: 6220df29b9724a86-FRA
cf-bgj: imgq:85,h2pri

Redirect headers

date: Mon, 15 Feb 2021 17:50:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
age: 71
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
p3p: policyref="http://www.conrad.ch/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
location: https://www.conrad.ch/affiliate/banner/classic/120x060fr.gif
server-timing: intid;desc=acd1dc202d0c7965, intid;desc=846f65c268a25b4c
cf-ray: 6220df28cec74a86-FRA
content-type: text/html; charset=UTF-8
cf-request-id: 084869cd8200004a8623927000000001

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 5188 11 KB
11 KB 111ms
42ms Image
image/png 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/21659/creativesup/1200x627_Aline.jpg
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=31603600207147300710152011506012&a=91dcff08
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 68454eb46a5dcf67b286a612483d2ac8c73512a448477fa9401606de426a8ca8

Request headers

Referer: https://hal900012.redintelligence.net/request_content.php?s=31603600207147300710152011506012&a=91dcff08
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:31 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 11072
Vary: Accept-Encoding
Content-Type: image/png

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 4D72 4 KB
680 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=71761100242143300710156011506017&a=cdb2c97d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e203332bdb8a0c387ae96935481aee57996419bc60598b9162b841d7bbd9ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hal900017.redintelligence.net/request_content.php?s=71761100242143300710156011506017&a=cdb2c97d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Feb 2021 16:22:42 GMT
server: ESF
date: Mon, 15 Feb 2021 17:50:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Feb 2021 17:50:31 GMT

GET
H2

200

Logo120x60.jpg
www.adtracker.ch/upload/haushobby/banner/Logo/ Frame 4D72
Redirect Chain

https://cct.connects.ch/tb.php?t=116827V1507143181B&subid=71761100242143300710156011506017
https://www.adtracker.ch/upload/haushobby/banner/Logo/Logo120x60.jpg

3 KB
3 KB

34ms
34ms

Image
image/jpeg

5.148.168.135
NINE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.adtracker.ch/upload/haushobby/banner/Logo/Logo120x60.jpg
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=71761100242143300710156011506017&a=cdb2c97d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.148.168.135 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: adresult08.nine.ch
Software: Apache /
Resource Hash: eb18d854b15239fc134d2015b2f97e5470e2030ee0ddfd8a8ad2360acb8896e8

Request headers

Referer: https://hal900017.redintelligence.net/request_content.php?s=71761100242143300710156011506017&a=cdb2c97d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:31 GMT
last-modified: Wed, 09 Jan 2019 07:40:16 GMT
server: Apache
accept-ranges: bytes
etag: "bc9-57f0192ac1800"
content-length: 3017
content-type: image/jpeg

Redirect headers

location: https://www.adtracker.ch/upload/haushobby/banner/Logo/Logo120x60.jpg
date: Mon, 15 Feb 2021 17:50:31 GMT
x-content-type-options: nosniff
server: nginx
accept-ranges: bytes
x-xss-protection: 1; mode=block
content-type: image/gif

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 4D72 7 KB
7 KB 114ms
43ms Image
image/png 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/5217/creativesup/1200x627_Vika.jpg
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=71761100242143300710156011506017&a=cdb2c97d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 0c05d15626c1f368097607b5fd1988b535f51bfad242bc8043cad906b220e98b

Request headers

Referer: https://hal900017.redintelligence.net/request_content.php?s=71761100242143300710156011506017&a=cdb2c97d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:31 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 7290
Vary: Accept-Encoding
Content-Type: image/png

GET
H2

200

Conrad_Logo_120x60.jpg
www.conrad.ch/affiliate/banner/logos_b2c/ Frame 4D72
Redirect Chain

https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=71761100242143300710156011506017&pv=0
https://www.conrad.ch/affiliate/banner/logos_b2c/Conrad_Logo_120x60.jpg

2 KB
2 KB

17ms
17ms

Image
image/webp

2606:4700::6812:d25f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.ch/affiliate/banner/logos_b2c/Conrad_Logo_120x60.jpg

Requested by

Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=71761100242143300710156011506017&a=cdb2c97d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d25f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6674a49a1ce0f1098025614223daf6d76c9c32bdfe76b3bcf1134122cb380c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://hal900017.redintelligence.net/request_content.php?s=71761100242143300710156011506017&a=cdb2c97d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:31 GMT
vary: Accept
cf-cache-status: HIT
age: 4908
cf-polished: qual=85, origFmt=jpeg, origSize=5461
p3p: policyref="http://www.conrad.ch/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
content-disposition: inline; filename="Conrad_Logo_120x60.webp"
server-timing: intid;desc=05fb2f1df8af5fa5
content-length: 1606
cf-request-id: 084869cd8400004a869fa99000000001
last-modified: Wed, 26 Feb 2020 09:03:45 GMT
server: cloudflare
etag: "1555-59f76e1b8c5ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: image/webp
accept-ranges: bytes
cf-ray: 6220df28ded94a86-FRA
cf-bgj: imgq:85,h2pri

Redirect headers

Date: Mon, 15 Feb 2021 17:50:31 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.ch/affiliate/banner/logos_b2c/Conrad_Logo_120x60.jpg
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame F31B 0
22 B 43ms
42ms Other
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK viewability Show response
hal900028.redintelligence.net/ Frame F87D 0
150 B 113ms
37ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/viewability?s=86781900196382800710164011506028&a=6f6d59f6&vb=m
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=86781900196382800710164011506028&a=3cf9cfc5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900028.redintelligence.net/request_content.php?s=86781900196382800710164011506028&a=3cf9cfc5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:31 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame F87D 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hal900028.redintelligence.net
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 19:24:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:16 GMT
server: sffe
age: 167143
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13108
x-xss-protection: 0
expires: Sun, 13 Feb 2022 19:24:48 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame F87D 13 KB
13 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hal900028.redintelligence.net
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 05:54:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 561359
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13324
x-xss-protection: 0
expires: Wed, 09 Feb 2022 05:54:32 GMT

GET
H2 200 montserrat-v14-latin-regular.woff2
www.parship.ch/static_app/parship/ Frame BE2F 19 KB
19 KB 56ms
55ms Font
application/octet-stream 2606:4700::6813:ba79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.ch/static_app/parship/montserrat-v14-latin-regular.woff2

Requested by

Host: www.parship.ch
URL: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.parship.ch
Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 26153
strict-transport-security: max-age=15552000
content-length: 19172
cf-request-id: 084869cd7700004a9e728d9000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 08 Feb 2021 11:41:17 GMT
server: cloudflare
etag: "6021235d-4ae4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6220df28b9a84a9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pegtracking_combined.js Show response
www.elitepartner.ch/static_cms/elitepartner/static/peg_utils/tracking/ Frame D329 55 KB
13 KB 27ms
27ms Script
application/x-javascript 2606:4700::6813:fb79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elitepartner.ch/static_cms/elitepartner/static/peg_utils/tracking/pegtracking_combined.js

Requested by

Host: www.elitepartner.ch
URL: https://www.elitepartner.ch/cms_lp/16/u/ht/index.html?pscode=03_120_60078_0001_0001_0001_empty_AF9306_414915_1613411431_4bec7211-6fb6-11eb-b15c-692d064d6d31ID_GV1613411424.5564004.47fb4834-6fb6-11eb-9148-00155d53a129ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:fb79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e170994ff3cde2f7782920f2e6930fa8ab8a65949535b16e076d4c711573de94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elitepartner.ch/cms_lp/16/u/ht/index.html?pscode=03_120_60078_0001_0001_0001_empty_AF9306_414915_1613411431_4bec7211-6fb6-11eb-b15c-692d064d6d31ID_GV1613411424.5564004.47fb4834-6fb6-11eb-9148-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 28198
strict-transport-security: max-age=15552000
cf-request-id: 084869cd8200004abda7bc1000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 01 Feb 2021 10:50:43 GMT
server: cloudflare
etag: W/"6017dd03-dd9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 6220df28cd0f4abd-FRA
expires: Tue, 16 Feb 2021 10:00:33 GMT

GET
H/1.1 200
OK viewability Show response
hal900012.redintelligence.net/ Frame 5188 0
150 B 113ms
40ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/viewability?s=31603600207147300710152011506012&a=5be77b21&vb=m
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=31603600207147300710152011506012&a=91dcff08
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900012.redintelligence.net/request_content.php?s=31603600207147300710152011506012&a=91dcff08
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:31 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
hal90001.redintelligence.net/ Frame 75D2 0
150 B 111ms
39ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/viewability?s=15486100244936000710152011506001&a=a55e031d&vb=m
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=15486100244936000710152011506001&a=a495ecc0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90001.redintelligence.net/request_content.php?s=15486100244936000710152011506001&a=a495ecc0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:31 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 app_combined.css
www.parship.ch/static_app/parship/6.29.1/css/ Frame BE2F 557 KB
65 KB 31ms
30ms Stylesheet
text/css 2606:4700::6813:ba79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.ch/static_app/parship/6.29.1/css/app_combined.css

Requested by

Host: www.parship.ch
URL: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fdb81519d1097a29a788257f0afa5c2029e07c37917dbf8b8a2cfb520e99071

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 26141
strict-transport-security: max-age=15552000
cf-request-id: 084869cdb400004a9ea3108000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 08 Feb 2021 11:41:16 GMT
server: cloudflare
etag: W/"6021235c-8b4c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
cf-ray: 6220df291aff4a9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 modernizr_combined.js Show response
www.parship.ch/static_app/parship/6.29.1/js/ Frame BE2F 7 KB
3 KB 24ms
23ms Script
application/x-javascript 2606:4700::6813:ba79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.ch/static_app/parship/6.29.1/js/modernizr_combined.js

Requested by

Host: www.parship.ch
URL: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c701c8c825388bce66e7b88ae648ead12d822eacdd527275122d13d1a97989cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 26153
strict-transport-security: max-age=15552000
cf-request-id: 084869cdb400004a9ef83ac000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 08 Feb 2021 11:41:17 GMT
server: cloudflare
etag: W/"6021235d-1d28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=315360000
cf-ray: 6220df291b034a9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 peg_logger.js Show response
www.parship.ch/static_cms/parship/static/peg_utils/peg_logger/ Frame BE2F 11 KB
4 KB 16ms
16ms Script
application/x-javascript 2606:4700::6813:ba79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.ch/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js?v=6

Requested by

Host: www.parship.ch
URL: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cb87251629b2b163de1d7f1d20c65453ac26170909770c044cedf7f63fb0673

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 26154
strict-transport-security: max-age=15552000
cf-request-id: 084869ceee00004a9eac92e000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 09 Feb 2021 12:23:53 GMT
server: cloudflare
etag: W/"60227ed9-2bdb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 6220df2b18db4a9e-FRA
expires: Tue, 16 Feb 2021 10:34:38 GMT

GET
H2 200 base_combined.js Show response
www.parship.ch/static_app/parship/6.29.1/js/ Frame BE2F 100 KB
34 KB 27ms
27ms Script
application/x-javascript 2606:4700::6813:ba79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.ch/static_app/parship/6.29.1/js/base_combined.js

Requested by

Host: www.parship.ch
URL: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22e2d12b5bb8f9955039c9bc2b02308c176ffd7b3f93304d232076bcd51f7896

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 26154
strict-transport-security: max-age=15552000
cf-request-id: 084869cf1b00004a9e60a5b000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 08 Feb 2021 11:41:17 GMT
server: cloudflare
etag: W/"6021235d-18f72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=315360000
cf-ray: 6220df2b59bd4a9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app_combined.js Show response
www.parship.ch/static_app/parship/6.29.1/js/ Frame BE2F 453 KB
82 KB 36ms
35ms Script
application/x-javascript 2606:4700::6813:ba79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.ch/static_app/parship/6.29.1/js/app_combined.js

Requested by

Host: www.parship.ch
URL: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2ca6ce09258cca5101ae2044572537e942d84b30c29212f9816a99d6acf1017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 26154
strict-transport-security: max-age=15552000
cf-request-id: 084869cf4000004a9efea4f000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 08 Feb 2021 11:41:17 GMT
server: cloudflare
etag: W/"6021235d-715cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=315360000
cf-ray: 6220df2b9a634a9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ps_logo_2016.svg
www.parship.ch/static_cms/parship/static/webapp/img/logos/ Frame BE2F 2 KB
1 KB 22ms
21ms Image
image/svg+xml 2606:4700::6813:ba79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.parship.ch/static_cms/parship/static/webapp/img/logos/ps_logo_2016.svg

Requested by

Host: www.parship.ch
URL: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d09315233f53e15bdb0ec1e963544ea950ad9c1d18accd6fe12b6abeb63d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 26154
strict-transport-security: max-age=15552000
cf-request-id: 084869cf5c00004a9e799f4000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 16 Sep 2016 14:08:37 GMT
server: cloudflare
etag: W/"57dbfce5-95c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 6220df2bcafa4a9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pegtracking_combined.js Show response
www.parship.ch/static_cms/parship/static/peg_utils/tracking/ Frame BE2F 55 KB
13 KB 19ms
18ms Script
application/x-javascript 2606:4700::6813:ba79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.ch/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js?v=6

Requested by

Host: www.parship.ch
URL: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e170994ff3cde2f7782920f2e6930fa8ab8a65949535b16e076d4c711573de94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 26154
strict-transport-security: max-age=15552000
cf-request-id: 084869cf5c00004a9ea3139000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 01 Feb 2021 10:30:44 GMT
server: cloudflare
etag: W/"6017d854-dd9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 6220df2bcafd4a9e-FRA
expires: Tue, 16 Feb 2021 10:34:38 GMT

GET
H2 200 peg_external_modifier_combined.js Show response
www.parship.ch/static_cms/parship/static/peg_utils/peg_external_modifier/ Frame BE2F 32 KB
8 KB 19ms
19ms Script
application/x-javascript 2606:4700::6813:ba79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.ch/static_cms/parship/static/peg_utils/peg_external_modifier/peg_external_modifier_combined.js?v=6

Requested by

Host: www.parship.ch
URL: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f4d24e9a5a27461e967bc44c8f16f7e050ea758d22463c59082c491ce41fe70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 26154
strict-transport-security: max-age=15552000
cf-request-id: 084869ce6000004a9efba98000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 08 Jan 2021 13:19:22 GMT
server: cloudflare
etag: W/"5ff85bda-7e8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 6220df2a3e334a9e-FRA
expires: Tue, 16 Feb 2021 10:34:38 GMT

GET
H/1.1 200
OK viewability Show response
hal900017.redintelligence.net/ Frame 4D72 0
150 B 113ms
38ms Script
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/viewability?s=71761100242143300710156011506017&a=a9c7804e&vb=m
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=71761100242143300710156011506017&a=cdb2c97d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900017.redintelligence.net/request_content.php?s=71761100242143300710156011506017&a=cdb2c97d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:31 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 4D72 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hal900017.redintelligence.net
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 19:24:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:16 GMT
server: sffe
age: 167143
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13108
x-xss-protection: 0
expires: Sun, 13 Feb 2022 19:24:48 GMT

GET
H3-Q050 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 4D72 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hal900017.redintelligence.net
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 05:54:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 561359
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13324
x-xss-protection: 0
expires: Wed, 09 Feb 2022 05:54:32 GMT

GET
H3-Q050 200 YrTt2nCnHeKxmHilKBZXmnSHLNBYl9Kx70apKwZmX28.js Show response
pagead2.googlesyndication.com/bg/ Frame 376A 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YrTt2nCnHeKxmHilKBZXmnSHLNBYl9Kx70apKwZmX28.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b4edda70a71de2b19878a52816579a74872cd05897d2b1ef46a92b06665f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 11:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 00:15:00 GMT
server: sffe
age: 367767
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6263
x-xss-protection: 0
expires: Fri, 11 Feb 2022 11:41:04 GMT

GET
H2 200 nvi Show response
www.elitepartner.ch/nocache/ Frame D329 15 B
519 B 32ms
32ms XHR
application/json 2606:4700::6813:fb79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elitepartner.ch/nocache/nvi?url_path=%2Fcms_lp%2F16%2Fu%2Fht%2Findex.html&pscode=03_120_60078_0001_0001_0001_empty_AF9306_414915_1613411431_4bec7211-6fb6-11eb-b15c-692d064d6d31ID_GV1613411424.5564004.47fb4834-6fb6-11eb-9148-00155d53a129ID&ref=https%3A%2F%2F0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html

Requested by

Host: www.elitepartner.ch
URL: https://www.elitepartner.ch/static_cms/elitepartner/static/peg_utils/tracking/pegtracking_combined.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:fb79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elitepartner.ch/cms_lp/16/u/ht/index.html?pscode=03_120_60078_0001_0001_0001_empty_AF9306_414915_1613411431_4bec7211-6fb6-11eb-b15c-692d064d6d31ID_GV1613411424.5564004.47fb4834-6fb6-11eb-9148-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:32 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/json
cf-ray: 6220df29f8af4abd-FRA
content-length: 15
cf-request-id: 084869ce3e00004abd128d8000000001

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F31B 42 B
89 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAaJomGrAhP_zoE1rZx8acxLbqCjR6IZ7XuH0nPeY9f6EqLf4dlwJmVuidd8922TDQ5vpyFCai6qj-9jeBiwG_BuZQedg5wa63ogtM7Twm6fRfounCMBzHd3s&sai=AMfl-YTs45TF5IFFC-oviyj9G6wv14_ho1rl17uh8ZP2FGlChcwiHfm6-lG6uohdjyieyIHoDmEUVRUzVW3g7bve0cP2A7CxYHb8EoiZqz0LBhzw-RU0w1p2X9OPLsjo&sig=Cg0ArKJSzBPvnewcnAiiEAE&cid=CAASEuRowXSDJ-__ckl2xxBQ2MozUQ&id=osdim&mcvt=1053&p=121,1075,371,1375&mtos=1053,1053,1053,1053,1053&tos=1053,0,0,0,0&v=20210210&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1378114590&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1613411430074&dlt=73&rpt=1&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D944 0
23 B 40ms
40ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkLGiZbQqYOS7KNDYtgeFvYy4CAAAAAA4AeAEAg&bg=!h4SlhMfNAAWP4B5EjzsAKQB2-DxaaHSdok88U7sjcC4flzrSWmu_bCARi-80Hgz65VKocJ5GdPrKAgAABL5SAAAAgmgBB5kCcEO_l5-XVAOR6EoRvLHCKC4fsWjHS5sc4vcVhf7NOOMp6sySI-uDTMKC3EHEjTZrxv2dp2VaFrZYa8A7rihdzbkMC8H-qRfqN5rqo8m43nOHOgtguQjL0soc-G8feYN6fFhR3ioOCWFswXvmjyVgAew1h-fOriZDkcWmP7gPWNjhVqIjOS89ZrPCNMt4BJndkuwEDKr1P7-hCMkU5cHdpgXGgPLQG5EoexikoTgwiop3r09mjemBmrTqfuAxrwXRlbPtXdjhJlXZqKsHYpMCjMMMjhQKni3fYbkI-klY0oACaL9niZuj9EnlUfe8DqTli2TEtD2CYFJxnLs4_JzQHiRJCCU-6tbkLjwZBF43VCTmk7oepP90bsPnuYiyt5H47lriJUbRdxXMMu8eK3SiTUgaFEgRDrNTWXAun8KxLu1XpzY2AJI7wc1cj3axkU59whysKBHN5DaBTbWvfSIY4DcpcXtV2Hu84g6OmSAmybQI_CYWIdjl1QdKU_5gqFBd0sA5UW80uMSDE18RV8IbED8qU613SyLntJ5FWuvJsD3KK48TUKGd_OnITWMGeLrZsnJ5M3Ap10nW0c15Xi6nDkbWT_bAcru8jHizoIRVU-GbtQGojZfiERZiTlAOTx9S29gIUBtmgXB2DaXbwIJBNEDEXxMGXRavYx2krH-F9q-F1MOnghW_wkfxHhir5h-uZ8ySx6HTkdHXRdwtLf8eO5G-3r_QaKbPxGMlGNw3aO00xbqrputb5i3jIVRRsOborA1SfkMyf6Gqfyzno8dmtvEW-oCAZr4o94nCDcQsyLgEueyQXhl_bOahIbS-Jlp4zg

Requested by

Host: 0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
URL: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6834 0
23 B 41ms
40ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B29qmZLQqYP6VGcWo7gOe75TACAAAAAA4AeAEAg&bg=!EBOlE1DNAAWP4B5EjzsAKQB2-DxaRa7wO6Lpbv2Bz-_4IrYWGyO8dgE0rFe48yKbK_LbXmDyQESQAgAAA55SAAAAYGgBBwoAMoB008N8JV4MtYCWXUPQbPZjEbYlfFzssQnXaueJUilBlAP6xL9f7JXihfxCB5A3obXQmQJ4f9C_bsaP2dGL8bJX1jioSwLulcXHMLux8rrzYKPzVwy2QKT8m2itFrWvbrUS-RfuPbWhGqKRZGxbT-BnseOL3vmLdG2glME3q9lGsoDn_VMWuHPw1E5SjpJPrtvs2hrxY9qN-wZN_GaiqbydjhKOokYZ2maRWnyty9oLaiNh4IVMqBONNc4V2yp5-4tH8sx3oSa6nlw_AFmhO1Pvq7OBA-Id6YRMErlE2nI63CpsJ0LhnodWTc2DnmDlCqLkFpFzlQdG7Mu1BCLvTEo_UaXfUizXdf3aRXBhI-benBzj5Ykaq3EMBejrK2DSV8m6MXpThgwk2OTTScz_h8zzwiga951ev0IiEOZup_izWlkWq4SKgYib_eBZJWdxFrS8ATOBzQzibUr1KilfqKqtPh_2d8ZHY1TkHznDwkJqQY31ZO-EgFFSBsWZtcP6FLgPgyBw52qLLfuVi0A41AlCu-mROmN_mSLDWvkKihFzAeNkKRQoKkJ-lzs_Cp4TADOrAMuofa1rHAzyYnO6W_wxb8KwKC81avpEwBmO_SQF0TjcjlpjXCgae0tjEGR1ITx-4ATZyv7nqNas7-6qCraW5EBoaNLepwzfDHAqowqZB6aAw8ZUhk0NXZWglUZLYYVQZWpOY6_dGWgB82g-EbvQSDFJ_YjfD2HcMS93fVLXPkFyEX48BAv9E3YGjOEA0tITjiBf2CLsHzlQzr9YgiqbfEaS7lvDp1--vhwkxIfGnIvrEnmV8u-r5Sm423k2UPFzlPnJ-c9rQD5jABytog5HP7aWRuH5EA9nRzth3f6L67gRcc8XeaGxeLuxEqBNiMMYjTLAj5hGtGgPt1M

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 icon_x.svg
www.parship.ch/static_app/parship/img/icons/single_color/ Frame BE2F 534 B
375 B 29ms
28ms Other
image/svg+xml 2606:4700::6813:ba79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.ch/static_app/parship/img/icons/single_color/icon_x.svg?version=6.29.1/

Requested by

Host: www.parship.ch
URL: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

604acbdf7e7820f9ac582b0352c0e0faa61b0b455e4658c2d87bfa61c5512dbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 26154
strict-transport-security: max-age=15552000
cf-request-id: 084869cf5d00004a9eac93d000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 08 Feb 2021 11:41:17 GMT
server: cloudflare
etag: W/"6021235d-216"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 6220df2bcaff4a9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon_warning.svg
www.parship.ch/static_app/parship/img/icons/single_color/ Frame BE2F 1 KB
680 B 30ms
29ms Other
image/svg+xml 2606:4700::6813:ba79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.ch/static_app/parship/img/icons/single_color/icon_warning.svg?version=6.29.1/

Requested by

Host: www.parship.ch
URL: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3479dbcdc4d6d4b32090a258d88ac982bb0d714dbb574211d4ac7146b2b2be78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 26154
strict-transport-security: max-age=15552000
cf-request-id: 084869cf5d00004a9e6b164000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 08 Feb 2021 11:41:17 GMT
server: cloudflare
etag: W/"6021235d-432"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 6220df2bcb024a9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F94D 0
23 B 42ms
41ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BO_FQZbQqYL7DKprKtwfrjafIBQAAAAA4AeAEAg&bg=!RUalRgXNAAWP4B5EjzsAKQB2-DxaN9F6Vk_4dloyl8T49Iam3WgJ9ewbg_JO9AOold3bpp0Qs4b0AgAAA_dSAAAAWGgBBwoA3zmDWIc1KpRZUOpKf65Kk9vseFlWsfhF3xLzvRGHaCp3NTAEQeYpOMwI-3gQnwAn-Pe8O71_njDtN-cVFDBGgi_ZRhYfd8VFmRujcq2qC3pgBum92woo_o7yMjzIQpMDDAmFjzkKgt2cXr7lPDTqjN-6YqAiqCR6dErDvBWl716svy1bLFck-prObRPTJRrkcS6Ei-JF0jRFVmx_mKnKjCgFOlvJ53ljPpnCuMvhWorswAKt34t9UWU-39gSHPvx7P0OiNRcI9midY7vibTr25T9Y88twDWiUzVXFqp2OCCZAnAvuGVhsnBll5hV6awH2DazikyNzexoS54s2Up0ir6GHwk4Y0iOMIKx-LadlGCCB-Ri-USOEt1Xao2FSo5dfZ4DvRp4nW3rIzXMc-cKCU7RUGMIwLLY1DjpD4-q5RfPxwjLqlp4ZgHYNknlAewYmcaT1MfyMEukhvb_ZjYiGBnNVFUiuUy2ljw7xqiN1ESx87Pk7O-36aDQ1DtAv51SN_U632twVXlkT8A9IJpQeMqXDtkIgTU6wb77RdlJ8YuWkZ4ImZKyvrFJO1GL22MOr8qc__pOYE22IKRJ95Xl0y1yrl7l7lreLKPoAcl6FMeJHCwlb9hty6mR4s0m9DD8tUq-3kuWpveVkXagY87dW1C3au-RjKi1LouXbQ4wgF5iURrfbCtOPCxsbeDQFHMP2hS4HFke-TPHjs06ydYnCvVi9UFDkRrEMqUnVvJ3vpYKB3C8I-WszX9kbSbOqXylDA22eoslUfWqRs4fNgplFjHv0EyPt3iNo3bBl9DnJF90bu__dW8cQ2D3Jk2lSIaO84TvDZ6KkFwv6znGiDxcuaHdW-2YaAHMGy7aOgi_O58AruT22RT-1l3odAzwpOLeU4oaT7XNiZIO8TAqYs4j0RJj9IRHMC7k0zNAcdsJNz3KwO58olptBVHGMJD7aSmKZuoSOQEhMDQ7Waed7t1ZDOkORyKOCPM3pfjqIrM2GdeIuPpeWg38YdjnhnQTQ5bktOWeXVO9NqlS15aIFief8loScgcNB6Rg_YAae_SFFTlNEBCwWbdeNvHSze_vJ7rqORh_FaYZTkUiqPPMEgCSubCK5jIgNS_RDBm5Fma4Hbmo7sc

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EDDF 0
23 B 41ms
40ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTVPmZLQqYICWGcWo7gOe75TACAAAAAA4AeAEAg&bg=!CAulC0jNAAWP4B5EjzsAKQB2-Dxao2ZRxLEYGwvNFLVCXUFNOl_xsBOcvrnZjzDNlZFhh6KW3zLkAgAAA9xSAAAAfGgBB5kCbWvDKAoJfRj6HMVscC3vIKBqrIxxsqEl8QLNu2IotDN8F7vNg2mrqL3F4AGJTrpeFxYcCTXJDybl1kgEiqaullH57hSkt2x5gn_C_MGx_TM2uAM28T1Z3M1rmIOqV3kZW-YJKLxOck0OtxKl0aY8hMU5V6xIpCGsJ9uAz33SvWQ2aXQs0MN2jdnV6NMCQk42y-R5Ts-vV3MOP5HpTOS40jL76aeq1-lM20TfQcW-Z-AcClYr9YemGtjUIyvCg_EjlEHtcfxkrgsuBJAqdnMx1GciAvWUmqYsn-imp72CvPP0FvFMjgyBkJhJgIKwD_eIUQCexS_4CQXkM5515qBoG5UZTqK64sVpZq83iX4CJWk1oBFjIjgHKDcBcCS5KasR8PmZwFt9DwJx7sCsuUGqAf-EzGbhgYX--RGZ1ABl_f5Druc13PAcS3gYUNxuxuwcpLfIcWIVkWMfgEuQWQyPCVdlNP0HDvj0zaKahj9OdPN-NTjXM6UTekTrJ8pUpBgm2W8TrMmfi7vrt0b-LbSCk7coP88c8pJN2R8Ag5_lm5v4z37CyU5Q83vdtolFyNxduQv8SO6hVY-mtCtPKzhgZEN9NAAAvumm-CWH9TrmbPGnMdHOcXtZUStLh0R2pz1Ya-OI4KNgd5Q5UJqfiS97V2dmfa7PxSuN2vNrA965v5jBU2kUKxepAiviyTwxKBJcppWaFhwbWgf6tJfSfmlsTFIzTcy7ndCuOFyGaeUjXbvCCIDeTYhCEa7abu4v6KggJa4yywnvBHoj0roe9vpL9Xmgw_vdKiTvq5d9ijA5cO_L1xNwTHBj6vi3Oh9IGQ

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9112 42 B
66 B 59ms
58ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvx0DJhFUOFs9Tgtgiz5vD8OpbAS_oQz0oEjoPHdZas213rh3RH12AkiKgDR7968Jp-oN9hgEPERyUYui9QI7OYUOVbEbIvmEQRHlD6DpSbycQC&sai=AMfl-YT-YNLDAkIuYqSHOmegkXu1btD-wyxGSNx99iof2HOH-hg2mbITDfNnbWpjA9e0pNYh3DM0IiSK74H6i9FBtmO8xMkkaCbsttGj7I6jXzM9Wp3CLD0d64mFRuC90w3Y&sig=Cg0ArKJSzAOUhAAdUt0zEAE&cid=CAASPeRoVRkKb1TiSC-RlGAHCVDfynMw_glRGLHcdz59eagE6lHUwWYvm2EB7168jpSVKxMU7Jb8B9Y0cuH-to0&id=osdim&mcvt=1056&p=974,276,1068,1004&mtos=0,1056,1056,1056,1056&tos=0,1056,0,0,0&v=20210210&bin=7&avms=nio&bs=0,0&mc=0.95&if=1&app=0&itpl=20&adk=3936664330&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1613411429442&dlt=34&rpt=1&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C326 0
23 B 41ms
41ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhI2JZbQqYPXSK8OP1fAP8uWv4AsAAAAAOAHgBAI&bg=!1tWl1ZbNAAWP4B5EjzsAKQB2-Dxa5Fjwmqt7OFwt7YSYcqq4OYT4exqgFd-YWNBx93G05dd9pyR1AgAABDFSAAAAfWgBBwoAZPgkXJg566_gvMjOzVaIBF0yGn-D0VImAbDndhltDF_x2ZsZYR0FSYqGDshNm7hedxXaorpk-p1MWGJzUbZHc9de_ZOWKLLy2zKAD4g03oTlzE9YmnEvKcDQSMffRVlOI19R716ZAmkilyEHsYaVHpMCzXwA3NYl2BkdbVvhK6QDoOLsVSuGRqiZwaPTanTmnldu71aWoHfdoHSKd_mG0Fk1nnUJviED1evS2RUj2mVyL5j6muGgOnPuPAlBwMwtkVR0GTWLUsMEVD41_8QnX2jll9VeZzYIeN21r8CDdfMp9v9uDN35kT9oK0_OUvnlzItmZV9l9Q7uFICVdokCo7mv8q9g37j17WWEfQoM_EKGEyGVF45mnsayo8yFPuPqT2My6Ye7LgIrG4gb_DeNt3Mm5J5_KDYkZSGP_5M1Wi741yj00MLI4i0Dxm-KLVkXmlcBIALHJ_bVvwj92BYWkEJFxYUc-c1EfJm7cuHUNvBtSV2C7LFett50mm5v9R5B9TVn8py3jNsNoUjwnMSaJTuVZNpL0F9uKAgK-97dTTxipCoL2vs8RCsXuQhTdzuAbNvIm4buvBEbMUkDCkuGV1oLWofvxnUhngyXbknGK4j0T5yVFQw81KzdnP2zbN7sDyKNDkv1dYpKntlU9PI1FZIkxlsMJfk_p0jraDr8r5b_N8YmrE6ZsCzNwEGgiN-HbCD9-HpIjpSVSDL9R92p3b1VBYoRTLddeksSb0pzGLq2cjqK29E-b7OkCai_qffdfodi8siyqM1KPU_q4fyRLN6MA2dOtI0fye4nRcXCzpdzEBd0KVmUpa1G7RUL5ojmpyxvJ_5hW_u0F6NH37MR1fYZ_E-8ePfu3hWHLfes8RVvTrDqjZH5VYJgs-T63hxrlejvtCewe437fBaKF7s3nZOQyaCB1LBVC9Qaw1K2aqCaHycu-ZH7y6undif_0Yj-3Q

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F87F 0
23 B 41ms
41ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5nm7ZbQqYKf1LPjM1fAPyo28gAYAAAAAOAHgBAI&bg=!h4SlhMfNAAWP4B5EjzsAKQB2-DxaKXW9MsFQszVvHwfwRFlxZS1r2oPqhD9O1TZjOf8RGf6NkJpqAgAABAVSAAAAfWgBBwoALECNKtAMdXZ4MU5-oKfu0sfcu0VnMZMOnoBNrlBN553lH2D8P9Z7HJOcRovXmQJ38e5zBVpFgeomQZnf0_fAijhbFlBcia8u4g1EU0IxN6t393XyU6f3fxUoJwwaE0_sS8Vm8O2yAmAzEX9aS6sAT-Q2dHAGmXKYRmDy4q-lsQeIDFxl3nLwhmIN1ZEqSlSblUXvVN4gcHG8s_cDaidM6y7EMXE8iBhRg7OdtElGeP04B3covcxycybz5N_TL2Bs6hqYWrU4HSjMgpHlNQWo4nYl3qAAVafwyrdr8luih_s25DuLrd5vvJ5PkKnn_4VWEZ9zmEWcSmUMn7Vmp_c2rj0b9pHhUXdDCVKcJpMqYYnu2sUiM-4U-9-2JTYUIZE5u6s2CO8r5BCYY_uk6QZQQdnXYNUHYpZUgi4mc-R1QlddxSOzDT3WfSiUsflTdu2Pf_eRG2fEM_yWlwo_5Z7WJ-Kpgf4WMuGKNxCFK-mhpZUn2OcjWj6b5KEo1Rfl-nyAklSv8Yc6vxrgdJ0gXPJPhbYgGndKl_xle-IWgncSywVd1ZLkbUDipyVnp0DTlIZl04pBO12njgCRM8wSITJ8nA4ydviKytbLLipyYH6NWGRfRtv86Q1AHhQHDO_lkt-B7-3sCVH3aBudivwyiZQ0AUyXqTf6vhZidX2iG3zYBgM5qJnDrMfSfC-xAQYLOG7eSBu5n0wBwgE34NLYloFO9JeAqwQj52DySAz9KOu2s6bX6bUGL7NfhIeajsjC1RBYAYzeMQq0SExrGp9Eg-ZQa4_QqifNmR47JbEioz8LMSOtAF1MA7Fd3u0L8-Mqs3-4Yla4RGC5IY1p4j9k8-DVTPVECrZqDrDF2fIH92txUkaUUoKBcovqbK6A7fqwxVfUvnOAVSsipw

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dynamicconf Show response
www.parship.ch/common/ Frame BE2F 2 KB
4 KB 56ms
55ms Script
text/javascript 2606:4700::6813:ba79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.ch/common/dynamicconf

Requested by

Host: www.parship.ch
URL: https://www.parship.ch/static_cms/parship/static/peg_utils/peg_external_modifier/peg_external_modifier_combined.js?v=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b36da81ab1dd73219eee2f1caaa914c7fc4a3b6fa4104fb086e459d28c0906f5

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; frame-src https:; object-src 'none'; worker-src 'self'; img-src 'self' data: http: https:; upgrade-insecure-requests; default-src 'self' https://.googlesyndication.com; connect-src 'self' https://.google-analytics.com/ https://.facebook.com https://.ioam.de https://.taboola.com https://translate.googleapis.com https://.doubleclick.net https://eum-eu-west-1.instana.io wss://mpsnare.iesnare.com https://logx.optimizely.com/v1/events https://www.eharmony.com/lane/ https://s7.addthis.com/l10n/ https://eharmony-app.quantummetric.com/ https://yoast.com/feed/widget/ https://m.addthis.com https://.googlesyndication.com https://connect.facebook.net https://.usercentrics.eu https://api.personio.de/recruiting/applicant ; font-src data: 'self' https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com/font-awesome/ https://assets.eharmony.com https://assets.eharmony.com.au https://assets.eharmony.co.uk https://assets.eharmony.ca https://assets.squarespace.com/universal/fonts/ https://static.squarespace.com/universal/fonts/ ; script-src https: 'report-sample' 'unsafe-inline' 'unsafe-eval' data: 'self' https://.custhelp.com https://.ioam.de; style-src 'self' 'unsafe-inline' https://www.parship.com https://.custhelp.com https://fonts.googleapis.com https://partnerboerse.parship.de https://translate.googleapis.com https://assets.eharmony.com https://assets.eharmony.com.au https://assets.eharmony.co.uk https://assets.eharmony.ca https://s.po.st/static/ https://maxcdn.bootstrapcdn.com/font-awesome/ https://static1.squarespace.com/static/sitecss/ ; media-src 'self' data: https://mpsnare.iesnare.com https://assets.eharmony.com/files/us/images/careers/ https://www.googleapis.com/youtube/; prefetch-src 'self' https://.googlesyndication.com/safeframe/; frame-ancestors 'self'; report-uri /ls/
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:32 GMT
content-encoding: br
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
content-security-policy-report-only: base-uri 'self'; frame-src https:; object-src 'none'; worker-src 'self'; default-src 'self' https://*.googlesyndication.com; img-src 'self' data: http: https:; connect-src 'self' https://*.google-analytics.com/ https://*.facebook.com https://*.ioam.de https://*.taboola.com https://translate.googleapis.com https://*.doubleclick.net https://eum-eu-west-1.instana.io wss://mpsnare.iesnare.com https://logx.optimizely.com/v1/events https://www.eharmony.com/lane/ https://s7.addthis.com/l10n/ https://eharmony-app.quantummetric.com/ https://yoast.com/feed/widget/ https://m.addthis.com https://*.googlesyndication.com https://connect.facebook.net https://*.usercentrics.eu https://api.personio.de/recruiting/applicant ; font-src data: 'self' https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com/font-awesome/ https://assets.eharmony.com https://assets.eharmony.com.au https://assets.eharmony.co.uk https://assets.eharmony.ca https://assets.squarespace.com/universal/fonts/ https://static.squarespace.com/universal/fonts/ ; script-src https: 'report-sample' 'unsafe-inline' 'unsafe-eval' data: 'self' https://*.custhelp.com https://*.ioam.de; style-src 'self' 'unsafe-inline' https://www.parship.com https://*.custhelp.com https://fonts.googleapis.com https://partnerboerse.parship.de https://translate.googleapis.com https://assets.eharmony.com https://assets.eharmony.com.au https://assets.eharmony.co.uk https://assets.eharmony.ca https://s.po.st/static/ https://maxcdn.bootstrapcdn.com/font-awesome/ https://static1.squarespace.com/static/sitecss/ ; media-src 'self' data: https://mpsnare.iesnare.com https://assets.eharmony.com/files/us/images/careers/ https://www.googleapis.com/youtube/; prefetch-src 'self' https://*.googlesyndication.com/safeframe/; frame-ancestors 'self'; report-uri /ls/?reportOnly=true
p3p: CP="ALL CUR OUR STP UNI PUR"
content-type: text/javascript;charset=UTF-8
ownerid: 40
server-timing: intid;desc=a817a31585f5a565
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-language: de-CH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: base-uri 'self'; frame-src https:; object-src 'none'; worker-src 'self'; img-src 'self' data: http: https:; upgrade-insecure-requests; default-src 'self' https://*.googlesyndication.com; connect-src 'self' https://*.google-analytics.com/ https://*.facebook.com https://*.ioam.de https://*.taboola.com https://translate.googleapis.com https://*.doubleclick.net https://eum-eu-west-1.instana.io wss://mpsnare.iesnare.com https://logx.optimizely.com/v1/events https://www.eharmony.com/lane/ https://s7.addthis.com/l10n/ https://eharmony-app.quantummetric.com/ https://yoast.com/feed/widget/ https://m.addthis.com https://*.googlesyndication.com https://connect.facebook.net https://*.usercentrics.eu https://api.personio.de/recruiting/applicant ; font-src data: 'self' https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com/font-awesome/ https://assets.eharmony.com https://assets.eharmony.com.au https://assets.eharmony.co.uk https://assets.eharmony.ca https://assets.squarespace.com/universal/fonts/ https://static.squarespace.com/universal/fonts/ ; script-src https: 'report-sample' 'unsafe-inline' 'unsafe-eval' data: 'self' https://*.custhelp.com https://*.ioam.de; style-src 'self' 'unsafe-inline' https://www.parship.com https://*.custhelp.com https://fonts.googleapis.com https://partnerboerse.parship.de https://translate.googleapis.com https://assets.eharmony.com https://assets.eharmony.com.au https://assets.eharmony.co.uk https://assets.eharmony.ca https://s.po.st/static/ https://maxcdn.bootstrapcdn.com/font-awesome/ https://static1.squarespace.com/static/sitecss/ ; media-src 'self' data: https://mpsnare.iesnare.com https://assets.eharmony.com/files/us/images/careers/ https://www.googleapis.com/youtube/; prefetch-src 'self' https://*.googlesyndication.com/safeframe/; frame-ancestors 'self'; report-uri /ls/
cf-request-id: 084869cfbb00004a9e5a0f0000000001
instanatraceid: a817a31585f5a565
cf-ray: 6220df2c5d044a9e-FRA
x-content-type-options: nosniff
expires: 0

GET
H2 200 eum.min.js Show response
eum.instana.io/ Frame BE2F 23 KB
9 KB 49ms
32ms Script
application/javascript 2606:4700::6810:9cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eum.instana.io/eum.min.js
Requested by: Host: www.parship.ch
URL: https://www.parship.ch/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js?v=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 713695d49b59e0d89b1b471813448fa835e896b2846220880ed2e51bd53ea832

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 9 Feb 2021 10:11:51 GMT
server: cloudflare
age: 501681
etag: -329215522--gzip
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray: 6220df2c7ef805d8-FRA
cf-request-id: 084869cfcf000005d8ad83f000000001

GET
H2 200 cookiebanner.css
www.parship.ch/static_cms/parship/static/peg_utils/peg_external_modifier/ Frame BE2F 744 B
667 B 17ms
17ms Stylesheet
text/css 2606:4700::6813:ba79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.ch/static_cms/parship/static/peg_utils/peg_external_modifier/cookiebanner.css

Requested by

Host: www.parship.ch
URL: https://www.parship.ch/static_cms/parship/static/peg_utils/peg_external_modifier/peg_external_modifier_combined.js?v=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5699813baeb7c890c710b525ef745258c14aff63a429dc2d8afe9b765a9beedd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 26142
x-cnection: close
strict-transport-security: max-age=15552000
cf-request-id: 084869d01000004a9e7cbde000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 08 Jan 2021 13:19:10 GMT
server: cloudflare
etag: W/"5ff85bce-2e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 6220df2cee944a9e-FRA
expires: Tue, 16 Feb 2021 10:34:50 GMT

POST
H2 200 /
www.parship.ch/bd/ Frame BE2F 0
3 KB 51ms
50ms Other
text/plain 2606:4700::6813:ba79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.ch/bd/?1613411432462

Requested by

Host: www.parship.ch
URL: https://www.parship.ch/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js?v=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; frame-src https:; object-src 'none'; worker-src 'self'; img-src 'self' data: http: https:; upgrade-insecure-requests; default-src 'self' https://.googlesyndication.com; connect-src 'self' https://.google-analytics.com/ https://.facebook.com https://.ioam.de https://.taboola.com https://translate.googleapis.com https://.doubleclick.net https://eum-eu-west-1.instana.io wss://mpsnare.iesnare.com https://logx.optimizely.com/v1/events https://www.eharmony.com/lane/ https://s7.addthis.com/l10n/ https://eharmony-app.quantummetric.com/ https://yoast.com/feed/widget/ https://m.addthis.com https://.googlesyndication.com https://connect.facebook.net https://.usercentrics.eu https://api.personio.de/recruiting/applicant ; font-src data: 'self' https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com/font-awesome/ https://assets.eharmony.com https://assets.eharmony.com.au https://assets.eharmony.co.uk https://assets.eharmony.ca https://assets.squarespace.com/universal/fonts/ https://static.squarespace.com/universal/fonts/ ; script-src https: 'report-sample' 'unsafe-inline' 'unsafe-eval' data: 'self' https://.custhelp.com https://.ioam.de; style-src 'self' 'unsafe-inline' https://www.parship.com https://.custhelp.com https://fonts.googleapis.com https://partnerboerse.parship.de https://translate.googleapis.com https://assets.eharmony.com https://assets.eharmony.com.au https://assets.eharmony.co.uk https://assets.eharmony.ca https://s.po.st/static/ https://maxcdn.bootstrapcdn.com/font-awesome/ https://static1.squarespace.com/static/sitecss/ ; media-src 'self' data: https://mpsnare.iesnare.com https://assets.eharmony.com/files/us/images/careers/ https://www.googleapis.com/youtube/; prefetch-src 'self' https://.googlesyndication.com/safeframe/; frame-ancestors 'self'; report-uri /ls/
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 15 Feb 2021 17:50:32 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: base-uri 'self'; frame-src https:; object-src 'none'; worker-src 'self'; img-src 'self' data: http: https:; upgrade-insecure-requests; default-src 'self' https://*.googlesyndication.com; connect-src 'self' https://*.google-analytics.com/ https://*.facebook.com https://*.ioam.de https://*.taboola.com https://translate.googleapis.com https://*.doubleclick.net https://eum-eu-west-1.instana.io wss://mpsnare.iesnare.com https://logx.optimizely.com/v1/events https://www.eharmony.com/lane/ https://s7.addthis.com/l10n/ https://eharmony-app.quantummetric.com/ https://yoast.com/feed/widget/ https://m.addthis.com https://*.googlesyndication.com https://connect.facebook.net https://*.usercentrics.eu https://api.personio.de/recruiting/applicant ; font-src data: 'self' https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com/font-awesome/ https://assets.eharmony.com https://assets.eharmony.com.au https://assets.eharmony.co.uk https://assets.eharmony.ca https://assets.squarespace.com/universal/fonts/ https://static.squarespace.com/universal/fonts/ ; script-src https: 'report-sample' 'unsafe-inline' 'unsafe-eval' data: 'self' https://*.custhelp.com https://*.ioam.de; style-src 'self' 'unsafe-inline' https://www.parship.com https://*.custhelp.com https://fonts.googleapis.com https://partnerboerse.parship.de https://translate.googleapis.com https://assets.eharmony.com https://assets.eharmony.com.au https://assets.eharmony.co.uk https://assets.eharmony.ca https://s.po.st/static/ https://maxcdn.bootstrapcdn.com/font-awesome/ https://static1.squarespace.com/static/sitecss/ ; media-src 'self' data: https://mpsnare.iesnare.com https://assets.eharmony.com/files/us/images/careers/ https://www.googleapis.com/youtube/; prefetch-src 'self' https://*.googlesyndication.com/safeframe/; frame-ancestors 'self'; report-uri /ls/
server-timing: intid;desc=fdc002b0dde40e81
cf-ray: 6220df2d0ef14a9e-FRA
content-security-policy-report-only: base-uri 'self'; frame-src https:; object-src 'none'; worker-src 'self'; default-src 'self' https://*.googlesyndication.com; img-src 'self' data: http: https:; connect-src 'self' https://*.google-analytics.com/ https://*.facebook.com https://*.ioam.de https://*.taboola.com https://translate.googleapis.com https://*.doubleclick.net https://eum-eu-west-1.instana.io wss://mpsnare.iesnare.com https://logx.optimizely.com/v1/events https://www.eharmony.com/lane/ https://s7.addthis.com/l10n/ https://eharmony-app.quantummetric.com/ https://yoast.com/feed/widget/ https://m.addthis.com https://*.googlesyndication.com https://connect.facebook.net https://*.usercentrics.eu https://api.personio.de/recruiting/applicant ; font-src data: 'self' https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com/font-awesome/ https://assets.eharmony.com https://assets.eharmony.com.au https://assets.eharmony.co.uk https://assets.eharmony.ca https://assets.squarespace.com/universal/fonts/ https://static.squarespace.com/universal/fonts/ ; script-src https: 'report-sample' 'unsafe-inline' 'unsafe-eval' data: 'self' https://*.custhelp.com https://*.ioam.de; style-src 'self' 'unsafe-inline' https://www.parship.com https://*.custhelp.com https://fonts.googleapis.com https://partnerboerse.parship.de https://translate.googleapis.com https://assets.eharmony.com https://assets.eharmony.com.au https://assets.eharmony.co.uk https://assets.eharmony.ca https://s.po.st/static/ https://maxcdn.bootstrapcdn.com/font-awesome/ https://static1.squarespace.com/static/sitecss/ ; media-src 'self' data: https://mpsnare.iesnare.com https://assets.eharmony.com/files/us/images/careers/ https://www.googleapis.com/youtube/; prefetch-src 'self' https://*.googlesyndication.com/safeframe/; frame-ancestors 'self'; report-uri /ls/?reportOnly=true
content-length: 0
cf-request-id: 084869d02400004a9e840f4000000001

GET
H2 200 nvi Show response
www.parship.ch/nocache/ Frame BE2F 15 B
552 B 82ms
82ms XHR
application/json 2606:4700::6813:ba79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.ch/nocache/nvi?url_path=%2Flp%2Fv00%2Faff_c.html&pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID&ref=https%3A%2F%2F0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

X-INSTANA-T: 933957126fae6dd8
Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
X-INSTANA-S: 933957126fae6dd8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-INSTANA-L: 1,correlationType=web;correlationId=933957126fae6dd8

Response headers

date: Mon, 15 Feb 2021 17:50:32 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/json
cf-ray: 6220df2d0ef94a9e-FRA
content-length: 15
cf-request-id: 084869d02600004a9e219b5000000001

GET
H2 200 tms Show response
tms.parship.ch/ Frame BE2F 15 KB
4 KB 120ms
37ms Script
text/javascript 85.239.105.10
HLKOMM 04107 Leipzig

General

Check archive.org

Show headers Download Go to

Full URL: https://tms.parship.ch/tms?cid=1421&m315=j&v=6XLQ6eHN28%2FC18zX0%2Bis2eK13ZR%2FkKu3zbXGuJGaY%2BLJp83C4uXR6M%2Fe4L2DrJXfztJ1kYXlzuiwxO2%2F39dnqIXi5dHoz97grpCQZtTa4N7i09LTkIqDpqOKlZK31NDTzuJtn5u95ulz3sTk7Njd2Z3RqZCQZtTa4N7i08ze477V5OyKo5KWrYWeh%2Bm%2Byuu66OKqkJ2U39nm3OPiqtvJo9vM5eLk49uRmnLQ6eHN28%2B%2FxtHZ2tWyypuAkbaKkI%2BU3t7qi6mQseDTqIePlNvi1dfTkIqD4uaKlZLI18%2FR1dW%2FzZuAkZd3tMjk69%2Fm2dDVppOWipmTppvt&ref=https%3A%2F%2F0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&timezone=null
Requested by: Host: www.parship.ch
URL: https://www.parship.ch/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js?v=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.239.105.10 Leipzig, Germany, ASN16097 (HLKOMM 04107 Leipzig, DE),
Reverse DNS
Software: nginx /
Resource Hash: e8917955beb110a600b9196c614945d6c1a4df8f10a6d07347b4952f46ed3252

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:25 GMT
content-encoding: gzip
server-id: 11
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
content-type: text/javascript;charset=UTF-8

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 376A 0
23 B 41ms
40ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bzoi4ZrQqYLa1GYrZtweukoeQBAAAAAA4AeAEAg&bg=!Tk2lTQ7NAAWP4B5EjzsAKQB2-DxaEqNsZ9hG1j8qSVc7DHpMP1U0qPigM2gxPqctcJmfmMFdUJp7AgAAAV5SAAAAHmgBBwoAFk3uAUh49L7NUoVR1PVfL51m0-iywcKZAnedYsamOLqc3sA6kNojkYRkd7p8xGv7frrOf27P3MWaUP5ydzZdcT1Qw9V-bdXmRcLZa38u5JScxL8OuRcwvk7JG7d5vwdubogLyJMie_-mYexQx9JuqogTai9QP8rWeHKXG4Hg9tT27me9LqDo25LY5NLnY06cvU7LtchnV2yf-Jy2Tbvzt7gRAtGDuB13toGIc1G1fDGRHRQaTOsFidW92ktwIUJY_yfOdwpWU7qhj5brWP2xCmqbnShcVxiCqz_05xkp2KMCVkAcrN5_8RYnq3aK9C5WkifY501-Csun6b-UdQJBqNbvLD6DYqMdWmHU6giEWIPpWCDnKSJhwwFQbI1LTrl8o90rHc71f_4kUh-eUNQJz3NOhaGoA7x2fiVgtGjNxNLJhHVXMWspyiCUc9k8J0sGBP2Xni-W0tpcP3t35GO_aQ4ayHf9XYR4-4rwaKSRjlB-Fyale2ixPIdFIN9yb7jmqV-deyd3ZdFroBm0tSWmSLLBkXOcE-OksiAoKuYoaKkpkagfs3f5x-aZcRQmT-N7B0HcUvp8-any0Om6il48YG3BY9iXy2o-04upIjVb8VD-rekiuIJjIHbWBqrt3xR_RBM3EHhCqthFK21b95MsbWNe4Qr-7e4nKsDjAbUYxa75GvfHlG0XH9DAe27ppbuz0QxdEmXQfLqE4xliDRrv807NadWqP54cq05JVx-9UqjOr5XoBMXdxG41XApRjkJyaFkNceotpqSUtoJWHoPqxt6bWp9RSXBPqoPABVZeMHwEAbrREzyuNq-wqVDEthzTG43zM3QgNWe-U7xaWX3UQ2hFQww3UjuJpW7VMNoTPc6F

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 ping.gif
prd.jwpltx.com/v1/jwplayer6/ 0
35 B 101ms
99ms Image
text/plain 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-1869437063&e=e&n=6797862895930837&abc=0&aid=R6zixFK%2BEei17gpVuA4vVw&amp=0&ask=3EcmxQFj&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=6&emi=a0gsos5qqze5&i=0&id=AwMtC3La&lsa=fail&mt=1&pbd=1&pbr=1&pgi=1y70rzy16wsh&ph=1&pid=QpiDHIQD&pii=0&pl=146&plc=8&pli=1hqqe62oxfvn&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=TinTheThao.com.vn%20-%20Tin%20t%E1%BB%A9c&pu=https%3A%2F%2Fwww.tinthethao.com.vn%2F&pv=8.18.4&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Highlights%3A%20Santos%202-0%20Coritiba%20(Th%C3%A1ng%202%2F2021)&tv=3.35.0&vb=1&vi=1&vl=90&wd=260&ab=1&cae=0&cb=0&cdid=player-1&cme=0&dd=1&flc=0&fv=&ga=0&ipv=0.4.0&lng=vi&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FAwMtC3La.m3u8&pbc=1&pd=2&pdr=&plng=vi&plt=3750&pni=0&po=0&sp=0&st=230&sa=1613411432679
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:32 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-hhn4052-HHN
x-cache: MISS
x-cache-hits: 0

GET
H2 204 ping.gif
prd.jwpltx.com/v1/jwplayer6/ 0
63 B 101ms
99ms Image
text/plain 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=1731994431&e=pa&n=4246836673558125&abc=0&aid=R6zixFK%2BEei17gpVuA4vVw&amp=0&ask=3EcmxQFj&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=6&emi=a0gsos5qqze5&i=0&id=AwMtC3La&lsa=fail&mt=1&pbd=1&pbr=1&pgi=1y70rzy16wsh&ph=1&pid=QpiDHIQD&pii=0&pl=146&plc=8&pli=1hqqe62oxfvn&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=TinTheThao.com.vn%20-%20Tin%20t%E1%BB%A9c&pu=https%3A%2F%2Fwww.tinthethao.com.vn%2F&pv=8.18.4&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Highlights%3A%20Santos%202-0%20Coritiba%20(Th%C3%A1ng%202%2F2021)&tv=3.35.0&vb=1&vi=1&vl=90&wd=260&ab=1&bwe=1000&cme=0&fed=Sg3n3cge&flc=0&lng=vi&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FAwMtC3La.m3u8&pd=2&pdr=&plng=vi&pni=0&pr=7&tb=0&vd=30&sa=1613411432679
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:32 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-hhn4052-HHN
x-cache: MISS
x-cache-hits: 0

GET
H2 204 ping.gif
prd.jwpltx.com/v1/jwplayer6/ 0
26 B 104ms
102ms Image
text/plain 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=777731072&e=s&n=1693362489434986&abc=0&aid=R6zixFK%2BEei17gpVuA4vVw&amp=0&ask=3EcmxQFj&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=6&emi=a0gsos5qqze5&i=0&id=AwMtC3La&lsa=fail&mt=1&pbd=1&pbr=1&pgi=1y70rzy16wsh&ph=1&pid=QpiDHIQD&pii=0&pl=146&plc=8&pli=1hqqe62oxfvn&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=TinTheThao.com.vn%20-%20Tin%20t%E1%BB%A9c&pu=https%3A%2F%2Fwww.tinthethao.com.vn%2F&pv=8.18.4&pyc=1&s=0&sdk=0&stc=1&stpe=0&t=Highlights%3A%20Santos%202-0%20Coritiba%20(Th%C3%A1ng%202%2F2021)&tv=3.35.0&vb=1&vi=1&vl=90&wd=260&abm=1&bwe=1000&cae=0&cct=0&cdid=player-1&drm=0&fed=Sg3n3cge&ff=290&fsm=0&l=2&lng=vi&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FAwMtC3La.m3u8&pcp=0&pd=2&pdr=&plng=vi&pni=0&pr=7&q=4&qcr=initial%20choice&sbr=430&sp=0&strt=300&tb=4&tt=1&vd=30&vh=180&vs=5&vw=320&sa=1613411432679
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:32 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-hhn4052-HHN
x-cache: MISS
x-cache-hits: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 32ms
32ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021021001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

649c5a9b94b940ac3fb0be1c806b04bf3f05214ac18fe9b49f683193cd1b3b45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6482
x-xss-protection: 0

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame BE2F 97 KB
39 KB 46ms
32ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-977979790

Requested by

Host: www.parship.ch
URL: https://www.parship.ch/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js?v=6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

593b5ed44251396a7e684097782e5f5a2b24fff33e4c5ad2aa4eaf9f47f7cd6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39104
x-xss-protection: 0
last-modified: Mon, 15 Feb 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Feb 2021 17:50:32 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:32 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 9E0F 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tinthethao.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tinthethao.com.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Mon, 15 Feb 2021 17:06:52 GMT
expires: Tue, 15 Feb 2022 17:06:52 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2620
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame BE2F 97 KB
38 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-994922925&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-977979790

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a41a85ec967001520ca11a2c317a09dc322d16d00faf4af1d4a75b4de0aec0bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39109
x-xss-protection: 0
last-modified: Mon, 15 Feb 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Feb 2021 17:50:32 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame BE2F 97 KB
38 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1069752015&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-977979790

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8e3333b478cb83b318b8df4f84751af745593a1fc8cc59431e980fa4da23d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39103
x-xss-protection: 0
last-modified: Mon, 15 Feb 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Feb 2021 17:50:32 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame BE2F 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.tinthethao.com.vn
URL: https://www.tinthethao.com.vn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 1831
date: Mon, 15 Feb 2021 17:20:01 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 15 Feb 2021 19:20:01 GMT

GET
H3-Q050 200 l2tEihx9DbfzLheMnTAV_r5jOfn78SUrSdhAco82bCo.js Show response
pagead2.googlesyndication.com/bg/ Frame 9E0F 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2tEihx9DbfzLheMnTAV_r5jOfn78SUrSdhAco82bCo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976b448a1c7d0db7f32e178c9d3015febe6339f9fbf1252b49d840728f366c2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 14:28:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 12094
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6254
x-xss-protection: 0
expires: Tue, 15 Feb 2022 14:28:58 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame BE2F 31 KB
12 KB 50ms
49ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-994922925&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

876cfd75830546cc2ba6a38213b34365cc42903e1971862537b1ababd3f77561

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12364
x-xss-protection: 0
server: cafe
etag: 16447433377505682064
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 15 Feb 2021 17:50:32 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1069752015/ Frame BE2F 3 KB
1 KB 158ms
158ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069752015/?random=1613411432908&cv=9&fst=1613411432908&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&ig=1&data=event%3Dpage_view%3Bdata_psc%3D%3Bdata_lp%3D%3Bdata_red%3D%3Bdata_tfd%3D%3Bdata_pte%3D%3Bdata_oty%3D%3Bdata_pda%3D%3Bdata_st%3Dplatform%3Bdata_ut%3Dfirsttime_visitor%3Bdata_rgid%3D&frm=2&url=https%3A%2F%2Fwww.parship.ch%2Flp%2Fv00%2Faff_c.html%3Fpscode%3D01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID&ref=https%3A%2F%2F0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&tiba=Partnersuche%20mit%20Parship.ch%20%26amp%3Braquo%3B%20Partnerb%C3%B6rse%20Nr.%201%20in%20der%20Schweiz&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2253fe3333813956d7c9fab728b3662769301312193fdeced6806e34503ab51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1305
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/994922925/ Frame BE2F 3 KB
2 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994922925/?random=1613411432911&cv=9&fst=1613411432911&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&ig=1&data=event%3Dpage_view%3Bdata_psc%3D%3Bdata_lp%3D%3Bdata_red%3D%3Bdata_tfd%3D%3Bdata_pte%3D%3Bdata_oty%3D%3Bdata_pda%3D%3Bdata_st%3Dplatform%3Bdata_ut%3Dfirsttime_visitor%3Bdata_rgid%3D&frm=2&url=https%3A%2F%2Fwww.parship.ch%2Flp%2Fv00%2Faff_c.html%3Fpscode%3D01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID&ref=https%3A%2F%2F0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&tiba=Partnersuche%20mit%20Parship.ch%20%26amp%3Braquo%3B%20Partnerb%C3%B6rse%20Nr.%201%20in%20der%20Schweiz&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81c260f6e9ff90472c2edc4e440cc8dac22308c68ca7a09344d2c02ff8cb7d94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900012.redintelligence.net/ Frame 5188 0
150 B 103ms
35ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/viewability?s=31603600207147300710152011506012&a=5be77b21&vb=v
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=31603600207147300710152011506012&a=91dcff08
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900012.redintelligence.net/request_content.php?s=31603600207147300710152011506012&a=91dcff08
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:33 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/994922925/ Frame BE2F 42 B
119 B 20ms
20ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/994922925/?random=1613411432911&cv=9&fst=1613408400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&data=event%3Dpage_view%3Bdata_psc%3D%3Bdata_lp%3D%3Bdata_red%3D%3Bdata_tfd%3D%3Bdata_pte%3D%3Bdata_oty%3D%3Bdata_pda%3D%3Bdata_st%3Dplatform%3Bdata_ut%3Dfirsttime_visitor%3Bdata_rgid%3D&frm=2&url=https%3A%2F%2Fwww.parship.ch%2Flp%2Fv00%2Faff_c.html%3Fpscode%3D01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID&ref=https%3A%2F%2F0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&tiba=Partnersuche%20mit%20Parship.ch%20%26amp%3Braquo%3B%20Partnerb%C3%B6rse%20Nr.%201%20in%20der%20Schweiz&async=1&fmt=3&is_vtc=1&random=3249961414&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/994922925/ Frame BE2F 42 B
135 B 22ms
21ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/994922925/?random=1613411432911&cv=9&fst=1613408400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&data=event%3Dpage_view%3Bdata_psc%3D%3Bdata_lp%3D%3Bdata_red%3D%3Bdata_tfd%3D%3Bdata_pte%3D%3Bdata_oty%3D%3Bdata_pda%3D%3Bdata_st%3Dplatform%3Bdata_ut%3Dfirsttime_visitor%3Bdata_rgid%3D&frm=2&url=https%3A%2F%2Fwww.parship.ch%2Flp%2Fv00%2Faff_c.html%3Fpscode%3D01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID&ref=https%3A%2F%2F0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&tiba=Partnersuche%20mit%20Parship.ch%20%26amp%3Braquo%3B%20Partnerb%C3%B6rse%20Nr.%201%20in%20der%20Schweiz&async=1&fmt=3&is_vtc=1&random=3249961414&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
152 B 41ms
40ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021021001&jk=1962937288070972&bg=!m5ilmNvNAAXRs2QT0TsAKQB2-DxaEtUKMVSxUMVoun3su9g7VLdH4xmfny7YEaj_gJnyu_GRkDMWAgAAAJlSAAAAFGgBBwoAzrblhgDluYFyNadjpIqpnjgWXal2zK0vmewPwKlbUn7jZaxKuWAxBQWg9FEnrgW1Ibr0ZFRcmC7sYD3c-QZe8mOn8h-5VS1Cl9r7ma4n9qwU7mkGWJn-WuGWFg-f_YoNYg1EhSqYAYg_utfNhPbySuZRYxnIzI23ssK6kMqeHGOrnNs3wK60flXa7yUnpr_5FY-Rzoj3T_xvyIUnx6f3lYhrNnNUbJJjjcQNf9znYO1oiOp4NtRVs8eEwwS94lHYxKabdgWAwWJ32MJX-05SmQHLQIqAJXBaPt76EfxT-evGs9IeT_N0s1Ho-7vV3c8tYbN_ch7RzmIeLoMjsHmkuuBqzylmkVA8jJULA0Hd0tNMLkAENDul69bsGxocWqrS0scU3qPi7Q5G1a3vvsijxSqkUb58g4VdwsJLyEE0ODSUjYBc3I1W5sbobvBxg0wJcks4ROiY1Tua8UCvC9IiWUKSpap5iYJd4s5LBDu8CebwSjCYnJC0x_gujM5CTTS4GBqhslg_trcFGhHHgCY4r5Emm7zyRRHQyX-VsjxiyGiBj_AGuIVBg1qEYj1zbrorH0x49vehzZtkbYwFxomC7jUGaRuMXb2rgkDK9iD6Uej8PM6QdAZVeXySRIP6jAW7cC4qevTQ5NBU9iyN9SlnmCr2wRuXzxTcr2oQRkBwsK_YG_RXFkS7Xeo2oE295yvb2fbHPx71Ll0ot4gCxJLqvRd2pdCqIEaYhD3cEliuLZ50i1B4q5w3dIHcmbucd5QLvdvtffb4j7DHLr1Z7PA7U3U8E-FgkFCHJkrfWo9bl51MISxY_k2BfuoXqRY1N2LVDYAFq6Y8s7XnxWJWNMdyOV58m3eQZJKdDV9hb6UiEUkEPLzQ4i6o_3cOxdCQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1069752015/ Frame BE2F 42 B
89 B 22ms
21ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1069752015/?random=1613411432908&cv=9&fst=1613408400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&data=event%3Dpage_view%3Bdata_psc%3D%3Bdata_lp%3D%3Bdata_red%3D%3Bdata_tfd%3D%3Bdata_pte%3D%3Bdata_oty%3D%3Bdata_pda%3D%3Bdata_st%3Dplatform%3Bdata_ut%3Dfirsttime_visitor%3Bdata_rgid%3D&frm=2&url=https%3A%2F%2Fwww.parship.ch%2Flp%2Fv00%2Faff_c.html%3Fpscode%3D01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID&ref=https%3A%2F%2F0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&tiba=Partnersuche%20mit%20Parship.ch%20%26amp%3Braquo%3B%20Partnerb%C3%B6rse%20Nr.%201%20in%20der%20Schweiz&async=1&fmt=3&is_vtc=1&random=3270614080&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1069752015/ Frame BE2F 42 B
89 B 19ms
19ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1069752015/?random=1613411432908&cv=9&fst=1613408400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&data=event%3Dpage_view%3Bdata_psc%3D%3Bdata_lp%3D%3Bdata_red%3D%3Bdata_tfd%3D%3Bdata_pte%3D%3Bdata_oty%3D%3Bdata_pda%3D%3Bdata_st%3Dplatform%3Bdata_ut%3Dfirsttime_visitor%3Bdata_rgid%3D&frm=2&url=https%3A%2F%2Fwww.parship.ch%2Flp%2Fv00%2Faff_c.html%3Fpscode%3D01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID&ref=https%3A%2F%2F0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&tiba=Partnersuche%20mit%20Parship.ch%20%26amp%3Braquo%3B%20Partnerb%C3%B6rse%20Nr.%201%20in%20der%20Schweiz&async=1&fmt=3&is_vtc=1&random=3270614080&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 ping.gif
prd.jwpltx.com/v1/clienta/ 0
64 B 98ms
98ms Image
text/plain 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/clienta/ping.gif?h=-580499387&e=ar&n=0243793488863069&abc=1&aid=R6zixFK%2BEei17gpVuA4vVw&amp=0&ask=3EcmxQFj&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=6&emi=a0gsos5qqze5&i=0&id=AwMtC3La&lsa=fail&mt=1&pbd=1&pbr=1&pgi=1y70rzy16wsh&ph=1&pid=QpiDHIQD&pii=0&pl=146&plc=8&pli=1hqqe62oxfvn&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=TinTheThao.com.vn%20-%20Tin%20t%E1%BB%A9c&pu=https%3A%2F%2Fwww.tinthethao.com.vn%2F&pv=8.18.4&pyc=1&s=0&sdk=0&stc=1&stpe=0&t=Highlights%3A%20Santos%202-0%20Coritiba%20(Th%C3%A1ng%202%2F2021)&tv=3.35.0&vb=1&vi=1&vl=90&wd=260&ab=1&abid=ql3qhc1xp4nd&adi=ql3qhc1xp4nd&apid=ql3qhc1xp4nd&awi=1&awc=1&p=1&pc=0&pi=0&pr=7&vu=pubads.g.doubleclick.net&apt=1&ipv=0.4.0&rtp=%7B%7D&sa=1613411433875
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:33 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-hhn4052-HHN
x-cache: MISS
x-cache-hits: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 6F88 59 KB
7 KB 141ms
140ms XHR
text/xml 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21836418381%2Fembed%2Falwayson%2Fbongda&description_url=https%3A%2F%2Fdugout.com%2Fvideo%2FAwMtC3La&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cmsid=2519125&vid=AwMtC3La&env=vp&correlator=2889672746439624&tfcd=0&npa=0&vpmute=1&gdfp_req=1&output=xml_vast4&sz=640x480&unviewed_position_start=1&cust_params=embedpartner%3Dbongda%26producerpartner%3Dsantos%26ltmaud%3D%26cp%3Dcp-brasileirao%26cl%3Dcl-santos%26ln%3Dln-vi-vietnamese%26bx%3Dbx-highlights%26width%3D260%26height%3D146%26player_size%3Dundefined%26pod%3D1%26type%3Dstd%26audio%3Doff%26mode%3Din_view%26gdpr%3D0%26gdpr_consent%3D%26video_id%3DAwMtC3La%26jwpseg%3D80011001%2C80011004%2C80011005%2C80011006%2C80011013%2C80011014%2C80011023%2C80011028%2C80011031%2C80011034%2C80011036%2C80011039%2C80011040%2C80011041%2C80011042%2C80011043%2C80011044%2C80011051%2C80011060%2C80011064%2C80011073%2C80011074%2C80011075%2CCMTPI-0F6B88DF%2CCMTPI-1D877D46%2CCMTPI-22E50B5E%2CCMTPI-34C3FFB4%2CCMTPI-96D79601%2CCMTPI-9A314C1D%2CCMTPI-9CD676B8%2CCMTPI-A00F8BF3%2CCMTPI-A18B42CA%2CCMTPI-A8DF7807%2CCMTPI-B377C894%2CCMTPI-F05F9C4D&gdpr=0&gdpr_consent&vid_t=Highlights%3A%20Santos%202-0%20Coritiba%20(Thng%202%2F2021)&vpa=auto&sdkv=h.3.440.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&mpt=jwplayer&mpv=8.18.4&adsid=NT&sdki=44d&adk=3403104526&sdk_apis=2%2C8&sid=1790AFE5-1AE2-438D-AD68-308C55D206A6&dlt=1613411426521&idt=2008&dt=1613411433911&cookie=ID%3De87848497c1e141a%3AT%3D1613411428%3AS%3DALNI_MbMsMJdpCqWkz7LIc0nocFVPNNNvA&scor=3510615070751840&ged=ve4_td7_tt6_pd7_la7000_er121.795.267.1055_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

0339b3b036d7684f08d556a3f1c547c376181e15f7ac31f622432adb0e13a8f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6475
x-xss-protection: 0
google-lineitem-id: 5583514277,5513643592,5598989983,5436069019
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138336262440,138327179594,138337696784,138318316911
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
vast.aniview.com/api/adserver61/vast/ Frame 6F88 835 B
1 KB 133ms
106ms XHR
text/xml 2a02:26f0:7100:184::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=5eb7be27791eec2a0f7f2d49&AV_CHANNELID=5fd9db73847657434033e94a&AV_URL=https://www.tinthethao.com.vn/&cb=&AV_WIDTH=640&AV_HEIGHT=480&AV_SCHAIN=&AV_CCPA=&AV_GDPR=0&AV_CONSENT=
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:7100:184::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0dc98ab7a742755230df9083cc4e90f690d4db1b84896aeb59d2daf4808a6fcc

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:34 GMT
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/xml
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 835
expires: Mon, 15 Feb 2021 17:50:34 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6F88 0
331 B 45ms
26ms Other
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kl6vi9pl&c=7636576768508&slotId=3818288384254&qqid=CMO_lvu57O4CFRHhuwgdNDMG7A&gqid=abQqYOKaOaS07_UPnpK-0AE&fb=ima-html5&sdkv=h.3.440.1&ppt=jwplayer&ppv=8.18.4&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=1&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:34 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 6F88 42 B
92 B 47ms
47ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=BwEyUabQqYIPnOZHC7_UPtOaY4A6ilu3zRQAAABABIIe_z3Y4AFiosu-rgwRg9ZXOgeAEsgEVd3d3LnRpbnRoZXRoYW8uY29tLnZuugEJODh4MzFfeG1syAEF2gEeaHR0cHM6Ly93d3cudGludGhldGhhby5jb20udm4vmALcC6kCp_y86MpRtz7AAgLgAgDqAiIvMjE4MzY0MTgzODEvZW1iZWQvYWx3YXlzb24vYm9uZ2Rh-AKC0h6QA4wGmAPQBagDAeAEAdIFBhCl1bbmFJAGAaAGJKgH7NUbqAfz0RuoB5bYG9gHAOAHH9IIBwiAYRABGB3YCAKACgWYCwGADAE&sigh=abXBHeLQ6a4&label=video_ad_loaded&acvw=[VIEWABILITY]&sdkv=h.3.440.1&vci=[CREATIVE_PLAYBACK]

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6F88 0
22 B 65ms
65ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslrisCYET7klpy0axwgxO9XVn10U39m9kUvk2NB7mjA1s8bxyLEDpa1wzKGHUxGVWOO83D3DtoacC1c_iPeJKsGrFH71cds0lbEm4Y8t3ikt7fq7rJjdGZXoDk9JmsZq8r2IlHpE0FL2oR5uNgk9Q7ljrfRHmc3pt-muXPqIrfvSFkj8RgJg0x0xRIUEk9rzQadUTs8ndiXdAJFnMRfdJv64jos2VlYe3mQtKZlkEwprWVyj9moaO8L7V2xzbbmSTtk5sD7--fOmIhOoDUA6cTIK0b3xC-BhhOhYaIy5GibwCDMR0PKmq4r0o1UEr9RpUWuFMIvQ&sig=Cg0ArKJSzOd7RmHYrWAFEAE&sdkv=h.3.440.1&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1ODM1MTQyNzcyDDEzODMzNjI2MjQ0MECTAQpGCAESEHZhc3QuYW5pdmlldy5jb20aBVZQQUlEIAIqBVZQQUlEQIYBUh0lAABwQSgBOgd1bmtub3duQgd1bmtub3duUABgARgB&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 2EA8 50 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cfc379d7559b68dbbb278caadd1c7a8e49a07443bcd27336e434d21e9d6acec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:39:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 15:28:11 GMT
server: sffe
age: 683
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18179
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:54:11 GMT

GET
H2 204 ping.gif
prd.jwpltx.com/v1/clienta/ 0
49 B 99ms
99ms Image
text/plain 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/clienta/ping.gif?h=-639892845&e=al&n=2171138958741328&abc=1&aid=R6zixFK%2BEei17gpVuA4vVw&amp=0&ask=3EcmxQFj&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=6&emi=a0gsos5qqze5&i=0&id=AwMtC3La&lsa=fail&mt=1&pbd=1&pbr=1&pgi=1y70rzy16wsh&ph=1&pid=QpiDHIQD&pii=0&pl=146&plc=8&pli=1hqqe62oxfvn&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=TinTheThao.com.vn%20-%20Tin%20t%E1%BB%A9c&pu=https%3A%2F%2Fwww.tinthethao.com.vn%2F&pv=8.18.4&pyc=1&s=0&sdk=0&stc=1&stpe=0&t=Highlights%3A%20Santos%202-0%20Coritiba%20(Th%C3%A1ng%202%2F2021)&tv=3.35.0&vb=1&vi=1&vl=90&wd=260&ab=1&abid=ql3qhc1xp4nd&adi=ql3qhc1xp4nd&apid=ql3qhc1xp4nd&awi=1&awc=1&p=1&pc=0&pi=0&pr=7&vu=pubads.g.doubleclick.net&sa=1613411434257
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:34 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-hhn4052-HHN
x-cache: MISS
x-cache-hits: 0

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 2EA8 330 KB
94 KB 10ms
8ms Script
application/javascript 2a02:26f0:7100:184::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5eb7be27791eec2a0f7f2d49
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:7100:184::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 53bc4331439f779b215d1e00795e09d2e50d3c6237a801322e7ce352d8d664d6

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:34 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UwmD5uH92E1Wx_lj7MkWkpg-MPtIB8x92lF6npgFOd763btiEmy4jzZZ56AYVCOZ3GoGkNcAGD68eLUqcv2CoYk6wbnVg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 95404
last-modified: Sun, 07 Feb 2021 13:02:01 GMT
server: UploadServer
etag: "186b52340c98abc7ffd7a1f3d898e5b8"
vary: Accept-Encoding
x-goog-hash: crc32c=VsFAlg==, md5=GGtSNAyYq8f/16Hz2JjluA==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1612702921511543
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 95404
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 15 Feb 2021 17:55:34 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 388ms
121ms Image
text/plain 52.45.78.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.tinthethao.com.vn&sn=&ic=0&tgt=1&app=&wi=640&he=480&test=&apppkg=&fv=1&proto=https&pid=5eb7be27791eec2a0f7f2d49&cid=5fd9db73847657434033e94a&e=inventory&vi=100&cb=1613411434338
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.78.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:34 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
gov.aniview.com/api/adserver/tag/ 6 KB
2 KB 453ms
158ms XHR
application/json 18.211.56.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gov.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.tinthethao.com.vn%2F&AV_SCHAIN=&AV_CCPA=&AV_GDPR=0&AV_CONSENT=&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5eb7be27791eec2a0f7f2d49&AV_CHANNELID=5fd9db73847657434033e94a&format=json&tgt=1&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=[AVC_ABT]&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.tinthethao.com.vn&AV_DADPOS=1&v=6.1.1.243&avtoken=434337&AV_WIDTH=640&AV_HEIGHT=480&cb=1613411434360
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5eb7be27791eec2a0f7f2d49
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.56.72 Fort Worth, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-56-72.compute-1.amazonaws.com
Software: /
Resource Hash: db165c879c476f6dde29ecb57f8bfb5eff1678c844694722bdc051d26d2edd03

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:34 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.tinthethao.com.vn
cache-control: no-cache
access-control-allow-credentials: true
expires: Thu, 04 Feb 2021 04:03:54 GMT

GET
DATA 200
OK truncated
/ 577 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK /
eum-eu-west-1.instana.io/ Frame BE2F 0
190 B 200ms
50ms Other
text/plain 52.48.123.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eum-eu-west-1.instana.io/
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.123.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Mon, 15 Feb 2021 17:50:34 GMT
Cache-Control: no-cache, no-store
Connection: keep-alive
timing-allow-origin: *
Content-Length: 0

GET
H2 200 c21f969b5f03d33d43e04f8f136e7682.min.js Show response
ss.yomedia.vn/sites/ 348 KB
116 KB 2394ms
2393ms Script
application/javascript 222.255.217.231
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://ss.yomedia.vn/sites/c21f969b5f03d33d43e04f8f136e7682.min.js
Requested by: Host: ss.yomedia.vn
URL: https://ss.yomedia.vn/js/1/160/ads.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 222.255.217.231 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: nginx /
Resource Hash: 82d5c7430883ba8663679b5a21b77acc686dfd23176026f2a60a12f975d0853c

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:39:54 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 10:03:53 GMT
server: nginx
etag: W/"5d0cab89-571ec"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public
expires: Tue, 16 Feb 2021 17:39:54 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 844 B
771 B 27ms
26ms XHR
text/xml 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=&adtagurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-video-pub-6968738577620513%26slotname%3DSPM_Streamlyn_bongda.com.vn_Desktop_Video_High_VAST%26ad_type%3Dvideo_text_image%26description_url%3Dhttp%253A%252F%252Fbongda.com.vn%26max_ad_duration%3D30000%26videoad_start_delay%3D0%26vpmute%3D0%26vpa%3Dclick

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5eb7be27791eec2a0f7f2d49

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a11c67e2a4dd13714a3edd0101052896ee090c08be63c40bc3c9468466f749d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://www.tinthethao.com.vn
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 531
x-xss-protection: 0

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 844 B
589 B 127ms
127ms XHR
text/xml 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=&adtagurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-video-pub-9035087792692775%26slotname%3Dsl_bongda.com.vn_vast_dsk%26ad_type%3Dvideo_text_image%26description_url%3Dhttps%253A%252F%252Fwww.bongda.com.vn%252F%26max_ad_duration%3D30000%26sdmax%3D30000%26videoad_start_delay%3D0%26vpmute%3D0%26vpa%3Dclick

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5eb7be27791eec2a0f7f2d49

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48181a8d27eb9df4c0fd940dee0b74eceaf5a74d38a468a383611701785ee225

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://www.tinthethao.com.vn
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 520
x-xss-protection: 0

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 888 B
622 B 127ms
127ms XHR
text/xml 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=201168404241949151&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21871596757%2FVID-3bongda.com.vn-640x360%26description_url%3Dhttp%253A%252F%252Fbongda.com.vn%26tfcd%3D0%26npa%3D0%26sz%3D640x360%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3Dclick%26type%3Djs%26vad_type%3Dlinear&cbb=3411434820

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5eb7be27791eec2a0f7f2d49

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfd894018e1d40f9cfe5ca6db1279fd64e97a525497cd2505571565b6946d31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://www.tinthethao.com.vn
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 552
x-xss-protection: 0

GET

pixel
cm.g.doubleclick.net/
Redirect Chain

https://streamlyn-d.openx.net/v/1.0/av?auid=543846815&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821&vwd=640&vht=480
https://streamlyn-d.openx.net/v/1.0/av?cc=1&auid=543846815&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821&vwd=640&vht=480
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

0
0

GET
H/1.1 200
OK vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 933 B
1 KB 106ms
35ms XHR
application/xml 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5eb7be27791eec2a0f7f2d49
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 059776a7d8a81824dcbedbdd3c140be19c504759946203f60ad391b8e9a59ed7

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:34 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
ETag: "461ced-23ca-5b1869b8fc7b9"
Vary: Origin, Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.tinthethao.com.vn
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 569
Expires: Mon, 15 Feb 2021 17:50:34 GMT

GET

pixel
cm.g.doubleclick.net/
Redirect Chain

https://streamlyn-d.openx.net/v/1.0/av?auid=543846812&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821&vwd=640&vht=480
https://streamlyn-d.openx.net/v/1.0/av?cc=1&auid=543846812&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821&vwd=640&vht=480
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTE1YzA3NzUtNjgyNi02MjE1LTYzZDEtYWU2YTZjZjk3MGYx

0
0

GET
H2 200 track
track1.aniview.com/ 0
70 B 120ms
119ms Image
text/plain 52.45.78.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=OSX&r=www.tinthethao.com.vn&rs=www.tinthethao.com.vn&sid=86049&t=1613411434&cip=185.156.175.107&sn=&tgt=1&osv=10.14.5&bv=83.0&brn=Chrome&wi=640&he=480&app=&AV_PUBLISHERID=5eb7be27791eec2a0f7f2d49&test=&aafaid=&proto=https&uid=1613411434719-975010720431-020425-003-001303&cha=0.1&cb=20116840424&d9=0000&AV_WIDTH=640&AV_HEIGHT=480&nid=5eb7be27791eec2a0f7f2d49&ncid=5fd9db73847657434033e94a&e=request&cb=1613411434822&asid=5fd9e2178a66fa190c71bdd2%2C5ffd57822c6d67220671ebb6%2C5fdaf8da8ef2fb54d7195677%2C5fdf5890074c253abc53a42e%2C5fdb0f312d6af540550467f8%2C5fdf587c7cf63919144022f8&ofpr=%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.78.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:34 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2

200

av Show response
streamlyn-d.openx.net/v/1.0/
Redirect Chain

https://streamlyn-d.openx.net/v/1.0/av?auid=543846812&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821&vwd=640&vht=480
https://streamlyn-d.openx.net/v/1.0/av?cc=1&auid=543846812&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821&vwd=640&vht=480

48 B
332 B

45ms
45ms

XHR
text/xml

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://streamlyn-d.openx.net/v/1.0/av?cc=1&auid=543846812&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821&vwd=640&vht=480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:35 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tinthethao.com.vn
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 15 Feb 2021 17:50:35 GMT
via: 1.1 google
server: OXGW/16.202.0
location: https://streamlyn-d.openx.net/v/1.0/av?cc=1&auid=543846812&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821&vwd=640&vht=480
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tinthethao.com.vn
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2

200

av Show response
streamlyn-d.openx.net/v/1.0/
Redirect Chain

https://streamlyn-d.openx.net/v/1.0/av?auid=543846815&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821&vwd=640&vht=480
https://streamlyn-d.openx.net/v/1.0/av?cc=1&auid=543846815&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821&vwd=640&vht=480

48 B
248 B

45ms
44ms

XHR
text/xml

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://streamlyn-d.openx.net/v/1.0/av?cc=1&auid=543846815&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821&vwd=640&vht=480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:35 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tinthethao.com.vn
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 15 Feb 2021 17:50:35 GMT
via: 1.1 google
server: OXGW/16.202.0
location: https://streamlyn-d.openx.net/v/1.0/av?cc=1&auid=543846815&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821&vwd=640&vht=480
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tinthethao.com.vn
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 124ms
124ms Image
text/plain 52.45.78.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=OSX&r=www.tinthethao.com.vn&rs=www.tinthethao.com.vn&sid=86049&t=1613411434&cip=185.156.175.107&sn=&tgt=1&osv=10.14.5&bv=83.0&brn=Chrome&wi=640&he=480&app=&AV_PUBLISHERID=5eb7be27791eec2a0f7f2d49&test=&aafaid=&proto=https&uid=1613411434719-975010720431-020425-003-001303&cha=0.1&cb=20116840424&d9=0000&AV_WIDTH=640&AV_HEIGHT=480&nid=5eb7be27791eec2a0f7f2d49&ncid=5fd9db73847657434033e94a&e=bid&cb=1613411435130&asid=5fd9e2178a66fa190c71bdd2%2C5fdb0f312d6af540550467f8%2C5ffd57822c6d67220671ebb6%2C5fdaf8da8ef2fb54d7195677&ofpr=%2C%2C%2C&fpo=%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.78.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:35 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 34BF 41 KB
15 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/21871596757/VID-3bongda.com.vn-640x360%26description_url%3Dhttp%253A%252F%252Fbongda.com.vn%26tfcd%3D0%26npa%3D0%26sz%3D640x360%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3Dclick%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp&correlator=201168404241949151

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5eb7be27791eec2a0f7f2d49

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c167c4f40ef6b82992282db580e857b5faf13028ec44ffdd976315e8e8dc7ad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 15:28:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15171
x-xss-protection: 0
expires: Mon, 15 Feb 2021 18:05:35 GMT

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame DD7A 41 KB
15 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-video-pub-6968738577620513%26slotname%3DSPM_Streamlyn_bongda.com.vn_Desktop_Video_High_VAST%26ad_type%3Dvideo_text_image%26description_url%3Dhttp%253A%252F%252Fbongda.com.vn%26max_ad_duration%3D30000%26videoad_start_delay%3D0%26vpmute%3D0%26vpa%3Dclick%26channel%3Dvastadp

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5eb7be27791eec2a0f7f2d49

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c167c4f40ef6b82992282db580e857b5faf13028ec44ffdd976315e8e8dc7ad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 15:28:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15171
x-xss-protection: 0
expires: Mon, 15 Feb 2021 18:05:35 GMT

GET
H3-Q050 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 34BF 325 KB
112 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/21871596757/VID-3bongda.com.vn-640x360%26description_url%3Dhttp%253A%252F%252Fbongda.com.vn%26tfcd%3D0%26npa%3D0%26sz%3D640x360%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3Dclick%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp&correlator=201168404241949151

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aad1cfaa43542e25f6a2959cc6fd270c103e4b8346a4130292019f5922332998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114573
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:35 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 34BF 0
58 B 39ms
38ms Other
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.1142360785103389&wt=1613411435206&sdkv=h.3.440.1&xai=undefined&url=1,https%3A%2F%2Fwww.tinthethao.com.vn%2F$0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame DD7A 325 KB
112 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-video-pub-6968738577620513%26slotname%3DSPM_Streamlyn_bongda.com.vn_Desktop_Video_High_VAST%26ad_type%3Dvideo_text_image%26description_url%3Dhttp%253A%252F%252Fbongda.com.vn%26max_ad_duration%3D30000%26videoad_start_delay%3D0%26vpmute%3D0%26vpa%3Dclick%26channel%3Dvastadp

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aad1cfaa43542e25f6a2959cc6fd270c103e4b8346a4130292019f5922332998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114573
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:35 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DD7A 0
56 B 39ms
39ms Other
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.5899277803119103&wt=1613411435218&sdkv=h.3.440.1&xai=undefined&url=1,https%3A%2F%2Fwww.tinthethao.com.vn%2F$0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 bridge3.440.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 761F 577 KB
188 KB 7ms
7ms Document
text/html 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cde6d423561ad924a17fb17192a2d1335d409fb5ca2196bdb0bc695be8255dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.440.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tinthethao.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tinthethao.com.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192913
date: Fri, 12 Feb 2021 01:38:12 GMT
expires: Sat, 12 Feb 2022 01:38:12 GMT
last-modified: Fri, 12 Feb 2021 01:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 317543
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 34BF 26 KB
10 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10523
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 34BF 109 B
169 B 29ms
27ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tinthethao.com.vn

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 bridge3.440.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 79A9 577 KB
188 KB 7ms
6ms Document
text/html 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cde6d423561ad924a17fb17192a2d1335d409fb5ca2196bdb0bc695be8255dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.440.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tinthethao.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tinthethao.com.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192913
date: Fri, 12 Feb 2021 01:38:12 GMT
expires: Sat, 12 Feb 2022 01:38:12 GMT
last-modified: Fri, 12 Feb 2021 01:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 317543
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame DD7A 26 KB
10 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10523
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame DD7A 109 B
169 B 28ms
27ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tinthethao.com.vn

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 761F 156 B
196 B 142ms
142ms XHR
text/xml 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21871596757%2FVID-3bongda.com.vn-640x360&description_url=http%3A%2F%2Fbongda.com.vn&tfcd=0&npa=0&sz=640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&vpos=preroll&vpmute=0&vpa=click&type=js&vad_type=linear&channel=vastadp%2Bvpaidadp_html5&sdkv=h.3.440.1%2Fvpaid_adapter&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&adsid=NT&sdki=44d&adk=157359535&sdk_apis=2%2C8&sid=64CF4BB9-4B8E-4020-8536-FD5B83182101&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&eid=44736621&dt=1613411435516&cookie_enabled=1&correlator=201168404241949150&scor=4329757908801563&ged=ve4_td1_tt1_pd1_la1000_er121.795.601.1435_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 79A9 156 B
252 B 104ms
104ms XHR
text/xml 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-6968738577620513&slotname=SPM_Streamlyn_bongda.com.vn_Desktop_Video_High_VAST&ad_type=video_text_image&description_url=http%3A%2F%2Fbongda.com.vn&max_ad_duration=33000&videoad_start_delay=0&vpmute=0&vpa=click&channel=vastadp%2Bvpaidadp_html5&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.440.1%2Fvpaid_adapter&video_product_type=0&min_ad_duration=0&sz=640x480&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&ea=0&image_size=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&num_ads=3&t_pyv=allow&video_format=43&is_amp=0&u_so=l&adsid=NT&sdki=44d&adk=1144981955&sdk_apis=2%2C8&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&eid=44725355%2C44729226&dt=1613411435576&correlator=4314806116072040&ad_block=1&ged=ve4_td1_tt1_pd1_la1000_er121.795.601.1435_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H3-Q050 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame C6DF 41 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-video-pub-9035087792692775%26slotname%3Dsl_bongda.com.vn_vast_dsk%26ad_type%3Dvideo_text_image%26description_url%3Dhttps%253A%252F%252Fwww.bongda.com.vn%252F%26max_ad_duration%3D30000%26sdmax%3D30000%26videoad_start_delay%3D0%26vpmute%3D0%26vpa%3Dclick%26channel%3Dvastadp

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5eb7be27791eec2a0f7f2d49

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c167c4f40ef6b82992282db580e857b5faf13028ec44ffdd976315e8e8dc7ad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 15:28:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15171
x-xss-protection: 0
expires: Mon, 15 Feb 2021 18:05:35 GMT

GET
H/1.1 200
OK PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 508D 150 KB
35 KB 50ms
43ms Script
text/javascript 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5eb7be27791eec2a0f7f2d49
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 07:24:19 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1408294-257f0-5b82218515d54"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=10800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35684

GET
H3-Q050 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame C6DF 325 KB
112 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-video-pub-9035087792692775%26slotname%3Dsl_bongda.com.vn_vast_dsk%26ad_type%3Dvideo_text_image%26description_url%3Dhttps%253A%252F%252Fwww.bongda.com.vn%252F%26max_ad_duration%3D30000%26sdmax%3D30000%26videoad_start_delay%3D0%26vpmute%3D0%26vpa%3Dclick%26channel%3Dvastadp

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aad1cfaa43542e25f6a2959cc6fd270c103e4b8346a4130292019f5922332998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114573
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:35 GMT

POST
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6DF 0
27 B 40ms
39ms Other
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.22651632058169313&wt=1613411435738&sdkv=h.3.440.1&xai=undefined&url=1,https%3A%2F%2Fwww.tinthethao.com.vn%2F$0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-video-pub-9035087792692775%26slotname%3Dsl_bongda.com.vn_vast_dsk%26ad_type%3Dvideo_text_image%26description_url%3Dhttps%253A%252F%252Fwww.bongda.com.vn%252F%26max_ad_duration%3D30000%26sdmax%3D30000%26videoad_start_delay%3D0%26vpmute%3D0%26vpa%3Dclick%26channel%3Dvastadp

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 8A90 37 KB
14 KB 86ms
31ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.tinthethao.com.vn/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tinthethao.com.vn/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=102356
Expires: Tue, 16 Feb 2021 22:16:31 GMT
Date: Mon, 15 Feb 2021 17:50:35 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 508D 37 KB
14 KB 88ms
31ms Script
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "13006b6-94f8-5b232eca8cf5e"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=102356
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 13837
Expires: Tue, 16 Feb 2021 22:16:31 GMT

GET
H3-Q050 200 bridge3.440.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5015 577 KB
188 KB 7ms
6ms Document
text/html 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cde6d423561ad924a17fb17192a2d1335d409fb5ca2196bdb0bc695be8255dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.440.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tinthethao.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tinthethao.com.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192913
date: Fri, 12 Feb 2021 01:38:12 GMT
expires: Sat, 12 Feb 2022 01:38:12 GMT
last-modified: Fri, 12 Feb 2021 01:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 317543
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame C6DF 26 KB
10 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10523
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:35 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame C6DF 109 B
781 B 55ms
41ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tinthethao.com.vn

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 8A90 5 KB
6 KB 124ms
30ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31622935&p=156957&s=789540&a=3409401&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 90f423f7f7c23d28e39caa0ddcb66acbf53988a22bd44e4eb55a524a934169f8

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:36 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5015 156 B
210 B 94ms
94ms XHR
text/xml 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-9035087792692775&slotname=sl_bongda.com.vn_vast_dsk&ad_type=video_text_image&description_url=https%3A%2F%2Fwww.bongda.com.vn%2F&max_ad_duration=33000&sdmax=33000&videoad_start_delay=0&vpmute=0&vpa=click&channel=vastadp%2Bvpaidadp_html5&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.440.1%2Fvpaid_adapter&video_product_type=0&min_ad_duration=0&sz=640x480&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&ea=0&image_size=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&num_ads=3&t_pyv=allow&video_format=43&is_amp=0&u_so=l&adsid=NT&sdki=44d&adk=2065949479&sdk_apis=2%2C8&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&eid=44715336%2C44729227&dlt=1613411435676&idt=268&dt=1613411435972&correlator=1308873817826924&ad_block=1&ged=ve4_td0_tt0_pd0_la0_er121.795.601.1435_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 77CD 43 B
284 B 122ms
41ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31622935&p=156957&s=789540&a=3409401&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/showad.js?
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js?

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Mon, 15 Feb 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1240
date: Mon, 15 Feb 2021 17:50:35 GMT
content-length: 43

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 417F
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9201024776293087844

42 B
849 B

39ms
39ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9201024776293087844
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31622935&p=156957&s=789540&a=3409401&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js?
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156957:2; KADUSERCOOKIE=1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F; chkChromeAb67Sec=1; DPSync3=1614556800%3A226_221_201_227; SyncRTB3=1614211200%3A63%7C1615939200%3A203%7C1613952000%3A2_15%7C1614643200%3A35%7C1614556800%3A8_166_55_81_21_22_3_13_54_7_223_220_161_56_71; KRTBCOOKIE_80=16514-CAESEKax3F9Oa0mYOvoMTJf4TFg&KRTB&22987-CAESEKax3F9Oa0mYOvoMTJf4TFg&KRTB&23025-CAESEKax3F9Oa0mYOvoMTJf4TFg; PugT=1613411436; PUBMDCID=3; KRTBCOOKIE_153=19420-Qh5PTRYaS09ZH0VJQRpQHUxLHkhZGUkUEUhQxR_j&KRTB&22979-Qh5PTRYaS09ZH0VJQRpQHUxLHkhZGUkUEUhQxR_j; KRTBCOOKIE_57=22776-145551011583213373
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js?

Response headers

Date: Mon, 15 Feb 2021 17:50:36 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Set-Cookie: KRTBCOOKIE_336=5844-9201024776293087844; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 17-Mar-2021 17:50:36 GMT; path=/ PugT=1613411436; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 17-Mar-2021 17:50:36 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 16-May-2021 17:50:36 GMT; path=/
X-lat: Pug22072:0:357
Content-Length: 42
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
X-Cnection: close
Content-Type: image/gif; charset=utf-8

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9201024776293087844
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET

redir
rtb-csync.smartadserver.com/ Frame 4196
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCZEpVN0FWV2tBQUJCUkcwZ0JtQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABdJU7AVWkAABBRG0gBmA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABdJU7AVWkAABBRG0gBmA&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABdJU7AVWkAABBRG0gBmA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...

0
0

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame C868
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6929549352618293398

42 B
850 B

126ms
35ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6929549352618293398
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31622935&p=156957&s=789540&a=3409401&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js?
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156957:2; KADUSERCOOKIE=1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F; chkChromeAb67Sec=1; DPSync3=1614556800%3A226_221_201_227; SyncRTB3=1614211200%3A63%7C1615939200%3A203%7C1613952000%3A2_15%7C1614643200%3A35%7C1614556800%3A8_166_55_81_21_22_3_13_54_7_223_220_161_56_71
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js?

Response headers

Date: Mon, 15 Feb 2021 17:50:36 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie: KRTBCOOKIE_1101=23040-6929549352618293398; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 17-Mar-2021 17:50:36 GMT; path=/ PugT=1613411436; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 17-Mar-2021 17:50:36 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 16-May-2021 17:50:36 GMT; path=/
X-lat: Pug22011:0:772
Content-Length: 42
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
X-Cnection: close
Content-Type: image/gif; charset=utf-8

Redirect headers

Server: nginx
Date: Mon, 15 Feb 2021 17:50:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6929549352618293398; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6929549352618293398

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8A90
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HBzvPTt8Tfqcm63NPvXxbw%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

28ms
27ms

Image
text/html

184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=93738
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Tue, 16 Feb 2021 19:52:54 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 8A90 95 B
596 B 45ms
27ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:36 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6220df435e724aaa-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 084869de1900004aaa2e3f9000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 8A90
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

44ms
44ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:33 GMT
frontend-id: 8
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:33 GMT
frontend-id: 15
location: /pubmatic/1/info2?sType=sync&sExtCookieId=1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame 8A90
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F&addseg=31

7 B
147 B

139ms
42ms

Image
text/plain

185.64.190.106
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F&addseg=31
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.190.106 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:36 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Mon, 15 Feb 2021 17:50:36 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F&addseg=31
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 8A90
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUMxQ0VGM0QtM0I3Qy00REZBLTlDOUItQURDRDNFRjVGMTZG&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
585 B

121ms
31ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:36 GMT
X-lat: Pug22042:0:492
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 8A90
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKax3F9Oa0mYOvoMTJf4TFg&google_cver=1

42 B
935 B

124ms
31ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKax3F9Oa0mYOvoMTJf4TFg&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:36 GMT
X-lat: Pug22057:0:549
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKax3F9Oa0mYOvoMTJf4TFg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 8A90 43 B
611 B 97ms
30ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 14 Feb 2021 17:50:36 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 8A90
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ede5ef4c-7e32-4781-8c9f-a65a1f047f64

42 B
962 B

87ms
31ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ede5ef4c-7e32-4781-8c9f-a65a1f047f64
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:36 GMT
X-lat: Pug22062:0:384
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:36 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ede5ef4c-7e32-4781-8c9f-a65a1f047f64
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 8A90
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3746267366854243092

42 B
850 B

95ms
31ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3746267366854243092
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:34 GMT
X-lat: Pug22076:0:267
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:36 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3746267366854243092
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 8A90
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:0b79602a-b46b-4100-a815-f1e6342bbdfa&gdpr=0&gdpr_consent=

42 B
1 KB

130ms
37ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:0b79602a-b46b-4100-a815-f1e6342bbdfa&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:36 GMT
X-lat: Pug22025:0:524
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Mon, 15 Feb 2021 17:50:39 GMT
Server: MT3 3518 2f03077 master zrh-pixel-x4
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:0b79602a-b46b-4100-a815-f1e6342bbdfa&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 15 Feb 2021 17:50:38 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 8A90
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=145551011583213373&gdpr=0&gdpr_consent=

42 B
848 B

49ms
30ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=145551011583213373&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:36 GMT
X-lat: Pug22068:0:408
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:36 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.49:80
AN-X-Request-Uuid: 2909e2ba-dcef-42cf-8d49-a6296e18a855
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=145551011583213373&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

SPug
image4.pubmatic.com/AdServer/ Frame 8A90
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-PuzSzyh1l2Kqf..48L0VF1Zd9bTsIbU-&gdpr=0&gdpr_consent=

0
0

GET
H2 200 1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 8A90 43 B
841 B 107ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:36 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 8A90
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Qh5PTRYaS09ZH0VJQRpQHUxLHkhZGUkUEUhQxR_j

42 B
923 B

108ms
31ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Qh5PTRYaS09ZH0VJQRpQHUxLHkhZGUkUEUhQxR_j
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:36 GMT
X-lat: Pug22016:0:505
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:36 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Qh5PTRYaS09ZH0VJQRpQHUxLHkhZGUkUEUhQxR_j
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 8A90
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=9808dcd5-dd83-4dd4-9bf9-324caedc58e5&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d7c38010-3261-4f3a-9b5a-f4ec7ea9bf60&gdpr=&gdpr_consent=&gdpr_pd=

1 B
824 B

32ms
31ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d7c38010-3261-4f3a-9b5a-f4ec7ea9bf60&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:36 GMT
X-lat: Pug22014:0:767
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d7c38010-3261-4f3a-9b5a-f4ec7ea9bf60&gdpr=&gdpr_consent=&gdpr_pd=
date: Mon, 15 Feb 2021 17:50:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 8A90
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3211985724993871071&gdpr=0&gdpr_consent=&us_privacy=

1 B
807 B

97ms
31ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3211985724993871071&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:36 GMT
X-lat: Pug22060:0:379
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3211985724993871071&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Mon, 15 Feb 2021 17:50:35 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 8A90
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YCq0bAAAAI6NojoG&gdpr=0&gdpr_consent=&_test=YCq0bAAAAI6NojoG

1 B
889 B

32ms
31ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YCq0bAAAAI6NojoG&gdpr=0&gdpr_consent=&_test=YCq0bAAAAI6NojoG
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:36 GMT
X-lat: Pug22023:0:570
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:36 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1613411436.415253,VS0,VE0
x-served-by: cache-hhn4048-HHN
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YCq0bAAAAI6NojoG&gdpr=0&gdpr_consent=&_test=YCq0bAAAAI6NojoG
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 8A90
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=356e956c-836d-428c-a81a-a80a3f2509ed-602ab46c-4348&gdpr=0&gdpr_consent=

42 B
880 B

32ms
32ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=356e956c-836d-428c-a81a-a80a3f2509ed-602ab46c-4348&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:36 GMT
X-lat: Pug22039:0:517
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:36 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=356e956c-836d-428c-a81a-a80a3f2509ed-602ab46c-4348&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 8A90
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:6ab9927d-b837-4e39-a30a-5d8abb85ea46&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
585 B

31ms
31ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:6ab9927d-b837-4e39-a30a-5d8abb85ea46&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:36 GMT
X-lat: Pug22059:0:385
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:6ab9927d-b837-4e39-a30a-5d8abb85ea46&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Mon, 15 Feb 2021 17:50:36 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 8A90 0
104 B 99ms
65ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=1C1CEF3D-3B7C-4DFA-9C9B-ADCD3EF5F16F&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:36 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1 200
OK AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame 508D 27 B
884 B 416ms
295ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+7+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=1613411435780&us_privacy=&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.tinthethao.com.vn%252F&screenResolution=1600x1200&kdntuid=1&vwndh=480&vwndw=640&vwndurl=https%253A%252F%252Fwww.tinthethao.com.vn%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-2-15%2018:50:36&ranreq=0.29293021547926323&timezone=1&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:36 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin: https://www.tinthethao.com.vn
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
X-Vdbg: 1:0/165:-1
Content-Type: application/xml; charset=utf-8

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 355ms
119ms XHR
text/plain 52.45.78.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=OSX&r=www.tinthethao.com.vn&rs=www.tinthethao.com.vn&sid=86049&t=1613411434&cip=185.156.175.107&sn=&tgt=1&osv=10.14.5&bv=83.0&brn=Chrome&wi=640&he=480&app=&AV_PUBLISHERID=5eb7be27791eec2a0f7f2d49&test=&aafaid=&proto=https&uid=1613411434719-975010720431-020425-003-001303&cha=0.1&cb=20116840424&d9=0000&AV_WIDTH=640&AV_HEIGHT=480
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5eb7be27791eec2a0f7f2d49
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.78.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 15 Feb 2021 17:50:37 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET track
aktrack.pubmatic.com/ Frame 508D 0
0

GET
H/1.1 200
OK track
aktrack.pubmatic.com/ 0
124 B 77ms
26ms Image
text/html 104.84.56.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156957&s=789540&a=3409401&ts=1613411434&wa=0&e=96&ier=901
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.84.56.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:36 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: text/html

GET
H3-Q050 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 6F88 42 B
89 B 47ms
47ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=BwEyUabQqYIPnOZHC7_UPtOaY4A6ilu3zRQAAABABIIe_z3Y4AFiosu-rgwRg9ZXOgeAEsgEVd3d3LnRpbnRoZXRoYW8uY29tLnZuugEJODh4MzFfeG1syAEF2gEeaHR0cHM6Ly93d3cudGludGhldGhhby5jb20udm4vmALcC6kCp_y86MpRtz7AAgLgAgDqAiIvMjE4MzY0MTgzODEvZW1iZWQvYWx3YXlzb24vYm9uZ2Rh-AKC0h6QA4wGmAPQBagDAeAEAdIFBhCl1bbmFJAGAaAGJKgH7NUbqAfz0RuoB5bYG9gHAOAHH9IIBwiAYRABGB3YCAKACgWYCwGADAE&sigh=abXBHeLQ6a4&label=videoplayfailed901&acvw=&sdkv=h.3.440.1&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1ODM1MTQyNzcyDDEzODMzNjI2MjQ0MECTAQpLCAESEHZhc3QuYW5pdmlldy5jb20aBVZQQUlEIAIqBVZQQUlEQIYBUiIQBCUAAHBBKAE6B3Vua25vd25CB3Vua25vd25IshNQAGABGAE.

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adv Show response
grid.bidswitch.net/ Frame 6F88 1 KB
1 KB 120ms
31ms XHR
text/xml 18.159.228.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/adv?auid=5466&r=1361395169&u=https://www.tinthethao.com.vn/&jwpseg=80011001,80011004,80011005,80011006,80011013,80011014,80011023,80011028,80011031,80011034,80011036,80011039,80011040,80011041,80011042,80011043,80011044,80011051,80011060,80011064,80011073,80011074,80011075,CMTPI-0F6B88DF,CMTPI-1D877D46,CMTPI-22E50B5E,CMTPI-34C3FFB4,CMTPI-96D79601,CMTPI-9A314C1D,CMTPI-9CD676B8,CMTPI-A00F8BF3,CMTPI-A18B42CA,CMTPI-A8DF7807,CMTPI-B377C894,CMTPI-F05F9C4D
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.228.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c00083536895cc24bb0f25a9c9628843bd44400a5984a7bfed6cede2ae3d35db

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:36 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml; charset=UTF-8;
Content-Length: 1035

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 320ms
118ms XHR
text/plain 52.45.78.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=OSX&r=www.tinthethao.com.vn&rs=www.tinthethao.com.vn&sid=86049&t=1613411434&cip=185.156.175.107&sn=&tgt=1&osv=10.14.5&bv=83.0&brn=Chrome&wi=640&he=480&app=&AV_PUBLISHERID=5eb7be27791eec2a0f7f2d49&test=&aafaid=&proto=https&uid=1613411434719-975010720431-020425-003-001303&cha=0.1&cb=20116840424&d9=0000&AV_WIDTH=640&AV_HEIGHT=480
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5eb7be27791eec2a0f7f2d49
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.78.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 15 Feb 2021 17:50:37 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
DATA 200
OK truncated
/ Frame 6F88 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-Q050 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 6F88 42 B
66 B 48ms
47ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B1OhFarQqYJHCAZHC7_UPtOaY4A6JmY3xRQAAABABIIe_z3Y4AFjKgsWngwRg9ZXOgeAEsgEVd3d3LnRpbnRoZXRoYW8uY29tLnZuugEJODh4MzFfeG1syAEF2gEeaHR0cHM6Ly93d3cudGludGhldGhhby5jb20udm4vmAK3CKkCp_y86MpRtz7AAgLgAgDqAiIvMjE4MzY0MTgzODEvZW1iZWQvYWx3YXlzb24vYm9uZ2Rh-AKC0h6QA4wGmAPQBagDAdAEkE7gBAHSBQYQyIyOxRSQBgGgBiSoB-zVG6gH89EbqAeW2BvYBwDgBx_SCAcIgGEQARgd2AgCgAoFmAsBgAwB&sigh=ASjmpVOChAw&label=videoplayfailed303&acvw=[VIEWABILITY]&sdkv=h.3.440.1&vci=Ck4IAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1MTM2NDM1OTJAkwFSGSUAAKBBOgd1bmtub3duQgd1bmtub3duUAAYAQ..

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vast.xml Show response
video-ads.rubiconproject.com/video/16106/297052/1497156/201/ Frame 6F88 2 KB
2 KB 98ms
32ms XHR
text/xml 23.67.134.226
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://video-ads.rubiconproject.com/video/16106/297052/1497156/201/vast.xml?tg_c.language=en&p_aso.video.api=2&adtype=video&p_aso.video.ext.skip=&p_aso.video.ext.skipdelay=&p_aso.video.maxduration=&p_aso.video.protocols=
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.134.226 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash: 2e048f56182b1ee3e478b98d44a85a323de8e791f7f4c432e783ff159720a821

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:36 GMT
Content-Encoding: gzip
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: text/xml
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 966
Expires: Mon, 15 Feb 2021 17:50:36 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6F88 0
54 B 26ms
26ms Other
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kl6vie45&c=7636576768508&slotId=3818288384254&qqid=CMO_lvu57O4CFRHhuwgdNDMG7A&gqid=abQqYOKaOaS07_UPnpK-0AE&fb=ima-html5&sdkv=h.3.440.1&ppt=jwplayer&ppv=8.18.4&mrd=4&aab=1&itv=1&met.4=err.kl6vig14&aec=901&vmfc=3
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:36 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 6F88 42 B
66 B 47ms
47ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=BcEAyarQqYJLCAZHC7_UPtOaY4A7kqYX1RQAAABABIIe_z3Y4AFiQ-MasgwRg9ZXOgeAEsgEVd3d3LnRpbnRoZXRoYW8uY29tLnZuugEJODh4MzFfeG1syAEF2gEeaHR0cHM6Ly93d3cudGludGhldGhhby5jb20udm4vmAKEB6kCp_y86MpRtz7AAgLgAgDqAiIvMjE4MzY0MTgzODEvZW1iZWQvYWx3YXlzb24vYm9uZ2Rh-AKC0h6QA4wGmAPQBagDAeAEAdIFBhCfneftFJAGAaAGJKgH7NUbqAfz0RuoB5bYG9gHAOAHH9IIBwiAYRABGB3YCAKACgWYCwGADAE&sigh=7DJjuSCBTiY&label=video_ad_loaded&acvw=[VIEWABILITY]&sdkv=h.3.440.1&vci=[CREATIVE_PLAYBACK]

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6F88 0
73 B 61ms
61ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHfALsKmsg9lkePBzpS5LKwH21Qd4bg2Yxc1_bRavaezcAkCBYehd_YmcbSzMgNAnVFIJg2RrX_pKct3fex2D-ssd-EAHe8WQNSXfBGvzOjNxXbGjlgGAkH5i6Cf6PcsXTvasZ_415_HBDNlnJ4rHV_C9oviw43lEqxn2h1qXFPhcuIFdxmsYyVoyD_PQ7WQD5YSShx9izyAuzHixiIcKXMgGFiSeJ4v7zxMkdGCrsrf5ks543Q7VGwTzbZWZFbYmDevS0o2BeLFONDnzCHQkpl8Q3KFwLg5RZsxCEWqf-j6U6cWRte4nBTycQqEy2tw7GwNRqDw&sig=Cg0ArKJSzG9Sjzv2zQziEAE&sdkv=h.3.440.1&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1OTg5ODk5ODMyDDEzODMzNzY5Njc4NECTAQpPCAESHHZpZGVvLWFkcy5ydWJpY29ucHJvamVjdC5jb20aB1J1Ymljb24gAioBMUBkUh0lAADwQSgBOgd1bmtub3duQgd1bmtub3duUABgARgB&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:36 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 ping.gif
prd.jwpltx.com/v1/clienta/ 0
49 B 102ms
102ms Image
text/plain 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/clienta/ping.gif?h=694745587&e=ae&n=3433169253531647&abc=1&aid=R6zixFK%2BEei17gpVuA4vVw&amp=0&ask=3EcmxQFj&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=6&emi=a0gsos5qqze5&i=0&id=AwMtC3La&lsa=fail&mt=1&pbd=1&pbr=1&pgi=1y70rzy16wsh&ph=1&pid=QpiDHIQD&pii=0&pl=146&plc=8&pli=1hqqe62oxfvn&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=TinTheThao.com.vn%20-%20Tin%20t%E1%BB%A9c&pu=https%3A%2F%2Fwww.tinthethao.com.vn%2F&pv=8.18.4&pyc=1&s=0&sdk=0&stc=1&stpe=0&t=Highlights%3A%20Santos%202-0%20Coritiba%20(Th%C3%A1ng%202%2F2021)&tv=3.35.0&vb=1&vi=1&vl=90&wd=260&ab=1&abid=ql3qhc1xp4nd&adi=ql3qhc1xp4nd&apid=ql3qhc1xp4nd&awi=1&awc=1&p=1&pc=0&pi=0&pr=7&vu=pubads.g.doubleclick.net&ad=VPAID&adid=VPAID&adt=Ad%20Manager&aec=20901&apt=1&atu=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21836418381%2Fembed%2Falwayson%2Fbongda%26description_url%3Dht&ct=&du=15&ec=901&iu=%2F21836418381%2Fembed%2Falwayson%2Fbongda&uav=&sa=1613411436959
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:37 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-hhn4052-HHN
x-cache: MISS
x-cache-hits: 0

GET
H3-Q050 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 178B 50 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cfc379d7559b68dbbb278caadd1c7a8e49a07443bcd27336e434d21e9d6acec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:39:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 15:28:11 GMT
server: sffe
age: 685
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18179
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:54:11 GMT

GET
H2 204 ping.gif
prd.jwpltx.com/v1/clienta/ 0
26 B 98ms
98ms Image
text/plain 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/clienta/ping.gif?h=130528347&e=al&n=8986573385302465&abc=1&aid=R6zixFK%2BEei17gpVuA4vVw&amp=0&ask=3EcmxQFj&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=6&emi=a0gsos5qqze5&i=0&id=AwMtC3La&lsa=fail&mt=1&pbd=1&pbr=1&pgi=1y70rzy16wsh&ph=1&pid=QpiDHIQD&pii=0&pl=146&plc=8&pli=1hqqe62oxfvn&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=TinTheThao.com.vn%20-%20Tin%20t%E1%BB%A9c&pu=https%3A%2F%2Fwww.tinthethao.com.vn%2F&pv=8.18.4&pyc=1&s=0&sdk=0&stc=1&stpe=0&t=Highlights%3A%20Santos%202-0%20Coritiba%20(Th%C3%A1ng%202%2F2021)&tv=3.35.0&vb=1&vi=1&vl=90&wd=260&ab=1&abid=ql3qhc1xp4nd&adi=ql3qhc1xp4nd&apid=ql3qhc1xp4nd&awi=1&awc=1&p=1&pc=0&pi=0&pr=7&vu=pubads.g.doubleclick.net&sa=1613411436965
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:37 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-hhn4052-HHN
x-cache: MISS
x-cache-hits: 0

GET
H/1.1 200
OK bridge-31030.js Show response
video-ads.rubiconproject.com/video/ Frame 178B 64 KB
20 KB 35ms
35ms Script
application/javascript 23.67.134.226
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://video-ads.rubiconproject.com/video/bridge-31030.js
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.134.226 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 22d16d512c307731530cc57b14148c34f80e541eaaaf0221ed3e4a372e8e933a

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 17:50:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Dec 2020 12:36:43 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "ff43-5b57a7ee30cc0-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 19876

GET
H/1.1 200
OK vast.xml Show response
optimized-by.rubiconproject.com/a/api/ Frame 178B 28 B
1 KB 236ms
150ms XHR
application/xml 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=16106&site_id=297052&zone_id=1497156&size_id=201&tg_c.language=en&p_aso.video.api=2&adtype=video&p_aso.video.ext.skip=0&p_aso.video.ext.skipdelay=0&p_aso.video.maxduration=&p_aso.video.protocols=&p_window.depth=0&rf=https%3A%2F%2Fwww.tinthethao.com.vn%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=260&p_aso.video.ext.ad.h=146&width=260&height=146&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=5851588453994425&rp_secure=1
Requested by: Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-31030.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e19d988dba0874a0f16dfd1a896e49a1b933470dc7090596bbb221257b448d89

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:37 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.tinthethao.com.vn
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml
Keep-Alive: timeout=5
Content-Length: 28
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3-Q050 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 6F88 42 B
89 B 47ms
47ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=BcEAyarQqYJLCAZHC7_UPtOaY4A7kqYX1RQAAABABIIe_z3Y4AFiQ-MasgwRg9ZXOgeAEsgEVd3d3LnRpbnRoZXRoYW8uY29tLnZuugEJODh4MzFfeG1syAEF2gEeaHR0cHM6Ly93d3cudGludGhldGhhby5jb20udm4vmAKEB6kCp_y86MpRtz7AAgLgAgDqAiIvMjE4MzY0MTgzODEvZW1iZWQvYWx3YXlzb24vYm9uZ2Rh-AKC0h6QA4wGmAPQBagDAeAEAdIFBhCfneftFJAGAaAGJKgH7NUbqAfz0RuoB5bYG9gHAOAHH9IIBwiAYRABGB3YCAKACgWYCwGADAE&sigh=7DJjuSCBTiY&label=videoplayfailed901&acvw=&sdkv=h.3.440.1&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1OTg5ODk5ODMyDDEzODMzNzY5Njc4NECTAQpUCAESHHZpZGVvLWFkcy5ydWJpY29ucHJvamVjdC5jb20aB1J1Ymljb24gAioBMUBkUiIQBCUAAPBBKAE6B3Vua25vd25CB3Vua25vd25IpwZQAGABGAE.

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ima3vpaid Show response
tpc.googlesyndication.com/ Frame 6F88 903 B
679 B 128ms
128ms XHR
text/xml 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=688153981&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F43606300%2FDugout_Bongda_Dir_Des_VidAdIn_Lis_MC_CTP%26description_url%3Dhttps://www.tinthethao.com.vn/%26tfcd%3D0%26npa%3D0%26sz%3D640x360%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3D0%26type%3Djs%26url%3Dhttps://www.tinthethao.com.vn/

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b48cece69d5c390645cb31de27d7b3ad244b811a95caadfd0c35a31b341eabaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 554
x-xss-protection: 0

POST
H3-Q050 204 csi
csi.gstatic.com/ Frame 6F88 0
318 B 61ms
26ms Other
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~kl6vig7v&c=7636576768508&slotId=3818288384254&qqid=CMO_lvu57O4CFRHhuwgdNDMG7A&gqid=abQqYOKaOaS07_UPnpK-0AE&fb=ima-html5&sdkv=h.3.440.1&ppt=jwplayer&ppv=8.18.4&mrd=4&aab=1&itv=1&met.4=err.kl6vigua
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 6F88 42 B
66 B 47ms
47ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=BNELvarQqYJPCAZHC7_UPtOaY4A6H87DkRQAAABABIIe_z3Y4AFjviqijgwRg9ZXOgeAEsgEVd3d3LnRpbnRoZXRoYW8uY29tLnZuugEJODh4MzFfeG1syAEF2gEeaHR0cHM6Ly93d3cudGludGhldGhhby5jb20udm4vmAL9AakCp_y86MpRtz7AAgLgAgDqAiIvMjE4MzY0MTgzODEvZW1iZWQvYWx3YXlzb24vYm9uZ2Rh-AKC0h6QA4wGmAPQBagDAdAEkE7gBAHSBQYQm6mPoBSQBgGgBiSoB-zVG6gH89EbqAeW2BvYBwDgBx_SCAcIgGEQARgd2AgCgAoFmAsBgAwB&sigh=TwwBxlzmCxA&label=video_ad_loaded&acvw=[VIEWABILITY]&sdkv=h.3.440.1&vci=[CREATIVE_PLAYBACK]

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6F88 0
22 B 60ms
59ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzhBzGhE9-baJOXEpb3iD963tuTxeVOLlM0K8KL5FQl2oLc3HAyygqjOgDGTgdDfi7brzX1jAdYaXXy5-uaxLN53Ja-2ozdksNZwXDAm6DmrEFkrNnUubwaLIkT8HS51tdbWc0ppvxtZEWcOnYbvYVGtpHfoSlQqkLWWCLX_fL19zqtPOZZJIXxHhIcuC56iUE6cKTciHHXxW9mFGkYHud2pjRnNhAAG4Fwj6MPsjuTYoW8U2mk02DQLJmZewkG4ESGytnLzwjo27sXScUVngyF5n4KW4H4JzMW5wMVDcNZVZTQWyj6SMKIS4Ei4mRwl1cpevp_Q&sig=Cg0ArKJSzPURRdpqgwV1EAE&sdkv=h.3.440.1&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU0MzYwNjkwMTkyDDEzODMxODMxNjkxMUCTAQpSCAESGXRwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20aCVZQQUlESU1BMyACKgRJTUEzQIIBUh0lAADwQSgBOgd1bmtub3duQgd1bmtub3duUABgARgB&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 ping.gif
prd.jwpltx.com/v1/clienta/ 0
26 B 99ms
98ms Image
text/plain 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/clienta/ping.gif?h=-2135381886&e=ae&n=9070309325208630&abc=1&aid=R6zixFK%2BEei17gpVuA4vVw&amp=0&ask=3EcmxQFj&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=6&emi=a0gsos5qqze5&i=0&id=AwMtC3La&lsa=fail&mt=1&pbd=1&pbr=1&pgi=1y70rzy16wsh&ph=1&pid=QpiDHIQD&pii=0&pl=146&plc=8&pli=1hqqe62oxfvn&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=TinTheThao.com.vn%20-%20Tin%20t%E1%BB%A9c&pu=https%3A%2F%2Fwww.tinthethao.com.vn%2F&pv=8.18.4&pyc=1&s=0&sdk=0&stc=1&stpe=0&t=Highlights%3A%20Santos%202-0%20Coritiba%20(Th%C3%A1ng%202%2F2021)&tv=3.35.0&vb=1&vi=1&vl=90&wd=260&ab=1&abid=ql3qhc1xp4nd&adi=ql3qhc1xp4nd&apid=ql3qhc1xp4nd&awi=1&awc=1&p=1&pc=0&pi=0&pr=7&vu=pubads.g.doubleclick.net&ad=Rubicon&adid=1&adt=VPAID%20Wrapper&aec=20901&apt=1&atu=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21836418381%2Fembed%2Falwayson%2Fbongda%26description_url%3Dht&ct=&du=30&ec=901&iu=%2F21836418381%2Fembed%2Falwayson%2Fbongda&uav=&sa=1613411437899
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:37 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-hhn4052-HHN
x-cache: MISS
x-cache-hits: 0

GET
H3-Q050 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame E80A 50 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cfc379d7559b68dbbb278caadd1c7a8e49a07443bcd27336e434d21e9d6acec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:39:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 15:28:11 GMT
server: sffe
age: 686
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18179
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:54:11 GMT

GET
H2 204 ping.gif
prd.jwpltx.com/v1/clienta/ 0
49 B 98ms
98ms Image
text/plain 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/clienta/ping.gif?h=-1523829162&e=al&n=9910415521383675&abc=1&aid=R6zixFK%2BEei17gpVuA4vVw&amp=0&ask=3EcmxQFj&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=6&emi=a0gsos5qqze5&i=0&id=AwMtC3La&lsa=fail&mt=1&pbd=1&pbr=1&pgi=1y70rzy16wsh&ph=1&pid=QpiDHIQD&pii=0&pl=146&plc=8&pli=1hqqe62oxfvn&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=TinTheThao.com.vn%20-%20Tin%20t%E1%BB%A9c&pu=https%3A%2F%2Fwww.tinthethao.com.vn%2F&pv=8.18.4&pyc=1&s=0&sdk=0&stc=1&stpe=0&t=Highlights%3A%20Santos%202-0%20Coritiba%20(Th%C3%A1ng%202%2F2021)&tv=3.35.0&vb=1&vi=1&vl=90&wd=260&ab=1&abid=ql3qhc1xp4nd&adi=ql3qhc1xp4nd&apid=ql3qhc1xp4nd&awi=1&awc=1&p=1&pc=0&pi=0&pr=7&vu=pubads.g.doubleclick.net&sa=1613411437905
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:38 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-hhn4052-HHN
x-cache: MISS
x-cache-hits: 0

GET
H3-Q050 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame E80A 41 KB
15 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/43606300/Dugout_Bongda_Dir_Des_VidAdIn_Lis_MC_CTP%26description_url%3Dhttps://www.tinthethao.com.vn/%26tfcd%3D0%26npa%3D0%26sz%3D640x360%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3D0%26type%3Djs%26url%3Dhttps://www.tinthethao.com.vn/%26channel%3Dvastadp&correlator=688153981

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c167c4f40ef6b82992282db580e857b5faf13028ec44ffdd976315e8e8dc7ad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 15:28:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15171
x-xss-protection: 0
expires: Mon, 15 Feb 2021 18:05:37 GMT

GET
H3-Q050 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame E80A 325 KB
112 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/43606300/Dugout_Bongda_Dir_Des_VidAdIn_Lis_MC_CTP%26description_url%3Dhttps://www.tinthethao.com.vn/%26tfcd%3D0%26npa%3D0%26sz%3D640x360%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3D0%26type%3Djs%26url%3Dhttps://www.tinthethao.com.vn/%26channel%3Dvastadp&correlator=688153981

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aad1cfaa43542e25f6a2959cc6fd270c103e4b8346a4130292019f5922332998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114573
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:38 GMT

POST
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E80A 0
79 B 39ms
39ms Other
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.2039837176186008&wt=1613411437981&sdkv=h.3.440.1&xai=undefined&url=1,https%3A%2F%2Fwww.tinthethao.com.vn%2F$0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/43606300/Dugout_Bongda_Dir_Des_VidAdIn_Lis_MC_CTP%26description_url%3Dhttps://www.tinthethao.com.vn/%26tfcd%3D0%26npa%3D0%26sz%3D640x360%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3D0%26type%3Djs%26url%3Dhttps://www.tinthethao.com.vn/%26channel%3Dvastadp&correlator=688153981

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 103ms
35ms XHR
text/javascript 188.40.114.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42836:time[url:%2F,device:desktop,user_id:ddd8550fd.bbf188da2_1613411437995,cdn_version:4]&s=99c8a858968e8e894cae48b0895d1f85&1613411437997
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/wssayomUPpbx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.5.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 17:50:38 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3-Q050 200 bridge3.440.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3766 577 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cde6d423561ad924a17fb17192a2d1335d409fb5ca2196bdb0bc695be8255dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.440.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tinthethao.com.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tinthethao.com.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192913
date: Fri, 12 Feb 2021 01:38:12 GMT
expires: Sat, 12 Feb 2022 01:38:12 GMT
last-modified: Fri, 12 Feb 2021 01:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 317546
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame E80A 26 KB
10 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10523
x-xss-protection: 0
expires: Mon, 15 Feb 2021 17:50:38 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame E80A 109 B
150 B 27ms
27ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tinthethao.com.vn

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 17:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 3766 156 B
222 B 239ms
239ms XHR
text/xml 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F43606300%2FDugout_Bongda_Dir_Des_VidAdIn_Lis_MC_CTP&description_url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&tfcd=0&npa=0&sz=640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&vpos=preroll&vpmute=0&vpa=0&type=js&url=https%3A%2F%2Fwww.tinthethao.com.vn%2F&channel=vastadp%2Bvpaidadp_html5&sdkv=h.3.440.1%2Fvpaid_adapter&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&adsid=NT&sdki=44d&adk=3403588213&sdk_apis=2%2C8&sid=76714E3D-D9E6-4E1B-BCAA-DE25888B272A&eid=44736293&dt=1613411438167&cookie_enabled=1&correlator=688153981&scor=3279971954426408&ged=ve4_td0_tt0_pd0_la0_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 6F88 42 B
66 B 50ms
50ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=BNELvarQqYJPCAZHC7_UPtOaY4A6H87DkRQAAABABIIe_z3Y4AFjviqijgwRg9ZXOgeAEsgEVd3d3LnRpbnRoZXRoYW8uY29tLnZuugEJODh4MzFfeG1syAEF2gEeaHR0cHM6Ly93d3cudGludGhldGhhby5jb20udm4vmAL9AakCp_y86MpRtz7AAgLgAgDqAiIvMjE4MzY0MTgzODEvZW1iZWQvYWx3YXlzb24vYm9uZ2Rh-AKC0h6QA4wGmAPQBagDAdAEkE7gBAHSBQYQm6mPoBSQBgGgBiSoB-zVG6gH89EbqAeW2BvYBwDgBx_SCAcIgGEQARgd2AgCgAoFmAsBgAwB&sigh=TwwBxlzmCxA&label=videoplayfailed901&acvw=&sdkv=h.3.440.1&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU0MzYwNjkwMTkyDDEzODMxODMxNjkxMUCTAQpXCAESGXRwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20aCVZQQUlESU1BMyACKgRJTUEzQIIBUiIQBCUAAPBBKAE6B3Vua25vd25CB3Vua25vd25IhARQAGABGAE.

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.440.1_vi.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 ping.gif
prd.jwpltx.com/v1/clienta/ 0
26 B 99ms
98ms Image
text/plain 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/clienta/ping.gif?h=825250975&e=ae&n=5025580524648696&abc=1&aid=R6zixFK%2BEei17gpVuA4vVw&amp=0&ask=3EcmxQFj&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=6&emi=a0gsos5qqze5&i=0&id=AwMtC3La&lsa=fail&mt=1&pbd=1&pbr=1&pgi=1y70rzy16wsh&ph=1&pid=QpiDHIQD&pii=0&pl=146&plc=8&pli=1hqqe62oxfvn&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=TinTheThao.com.vn%20-%20Tin%20t%E1%BB%A9c&pu=https%3A%2F%2Fwww.tinthethao.com.vn%2F&pv=8.18.4&pyc=1&s=0&sdk=0&stc=1&stpe=0&t=Highlights%3A%20Santos%202-0%20Coritiba%20(Th%C3%A1ng%202%2F2021)&tv=3.35.0&vb=1&vi=1&vl=90&wd=260&ab=1&abid=ql3qhc1xp4nd&adi=ql3qhc1xp4nd&apid=ql3qhc1xp4nd&awi=1&awc=1&p=1&pc=0&pi=0&pr=7&vu=pubads.g.doubleclick.net&ad=VPAIDIMA3&add=&adid=IMA3&adt=IMA3&adv=&aec=20901&apt=1&atu=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21836418381%2Fembed%2Falwayson%2Fbongda%26description_url%3Dht&caid=&du=30&ec=901&iu=%2F21836418381%2Fembed%2Falwayson%2Fbongda&sa=1613411438415
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:38 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-hhn4052-HHN
x-cache: MISS
x-cache-hits: 0

GET
H2 200 aud Show response
analytics.yomedia.vn/js/ 132 B
727 B 913ms
202ms Script
application/javascript 221.132.35.178
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.yomedia.vn/js/aud?sw=1600&sh=1200&scd=24&l=en-US&iej=0&ref=https%3A%2F%2Fwww.tinthethao.com.vn%2F&uref=&ver=1.0.28&coid=1&wid=160
Requested by: Host: ss.yomedia.vn
URL: https://ss.yomedia.vn/js/1/160/ads.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 221.132.35.178 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
Software: / Sails <sailsjs.org>
Resource Hash: d2ae322c8a209bf596fa545196b13c218e929ab288fad47ef7037fda8afe31be

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:24 GMT
x-powered-by: Sails <sailsjs.org>
etag: W/"84-A/yjqKsvC6N5KGAjiH3Gaw"
vary: Accept-Encoding
access-control-allow-methods
content-type: application/javascript; charset=utf-8
access-control-allow-origin
access-control-expose-headers
access-control-allow-credentials
access-control-allow-headers
content-length: 132

POST
H/1.1 200
OK /
eum-eu-west-1.instana.io/ Frame BE2F 0
190 B 44ms
44ms Other
text/plain 52.48.123.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eum-eu-west-1.instana.io/
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.123.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Mon, 15 Feb 2021 17:50:39 GMT
Cache-Control: no-cache, no-store
Connection: keep-alive
timing-allow-origin: *
Content-Length: 0

GET
H2 200 dc_oe=ChMI_tfE-Lns7gIVRZR7Ch2eNwWIEAEYACDQ7LRF;met=1;&timestamp=1613411440625;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame A918 42 B
110 B 60ms
58ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_tfE-Lns7gIVRZR7Ch2eNwWIEAEYACDQ7LRF;met=1;&timestamp=1613411440625;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIgNjE-Lns7gIVRZR7Ch2eNwWIEAEYACCLy7RF;met=1;&timestamp=1613411440638;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 12B7 42 B
107 B 57ms
57ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgNjE-Lns7gIVRZR7Ch2eNwWIEAEYACCLy7RF;met=1;&timestamp=1613411440638;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 ping.gif
prd.jwpltx.com/v1/jwplayer6/ 0
49 B 98ms
98ms Image
text/plain 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-1034013570&e=t&n=3681036773011022&abc=1&aid=R6zixFK%2BEei17gpVuA4vVw&amp=0&ask=3EcmxQFj&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=6&emi=a0gsos5qqze5&i=0&id=AwMtC3La&lsa=fail&mt=1&pbd=1&pbr=1&pgi=1y70rzy16wsh&ph=1&pid=QpiDHIQD&pii=0&pl=146&plc=8&pli=1hqqe62oxfvn&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=TinTheThao.com.vn%20-%20Tin%20t%E1%BB%A9c&pu=https%3A%2F%2Fwww.tinthethao.com.vn%2F&pv=8.18.4&pyc=1&s=0&sdk=0&stc=1&stpe=0&t=Highlights%3A%20Santos%202-0%20Coritiba%20(Th%C3%A1ng%202%2F2021)&tv=3.35.0&vb=1&vi=1&vl=90&wd=260&abm=1&ati=0&avc=0&bwe=17378&fed=Sg3n3cge&fls=0&fsm=0&ltc=236&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FAwMtC3La.m3u8&pbs=0&pcp=8&pw=32&q=4&sbr=430&ti=8&ubi=0&vh=180&vti=8&vw=320&sa=1613411440920
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:41 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-hhn4052-HHN
x-cache: MISS
x-cache-hits: 0

GET
H3-Q050 200 dc_oe=ChMItoC_-bns7gIViuztCh0uyQFCEAAYACDOlIpEQhMI95OH-bns7gIVWtQRCB2AWQ7k;met=1;&timestamp=1613411441873;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame F31B 42 B
91 B 44ms
40ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItoC_-bns7gIViuztCh0uyQFCEAAYACDOlIpEQhMI95OH-bns7gIVWtQRCB2AWQ7k;met=1;&timestamp=1613411441873;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 17:50:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 ping.gif
prd.jwpltx.com/v1/jwplayer6/ 0
49 B 98ms
98ms Image
text/plain 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-1494004449&e=ret&n=3333726988118284&abc=1&aid=R6zixFK%2BEei17gpVuA4vVw&amp=0&ask=3EcmxQFj&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=6&emi=a0gsos5qqze5&i=0&id=AwMtC3La&lsa=fail&mt=1&pbd=1&pbr=1&pgi=1y70rzy16wsh&ph=1&pid=QpiDHIQD&pii=0&pl=146&plc=8&pli=1hqqe62oxfvn&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=TinTheThao.com.vn%20-%20Tin%20t%E1%BB%A9c&pu=https%3A%2F%2Fwww.tinthethao.com.vn%2F&pv=8.18.4&pyc=1&s=0&sdk=0&stc=1&stpe=0&t=Highlights%3A%20Santos%202-0%20Coritiba%20(Th%C3%A1ng%202%2F2021)&tv=3.35.0&vb=1&vi=1&vl=90&wd=260&abm=1&ati=0&avc=0&bwe=17378&etw=10&fed=Sg3n3cge&fls=0&fsm=0&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FAwMtC3La.m3u8&pbs=0&pr=7&q=4&sbr=430&ubc=0&vh=180&vti=8&vw=320&sa=1613411443421
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tinthethao.com.vn/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:50:43 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-hhn4052-HHN
x-cache: MISS
x-cache-hits: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdCwPejZXidaDpQTBDoH--6c8oOIeL9hCjdS0v7os26kIDrPAtdRC0vvE7xkXCPN013g1ebz1WuIQ7Umou2kpcAgmYwrLNimBtPrH0AZI&sig=Cg0ArKJSzM-E8Bbr7QoDEAE&id=osdtos&mcvt=0&p=242,2150,492,2450&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210210&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1378114590&rs=4&met=ce&la=0&cr=0&osd=1&vs=3&rst=1613411429443&dlt=0&rpt=162&isd=0&msd=0&r=u&uup=0

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTE1YzA3NzUtNjgyNi02MjE1LTYzZDEtYWU2YTZjZjk3MGYx

Domain: rtb-csync.smartadserver.com
URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABdJU7AVWkAABBRG0gBmA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID

Domain: image4.pubmatic.com
URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-PuzSzyh1l2Kqf..48L0VF1Zd9bTsIbU-&gdpr=0&gdpr_consent=

Domain: aktrack.pubmatic.com
URL: https://aktrack.pubmatic.com/track?operId=7&p=156957&s=789540&a=3409401&ts=1613411437&wa=0&e=95&vc=2

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 346432:2246412
.awin1.com/	1970-01-19 16:14:30	Name: awpv9306 Value: 414915\|1613411431\|4bec7211-6fb6-11eb-b15c-692d064d6d31
.awin1.com/	1970-01-19 16:20:16	Name: awpv11467 Value: 414915\|1613411431\|4bece740-6fb6-11eb-b15c-692d064d6d31
.awin1.com/	1970-01-19 16:14:30	Name: awpv11690 Value: 414915\|1613411431\|4bdabed0-6fb6-11eb-b15c-692d064d6d31
.awin1.com/	1970-01-19 16:20:16	Name: awpv11482 Value: 414915\|1613411431\|4bdae5e0-6fb6-11eb-975f-692d0f3afe45
.awin1.com/	1970-01-19 16:53:23	Name: awpv14114 Value: 414915\|1613411431\|4bc8bd70-6fb6-11eb-975f-692d0f3afe45
.awin1.com/	1970-01-19 16:20:16	Name: awpv13872 Value: 414915\|1613411431\|4bc450a0-6fb6-11eb-975f-692d0f3afe45
.elitepartner.ch/	1970-01-20 18:05:23	Name: NVI_FC Value: 03_120_60078_0001_0001_0001_empty_AF9306_414915_1613411431_4bec7211-6fb6-11eb-b15c-692d064d6d31ID_GV1613411424.5564004.47fb4834-6fb6-11eb-9148-00155d53a129ID_TS%3A1613411432
.elitepartner.ch/	1970-01-19 16:20:16	Name: NVI_LC2 Value: 03_120_60078_0001_0001_0001_empty_AF9306_414915_1613411431_4bec7211-6fb6-11eb-b15c-692d064d6d31ID_GV1613411424.5564004.47fb4834-6fb6-11eb-9148-00155d53a129ID_TS%3A1613411432
.www.elitepartner.ch/	1970-01-19 16:10:13	Name: __cf_bm Value: 3ed3aa2a8a005b6330224a546fdb24d16238e22c-1613411431-1800-Ac2NpohQn5637B2CB6oB1G+P3+LJStWwlTsVbLK5ISFQkFt6p7ISke5iwPk87Dsm5diUoFpEJbjgFTKtvJbphCw=
.connects.ch/	1970-01-19 16:20:16	Name: ppv1507 Value: 2021021518503145075879447X116827V1507143201MS71761100242143300710156011506017
.tinthethao.com.vn/	1970-01-19 16:10:13	Name: __io_session_id Value: 2d6eb3ae4.48a93e67b_1613411427971
.redintelligence.net/	1970-01-19 18:19:47	Name: 8lcfmzhxc8d6_uid Value: 6b79517b4f6ad0df
.parship.ch/	1970-01-20 09:41:23	Name: cjcookie Value: a%3A2%3A%7Bs%3A2%3A%22id%22%3Bs%3A38%3A%22cj48b358a2-6fb6-11eb-8caa-00155d53a129%22%3Bs%3A6%3A%22expire%22%3Bi%3A1676483425%3B%7D
.parship.ch/	1970-01-20 18:05:23	Name: NVI_FC Value: 01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID_TS%3A1613411432
.parship.ch/	1970-01-19 16:20:16	Name: NVI_LC2 Value: 01_120_60078_0001_0199_0001_empty_AF414915ID_GV1613411424.5529584.47fb2a8e-6fb6-11eb-8253-00155d53a129ID_TS%3A1613411432
.www.conrad.ch/	1970-01-19 16:10:13	Name: __cf_bm Value: 1ac81a6d5396a130e09abc1259e9730d25161705-1613411431-1800-AUML4uHeZIZNIvpSwnYCSLbXV8OgXpxIqfcy5kKflvxpLxCkJX9FUezDp/4zpfcun6bFB42hlP/yQbSqsl3ZPKI=
.doubleclick.net/	1970-01-20 01:31:47	Name: IDE Value: AHWqTUlSHMOiOuQQCQUhSA9eGutSp99lIhzwZeMjyFWc0g50iv3yo3ESumiPJ4X1
www.tinthethao.com.vn/	1969-12-31 23:59:59	Name: GED_PLAYLIST_ACTIVITY Value: W3sidSI6InhiQUIiLCJ0c2wiOjE2MTM0MTE0MzMsIm52IjowLCJ1cHQiOjE2MTM0MTE0MjcsImx0IjoxNjEzNDExNDI3fV0.
.www.parship.ch/	1970-01-19 16:10:13	Name: __cf_bm Value: aeb1e43698c0978b35fd5ffa30889d0b9aeeb974-1613411431-1800-AVteVJQIsp6eOpNJ53LEKNW35YokVBLWFOYgH+CLCQHKk3AMIx1hT85/gwd7WFGsVGMvnBlsZT4sPCarr9kKSUQ=
.tinthethao.com.vn/	1970-01-20 01:31:47	Name: __gads Value: ID=e87848497c1e141a:T=1613411428:S=ALNI_MbMsMJdpCqWkz7LIc0nocFVPNNNvA
.tinthethao.com.vn/	1970-01-19 16:10:11	Name: _gat_gtag_UA_80588940_15 Value: 1
www.tinthethao.com.vn/	1970-01-20 00:55:47	Name: __io_lv Value: 1613411427970
.tinthethao.com.vn/	1970-01-19 16:10:12	Name: __io_nav_state42836 Value: %7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22www.tinthethao.com.vn%22%2C%22previousDomain%22%3A%22%22%7D
.tinthethao.com.vn/	1970-01-19 16:10:11	Name: _gat_UA-47573206-1 Value: 1
cct.connects.ch/	1969-12-31 23:59:59	Name: PHPSESSID Value: 226u8m3ftnenvtb0mbg6u6ijn2
.connects.ch/	1970-01-19 16:20:16	Name: ppv1410 Value: 2021021518503127066045921X116827V1410150335BS31603600207147300710152011506012
.www.tinthethao.com.vn/	1970-01-20 09:41:23	Name: dable_uid Value: 85873990.1613411429638
.connects.ch/	1970-01-19 16:20:16	Name: ppv1869 Value: 2021021518503127066045879X116827V1869151989BS86781900196382800710164011506028
.tinthethao.com.vn/	1970-01-20 09:41:23	Name: _ga Value: GA1.3.686921060.1613411428
www.tinthethao.com.vn/	1970-01-20 00:55:47	Name: __io Value: ac512cf8b.561f7eaaa_1613411427970
.tinthethao.com.vn/	1970-01-19 16:11:37	Name: _gid Value: GA1.3.1428409089.1613411428
www.tinthethao.com.vn/	1970-01-20 00:55:47	Name: __io_unique_42836 Value: 15
www.tinthethao.com.vn/	1970-01-19 16:10:12	Name: __io_visit_42836 Value: 1
www.tinthethao.com.vn/	1970-01-19 16:10:30	Name: __io_uh Value: 1
.tinthethao.com.vn/	1970-01-19 16:10:12	Name: __io_d Value: 1_705468254

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://embed.dugout.com/v3.1/bongda.js(Line 4) Message: dugout: TypeError: Cannot read property 'dgt_ltm_auds' of null
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821(Line 180) Message: pm-info:Inside catch block, setting the value 1 received in the argument due to error:
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821(Line 180) Message: pm-info:Finally, debug level set to 1
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821(Line 180) Message: pm-info:into initPreConfiguration method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821(Line 180) Message: pm-info:Inside catch block, setting the value 2 received in the argument due to error:
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821(Line 180) Message: pm-info:Finally, debug level set to 2
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821(Line 180) Message: pm-info:into initAd method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+7+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=1613411435780&us_privacy=
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.tinthethao.com.vn%252F&screenResolution=1600x1200&kdntuid=1&vwndh=480&vwndw=640&vwndurl=https%253A%252F%252Fwww.tinthethao.com.vn%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-2-15 18:50:36&ranreq=0.29293021547926323&timezone=1&depth=0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821(Line 180) Message: pm-info:PM AdRequest Time: 0.927secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821(Line 180) Message: pm-info:Ad Error Time: 0.929secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821(Line 180) Message: pm-info:Total Component Time since player call: 1.016secs.
console-api	error	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156957&siteId=789540&adId=3409401&vadFmt=3&vapi=2&vminl=5&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.tinthethao.com.vn%2F&cb=3411434821(Line 180) Message: pm-error:Invalid/Empty VAST Response from PubMatic Ad Server
console-api	log	URL: https://video-ads.rubiconproject.com/video/bridge-31030.js(Line 1) Message: com.rubiconproject.vpaid: XHR - https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=16106&site_id=297052&zone_id=1497156&size_id=201&tg_c.language=en&p_aso.video.api=2&adtype=video&p_aso.video.ext.skip=0&p_aso.video.ext.skipdelay=0&p_aso.video.maxduration=&p_aso.video.protocols=&p_window.depth=0&rf=https%3A%2F%2Fwww.tinthethao.com.vn%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=260&p_aso.video.ext.ad.h=146&width=260&height=146&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=5851588453994425&rp_secure=1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0a44b53ba2e0040ff9b91646f38e8d18.safeframe.googlesyndication.com
a.sportradarserving.com
ace-sync.toast.com
ad.turn.com
ade.googlesyndication.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adx.dable.io
aktrack.pubmatic.com
analytics.ad.daum.net
analytics.yomedia.vn
api.dable.io
assets-jpcust.jwpsrv.com
aud.pubmatic.com
c1.adform.net
cct.connects.ch
cdn.jwplayer.com
cdn.onthe.io
cdn.taboola.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cs.media.net
csi.gstatic.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
embed.dugout.com
entitlements.jwplayer.com
eum-eu-west-1.instana.io
eum.instana.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gov.aniview.com
grid.bidswitch.net
hal9000.redintelligence.net
hal90001.redintelligence.net
hal900012.redintelligence.net
hal900017.redintelligence.net
hal900028.redintelligence.net
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
media.tinthethao.com.vn
mwzeom.zeotap.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
partners.tremorhub.com
perf.dugout.com
pix.impdesk.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
player.aniview.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prd.jwpltx.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.adhigh.net
rtb-csync.smartadserver.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ss.yomedia.vn
ssl.p.jwpcdn.com
static.dable.io
stats.g.doubleclick.net
streamlyn-d.openx.net
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
sync.teads.tv
tms.parship.ch
tpc.googlesyndication.com
track1.aniview.com
trf.greatviews.de
tt.onthe.io
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vast.aniview.com
vid.pubmatic.com
video-ads.rubiconproject.com
videos-cloudflare.jwpsrv.com
visitor.fiftyt.com
vpaid.pubmatic.com
www.adtracker.ch
www.awin1.com
www.conrad.ch
www.elitepartner.ch
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.linsenkontakt.ch
www.parship.ch
www.tinthethao.com.vn
www.zenaps.com
x.bidswitch.net
aktrack.pubmatic.com
cm.g.doubleclick.net
image4.pubmatic.com
pagead2.googlesyndication.com
rtb-csync.smartadserver.com
103.90.220.90
104.109.83.210
104.84.56.214
104.84.57.138
115.88.123.125
116.203.211.59
142.250.185.66
142.250.186.66
144.76.91.199
15.164.190.193
151.101.114.49
152.199.22.243
159.253.128.188
159.65.196.12
159.69.70.9
178.250.0.163
18.159.182.76
18.159.228.25
18.193.144.52
18.195.193.185
18.211.56.72
184.30.20.198
184.30.20.241
184.30.24.22
184.31.88.106
185.29.133.199
185.33.221.87
185.64.189.110
185.64.189.115
185.64.190.106
185.64.190.75
185.86.137.131
185.94.180.126
188.40.114.5
193.232.148.159
199.232.137.44
2.19.34.195
2001:678:cb4:bbbb::11
203.133.167.207
203.162.2.86
213.155.156.182
221.132.35.178
222.255.217.231
23.196.202.183
23.67.134.226
2600:1f18:612b:4200:8331:bab2:3072:ce38
2600:9000:2127:4400:18:681:2880:93a1
2600:9000:2127:ac00:1:a3fa:7cc0:93a1
2606:4700:10::6816:1957
2606:4700::6810:125e
2606:4700::6810:9cf3
2606:4700::6812:d25f
2606:4700::6812:da5
2606:4700::6813:ba79
2606:4700::6813:fb79
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:800::200e
2a00:1450:4001:803::2002
2a00:1450:4001:803::200a
2a00:1450:4001:808::2003
2a00:1450:4001:809::2001
2a00:1450:4001:809::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2004
2a00:1450:400c:c00::9b
2a00:d70:0:b:2002:0:d91a:365b
2a02:26f0:7100:184::2c79
2a02:fa8:8806:13::1370
2a04:4e42:1b::626
3.126.56.137
3.35.249.226
34.243.35.122
34.98.64.218
35.201.96.126
35.244.147.96
35.244.159.8
37.157.6.247
46.4.10.49
5.148.168.135
52.28.254.214
52.45.78.137
52.48.123.100
54.228.114.223
54.93.141.230
66.155.71.25
69.173.144.138
69.173.144.140
77.243.60.138
84.200.5.215
85.114.159.93
85.239.105.10
88.99.165.19
94.130.102.164
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
0175593691d5cabc8193b916facee8ff24b33d5c9c758e08b65a614f70ff2a05
02a94215980e0a9b1534964bf8c1fe26b45710405f9e0c9ebfab99ee961bf84e
02e0d85900e2086c4202c09fad005daa5b0b66cafa9e139b59053ed6099376cc
0339b3b036d7684f08d556a3f1c547c376181e15f7ac31f622432adb0e13a8f7
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
059776a7d8a81824dcbedbdd3c140be19c504759946203f60ad391b8e9a59ed7
068fbcfe2424b219e521f07a2badd86cbc82a3739fb5cb0aff8b8b592aecb9df
08a70f1d016b7b6ff862da250b1900e641dc5e62622d80e7bafb42d09daffda6
0971c3544369155f8d026b17c6c27f713859148d03ed9f347ea21252c03f4e39
0a5affe1a2a77f2900eb0bec4bf56eb3194bf6cd38daadf16072fdef3a5f7338
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b8ca1623acd98684d5e22a539cf1fc6d904cd32a9d5f76b0e1023695d6ad1db
0bc399c514848ed792142c907adeefdc46f9bf2b455355e705082c7bf3640fa0
0c05d15626c1f368097607b5fd1988b535f51bfad242bc8043cad906b220e98b
0cc21f9a374b591dff2869c4188e7fe2e57cfdd1785887d19e975a018430d4ef
0d9b51e1b7d099699c240f12c7ab9fc69bf1b755c5386ca73801cc58f56d4622
0dc98ab7a742755230df9083cc4e90f690d4db1b84896aeb59d2daf4808a6fcc
0e203332bdb8a0c387ae96935481aee57996419bc60598b9162b841d7bbd9ac0
0f4a95f76c4cbef88776b1abc7e81c8349783352ea6caea5b135c4f6e2e1cd53
0faea42fd2cf2c8521ff64decf455a422fae2bbcbb402f376b0f1f363fa61d9f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13322430228da8f3fdafb63d4930e4daca96f3eed9531b6b34d29f73875d1248
139256f257d37dcf690eff4cb18e134871fba6c7db08a08491553ba8ef50e540
13d8399e7533f80b63ff5d6e27c8ba3c282463902291fe0f8bcbaba76266dea2
15193fcc70cd8bfa55fc79d6ea1c07808abf922087ba4476a896ba32a8b86135
15e4676d8a2d96ab6bd8192d7bd6b01364d2aa44763927eea2aefc2a362120c9
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
170de5647ae37bbc876f8ab220d3d7d3a8ba02acb9eea4418cbe824bc851a2b0
178bf2dca92f3b90869e52828a84b1203fa46fdd7b3fbaf0c9dbeb734b4658bf
183be476f6994871bcb37a3f978674e6ba8ae87ce84b9d268ddc298514b15cb5
18587f12cd72ab563f2e7aa90bdeda9b0ce1d9b196f32a9c459725664c73d19d
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a660d77e7cab82d4f18bed0366339657fa4d6df6c16a6d63920b65b5e774cf0
1bbb1cf040948bea2829656ed20814d5ecabdeb106bff79cad43af8e6ed78161
1e280b91a7adc6e3a5c309c2915f1c18c4e1c90a1b3c65e9ab09081e7d981100
1f4d24e9a5a27461e967bc44c8f16f7e050ea758d22463c59082c491ce41fe70
1f559aa135d5a63964e812c857e7faea321d9f40948eb4188a1e270d3f198d7f
1fdb81519d1097a29a788257f0afa5c2029e07c37917dbf8b8a2cfb520e99071
20ee94fc84c80d403d1c776a988a756656ba2611aea9c3fa76bdb57cf73093d9
21040973829f81a2e5fbbf8cb5ec81f8a4f335e6995522722cb8162e913cd795
212a5e44ca5b6b55efb74cfa9c1b557faa09036b54aa8c094558d924ae15c8f9
22d16d512c307731530cc57b14148c34f80e541eaaaf0221ed3e4a372e8e933a
22e2d12b5bb8f9955039c9bc2b02308c176ffd7b3f93304d232076bcd51f7896
24809915b6c3835b11dc7733ef56225b4d0559e40231c3ed30f7e38738444ef9
258810c69182ea4e728e3d2852dab24685356af647207aa6a4f85ec8f1460519
2600e99d77be0a3c0c4a654adfd43b3be06f7e6de54db1a5222ca2df93098d03
263cdb21b4793bf236111dd8b5b839ab92268532c469c0cdb9e4cdb3066b0bfe
270487837b123af09a5708fb9aecc1de75caec58291f0644971f6c457fa9d391
280e124ea35e5b0b98c7f71e9d5e516cfd6ce96ea30e42a92c49eb41e975dd86
288a77d469c1b48182f9f651a2eacd5c24e294ddfeb424be8e94ef1faa8fb0b5
2920caa8d3d8f2ce29655d5f27a64e08d2479f1dc2edce9ebad60f6563274c17
296b3d8e9fa36733999a69d6e630bc6361ea23dada8c98a0e48d34ba7f7d0ed2
2bcf26566211c926eec5d81ca2fd779f373a765c0a1555f6e05fdc6d783b9efe
2c117decc1d8a284b837d08ab7b3215cab65d09848baa1a03beebd69d7b74074
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e048f56182b1ee3e478b98d44a85a323de8e791f7f4c432e783ff159720a821
2ee19371ad012893f5e8c4fb41fdcf514f467616c7f998a075dee344a48e4f4a
2fa17f015cf277da3cb447f44056e23f82f0dcee8cdd706932b4c16041a75d7a
3187ad8dd92a7b9980b5a871f1eaa4d1a0a52deaaa04d7ddf83e4fe839467f4e
31ee2543aa4d659fe783017c93f7a40d58faf6c3972ebbbaae9070e34d0c9dba
32156bf045f055c2b8d2138ce191eab9324c9a22c32e3527be9a9366f9372969
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3479dbcdc4d6d4b32090a258d88ac982bb0d714dbb574211d4ac7146b2b2be78
361af67dd8fb835b31ec8c810809a4ea07c4dacbf8571b3387cb637429e3c12b
36213828ced246a1cf0a48bd06cc47a85ab14362cd629c02bd1afdebfc76873d
36a6262efaaa8946f2468eaa165c96c06aa520b6eb3d7fd2130b63b925020925
3a11c67e2a4dd13714a3edd0101052896ee090c08be63c40bc3c9468466f749d
3a5df63d2e9daa0b0bda394916c07cf97115ad1384db756d96d7d49096ab49c8
3ac7ce960fd46569a2ef11c8b430f34117a6019595bebbc5ba7390338815836e
3c470145ec5a0e138c286bde1be6224cb9f3ae02184ea93106db792a4ba72c18
3ce16951ea7f0e31cba5511bd917e4e9839de2f3bf0a6f4cd34d3466fa72daf6
3ce5deeb309b9a633466cd6cd488196e9fc8aaf8b8f55e0711cea0f6c51b8fe2
3dfcf076a896cba9d38603c426c463afbd39d0651a752eb787e5a5908297f541
3e8c12fcb762598984ad186c27da4ab7c4d6c3813416ddb9b0c754819739e3bb
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fbc8a3e6e0f25a9daf0bf0c545350fae5c2053f86c9806f2ff09adad2a182b2
4041728fa75c0c0473909ce77e10083124f8253679c712f27015ee59f03f90e5
40a1c1bf206e4bccaf0a756f002309d29751f2cdcb893781cae05411b19921df
4120d98bdd02303d387b5869560b10a661da21a8a0fc1ae0c1ca7501826a9475
4277f5dc049283ecf5e33814c38c88d18b2c5d059b481123b28829747a383c78
4433714910f3c322cde48fd16b6bfa477a5a38ce803a3c9dd59b4babe00c8085
48181a8d27eb9df4c0fd940dee0b74eceaf5a74d38a468a383611701785ee225
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a23e303f7c6c67b3bd6f1093da365537f0d74126f997f2820e320599c8329b9
4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265
4b1d4ea37cd015a22a5720e4e4916d54ad57a86c181eb26adeb5fb2ec4d403f3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7b4d87f414f0760e70f1ab82298dc30ca1e01752c77f1f368c20b7008053ea
4be142741d327cd1da41abb137cf286e37aabe87e6ecb140b317ec234e77fefb
4c616b0445de7236c857bbcff63e3236985202ead1d6676dd74b6151a5d88800
4cfc379d7559b68dbbb278caadd1c7a8e49a07443bcd27336e434d21e9d6acec
4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5
4dc9501fc7c3d995325efe579d708bd38c7eba9dd9e4fdc7ac8698c8a5f33984
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e09b68632588396c28cfadd6fda5f86b0bd0e0119c955ea0ba8121c34c0fa37
4e1cd30adf93dee9246c1012a0134053bd7c71b45f69b788216b1ac1e7d8397f
4e7675e0d22d3ae99502b08762265f77c83073848d9682d3a29a66bbb31a701a
4e81b7dc1bd37349500dfebd560874872b8c38a2e54ac95afa114bebab559254
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
515c36242aeba6b503eab704575caf6f3c811e2cd304de8bfbb889a23fe9b85f
52ef88ab52addcc358dc551f2e36416ef1a8b80bd2016319aa559040ec8fa2c3
53bc4331439f779b215d1e00795e09d2e50d3c6237a801322e7ce352d8d664d6
546227e8e1db78d6026dfc3d342917673164ae94859086b43f8866257ecdcef2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ba4ec827a361281cd0823752e458be5ef4e670a0833e5b96468e23c068cbf7
54cb4462aaa70faf025828b8836cbadac37add5f7c78864e4f8d965049d5f2a5
56141609b7b2353e822e3cad4f3a6cbf9597ee0a99d5c430c8bed9f61ae429e1
563c5eff66f0c438c9576b188a003b5860596930ad5f368b1552f75a0200d371
5699813baeb7c890c710b525ef745258c14aff63a429dc2d8afe9b765a9beedd
56a128c37d9e1e847091746e7198c3cad056054b2d98b2e0b136648c435ff6d2
573241f7831e15a26c6445601a2efbcb5cbf5106db270ee7dc68d5fa1d5eb041
5815a21b92e56985d2efe5b91ffaae0872c46a9f0a328768a0f5bbf2ef22bc47
58a14ba2e3e773324e8b8aeadcd988bdd177f68e6bf65c5fcdd339032e536e61
593b5ed44251396a7e684097782e5f5a2b24fff33e4c5ad2aa4eaf9f47f7cd6a
59d3666fcf3accd1ff581a9a5d3b0b3c98dcb58ba34615f43f63de7f04175578
59dd470a8b8294ef5cce727f165283cc87a7adceb912ea0be74ff32ac931e583
5a6558ecf886b839d4de2bd8297690cde34a87f4eb0a64673c76f9a8fd378024
5c7100186822f0edc0758527b6d020fa7ad352dedc61a4720bd331f1dd7e7edf
5e01d86ef97a0e65a76d2df92761e53114fcb63bb3eede1edad17e4aaf57d527
602f26bc03eea2889b014f131aa0bdb409a6f87a86fc1be2c0df4142271fbe8e
604acbdf7e7820f9ac582b0352c0e0faa61b0b455e4658c2d87bfa61c5512dbe
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
612a4f0a8dd30506cca8fab43b4ad35e850466927cb1b16920e431e4ed776e84
62b4edda70a71de2b19878a52816579a74872cd05897d2b1ef46a92b06665f6f
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
649c5a9b94b940ac3fb0be1c806b04bf3f05214ac18fe9b49f683193cd1b3b45
64c9148829e9919ccefb53d2bf70db17c7566b53f8daa05abb35b3d06a633800
65d09315233f53e15bdb0ec1e963544ea950ad9c1d18accd6fe12b6abeb63d88
68454eb46a5dcf67b286a612483d2ac8c73512a448477fa9401606de426a8ca8
68554b471617d6d1cba3574508a526053a358cb7116c682a72e3e6cdc7d86b38
695c8e89ab595e79ba710cf65ca87055fbe9f88f2ae142fdd8a522e75608d968
6a03aa20c736b63c5e4e4964d00495c022b76f7a6bdc283f1014f06bfecd089b
6a3cf5192354f71615ac51034b3e97c20eda99643fcaf5bbe6d41ad59bd12167
6a4b7921a535cfefd0cc9387f30fa8a852249a84aa509d4e4f6d707ecd6567bd
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b5db5894ad5c5e22b11348886a247e25ee072c7e08df8449b4564b48d5d6fe7
6c15543164017966f4b8c08377fc6612665682030fd83a4696bc6640daa9cd16
6c326c3af608f018d6583557fdfc222fed2eaf60456724a4a0900f49ef1e1d91
6cf61950f521fd400fe34d5bc708dddf700f9eec48a37df60824ca789aaf0018
6d230bb660f1ee348cff9edadd47bfc8d04d9d6af0bb691d1eb7dbeaf8c1eb20
6e3de2df57e1d59629a74b8ccf64dc347f4c42fd2f33e372d8155c14722126a4
6ef81792f7482dd06ba78037c906acd84db33cd53928b7d19c40386ecec79134
6fdd9a4a5d49b517193b7921783fafabbf52ad6580f4e406a522774005a63c11
713695d49b59e0d89b1b471813448fa835e896b2846220880ed2e51bd53ea832
718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4
729a5f58e5c687f4b964fdfc06abfff1497bfabf9161ac45f3128cf6b969179f
73a7d988d8d7d6b847db6070c318b5707be094ef3b8cc18f77e42e8d07dcf4ee
745743a8a9e6474567849bf25a3aff52237b09f6fd04047ce46c5cb606ca62fa
755af32ee858e1c11ee9e1e81e29655ab3f14f6f2f0411366493e00fb54922e0
763a6a8cadde20703ef872684cd59884720256402bc12966e8fa380f4cfd8be0
76dbddf9690e35248d11a26bb9fae8d8cb0ebfea1bdfdcb2b371ee5fb580b037
77228179c90f1df7d2899e4a83369af39fc7f84472e3758c2ad6b22813a2678d
780ec863fd97e0a7d657bef2d59ed437a7eb5c4f165365006127fcbc86f8be3e
782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc
7ac45ba7390d5dc1901dadd50c4a8e45e0e377941eb30a0bd2e847efca3c8e78
7b7b7b97bbd15571ec3f846c06cb6e92942cb43e7ffb7bbb91c0c5847b247daa
7ca2343e287df31a4fccca56313ecbd94d8d4b515f6954d8e4694ff3d7a4f30e
7e473ad8e516170972fbe5c4760bf81cfcae18b065d87651ac534509daf29824
7f8fc8ff8bacccb5869b10a96a29a2508421c5d3f3c1f03a5a9b978c41541711
80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe
80b51edc9434a7bdfdab82f59656de7d56f95c0512a98bc27e833df790c81bf6
81c260f6e9ff90472c2edc4e440cc8dac22308c68ca7a09344d2c02ff8cb7d94
82882638e334246917a373ad0ae7673f26b9476572b95c1b0773f4d8bba4288a
82d5c7430883ba8663679b5a21b77acc686dfd23176026f2a60a12f975d0853c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f62928f16953d39e36ac4b5d9802c3bf4db5b295fbce8fd4cf10992738c0bd
84216ef05b22b7d3e24aa42d78e774b0e28fdb6c759637d0da1d18cc659da02d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
876cfd75830546cc2ba6a38213b34365cc42903e1971862537b1ababd3f77561
890ce805150809a6528f142a3475d83e14b8216f3beccfe0bfd94ba8a202da45
891a3f290e6f010bc48053a7d5c820c8c6e85ba9d4212ea2d55741285e43795f
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
89d200bef78ea86afd351013402e0904f5bd2bec56baf3422d16f98c66d33b80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa540c1f7efefb32d013bcb5ba31dc24f4fa8e33cc42d7ec75ad365db5f9fbb
8af6cb5c3e27168ac25e648bd9434564c6a14cb086464e4b0d7f9ccaf313f511
8bb541b69554c2b30196543bcc5d263f297473bb0737a535c6c5872f9cba5772
8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d3da01cbc539c1c140f2acd55c1ecd78af718a99a0707737e05a86e8a6d6df0
8d4c814862e6b6d2d0a476465250b9f64f9d756eb5b5d09b07786d4e5237e81d
8d895000ee1ba62251ceeab5a1d3ab5e0fac8608079a8a0f99d6970f8ec6d1fd
8ec125d86a1c7ec76fd4f87b08b81281410b8701688e4284c42413246df0ce83
8f3055562da52f96e131e0501b3d1f4aa87ab9a375f79c5a9d76f4a9dcb11493
90f423f7f7c23d28e39caa0ddcb66acbf53988a22bd44e4eb55a524a934169f8
9224040d7a59a793ef0f7acec349a383d6df9dcb72c451ca0f458ae7e0bd8b90
92ec1bacc8ef133fa936d016ddb3799edaab93f68246fd01ed3927e8cb317240
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
9496ed27ca5b2d8776194a379201b981663f915a3143917dd6a42ce86ce95ab1
976b448a1c7d0db7f32e178c9d3015febe6339f9fbf1252b49d840728f366c2a
989a6a36d38997489d25ae66914d6378576296718749f4b36e96707b07a9d58c
99b2730345cc7c5c789cd76db7de538620cd7d3fc633a906bf0dded9b2e91ee1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cae3b3f2b233ba32ba6dbcf88e29b72ed608cc9386e9c30480c9f931cf414ff
9cb87251629b2b163de1d7f1d20c65453ac26170909770c044cedf7f63fb0673
9ec204561656bab028c2fb1d77312a95e26333f39b4a2a274049423f023acf5f
9f42657eddfb2078f946db4672ac089931aa8a55587ad36578b271361ae19ab4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1a86127dd00d4c60852d6c02f097b66a50b630490cc51d82a85c62f0b0c3052
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2f58710ab62b290073188aba214d74efa5b84c4bb5b0f6d46a82d1f93068919
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a41a85ec967001520ca11a2c317a09dc322d16d00faf4af1d4a75b4de0aec0bc
a6172f0b9ed4814026427819a791a90c3a8043b1f77c9b875000f555ceb8aab5
a6926fbab66c866c87ba8b283e15e25826b4458b2acbd86b546bc03ed050e221
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73b5ab43cf666cda325f42da8e1d9079fda00292b93b94ab4ff76dc38fb7fa6
a79029fecda2e3b5657df9665e07f8edf88924eca8268c3aebb63289b376afb5
a7985fd3c7165c368c96f0c2986d7bb358c9a45c171c773ef21a2c6dbeddc96a
a7ce4512e02fd219e86c8a410b90432c90bd8657fdd8fe405b268c683a9bd20e
aad1cfaa43542e25f6a2959cc6fd270c103e4b8346a4130292019f5922332998
ab2f3a14a5af06c512df3aae49da2e7242eb47ac26a77a93d34b0dec824307d0
ab92b195b6757e822847810f0c2c7299854b5a90cc683bc334d797c398397657
ad75010e1c621f431c2a1644026c64b4963d48d9260b45366de272815e5e260d
b00772a2ba933c3056e9b3df269f94e36a71cc27b4e6f84e3c2bbaee27a0e04c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b660df3a508a2b3e0c8f56d5a50616f630131b7f78e1543c778c2803f23ca8
b2a4b0d954e5af56988ae5f9346629211ce3a3d2fb99a75b360d1acb30ef6c17
b2ca6ce09258cca5101ae2044572537e942d84b30c29212f9816a99d6acf1017
b36da81ab1dd73219eee2f1caaa914c7fc4a3b6fa4104fb086e459d28c0906f5
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b48cece69d5c390645cb31de27d7b3ad244b811a95caadfd0c35a31b341eabaa
b4f32f7efa0288c658cda3fb09ec379791531519711d13bc871549243907e8fa
b51f2d8aac7391a43750f8daaca6a0467d572de947c8fb71de1c98ada78c0f08
b60bf26093b15366e1cb4094084696ac6dedc9e185dc1980a6f7bfd2e2c45abf
b7090c0cca6e3b98541429282f027918c911b36b080008ebb20827f3eb524726
b7e3fc312937085645380baa78d0d6382dba0e5a67dc0df71934e98d6a7d18ef
b9b49772e65e0417b6e33e047ee91bc1175bfcfbc7fbd606f23d5a7a5778df4c
bafbd03ea0a875395443568ce70a208521a6698eb2a8201bff38938c1e608c73
bed4879365b0815d9418e3b4e0fed253962293362fa41dff7ebd06354c9d5559
bf460d887a61227ff59744f65646ae69afb33bbb2ab46898e7bef4b39337dcc6
bfd894018e1d40f9cfe5ca6db1279fd64e97a525497cd2505571565b6946d31e
c00083536895cc24bb0f25a9c9628843bd44400a5984a7bfed6cede2ae3d35db
c0320f0b1e487888522b44765af4556ef289e22af7bf841242970f216c4a5a83
c11fb9ac4922e75ae9e0a017f41ae36febd8a185834b7bb608e9049ebe68da62
c167c4f40ef6b82992282db580e857b5faf13028ec44ffdd976315e8e8dc7ad7
c2253fe3333813956d7c9fab728b3662769301312193fdeced6806e34503ab51
c2b800deb2f80985c6afec31b2a0111958cbb223f2181c1a2d6adedeecb63998
c54ced20427b4963319aaaeb78af233a234162321c41eec6017a9d1ba40c31d8
c6674a49a1ce0f1098025614223daf6d76c9c32bdfe76b3bcf1134122cb380c2
c67fc26eb61a9d0377f6f375864151ee5dad1c6a130eb953bf68851c721467dd
c701c8c825388bce66e7b88ae648ead12d822eacdd527275122d13d1a97989cd
c739473a419182f3606c27434dd7a1321fda96760ca01fedbbdc9e406a98026f
c8a86716505918524f27a25b2a9192cdc958c0b267a7b0c69bbf2aafca7350f8
c8a93c18d175d09885c18794275b731477ff229c66eb3d194d65d0a180d85452
c8bc9283e8bbb60922a328c573886f928b759768156548f285fd8c062ed503a9
c8e3333b478cb83b318b8df4f84751af745593a1fc8cc59431e980fa4da23d02
c9f2058501781dddcbec34fc68abe721eab585e9c6ee0803cf9bd5abe7ec772e
cb3caabc3addd6eaedc8f1561e985e4db366dfdd7a598b48bd6d30e27156ead9
cde6d423561ad924a17fb17192a2d1335d409fb5ca2196bdb0bc695be8255dec
cea231eeb5e4be804f2331132480409aa44257df0f5ccceb32f4a432556aa1d6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d061263c3ecef282e0bc18216d7cc5018e60081705a095ff4a460c8198a0c2d1
d0643bc9da1b3a8a07e3d923c8a9d5d991daf16f4f43b620e7cb705d56009a2a
d1d0b7954da7a6ea0747050ca2c11a7998f05100a627bbe6c5a35323fde64389
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d2ae322c8a209bf596fa545196b13c218e929ab288fad47ef7037fda8afe31be
d2affeb3b55470c2ae097bd24d99a147b3f4f15e5dae11791ca65fbb56a7f588
d40e445084a94c08c165cf83b0b538d97729c72b41d21a4cf2bb11c9185b64e9
d4e9198352fbd31bea1281d71242cb6d7ead832aba9dc03e0c2ee2b297298108
d4ea9ac69c851abe1d3d88cdfeff53463572bbfc448da01269cbaffdffb3b167
d5a4535e0d039afc2c84ab8a89dd57dcee470cd0f2d6bd92d1fe59782af18320
d6646817db7adabc09fc3385dbdb4f6c099f8d89f22e47942dc47849b6b314f2
d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
da383cd0d1854b8c57d5a98ac28db6492422521d7be8b764dafaaef62d0b0e0d
da9ad85b06cb9c691fd6ada15b0b5e490a757f10be640e2d9baa07169d0c7e12
daff2a3cd865d5f34ae7a6ac0a2ace1fd4d87f5157c5d3efe7ed86e049c91fa5
db165c879c476f6dde29ecb57f8bfb5eff1678c844694722bdc051d26d2edd03
db6098250421a3e3bfd388f05bb99279cc7e1a0cdc6b85990dc56e2a0f1cd3f7
dc1360d953fefbf534b9cb5f0684934c06b7572679043b3399aaaa480d41b31c
dc7b46770a1cd45ae7462ebdeb45c5fa369a0e0b43e703d6b11f62da4ffe9304
ddb7f60d92b89ceafc1d6a83e672b00e8195e4a4e3028b67315597bc59180168
ddc17c931470859dfa899364e3a7789f0dd7561ed79614ba13e8b825b21695ee
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deed6a6b4c43763ee1330f0085ffa404fcb6a56662c66ef18c3c82b97f606e03
df22a55559f73af73a6fa0467742ca5ff3eb2d6908e41cdd392fcf71e64fec46
dfa05a5964f7993f83a296584170a7e49ace63db0891f1e53add0635e022bf6b
dfa0e17a0c4971d79add9cf1d7fd45bd753de391853a1cb4ce4d89e810feb14d
e138cdcf488c06f326b112a2f26561cf4c27db346cb7f22d850404f9db4c42a7
e170994ff3cde2f7782920f2e6930fa8ab8a65949535b16e076d4c711573de94
e19d988dba0874a0f16dfd1a896e49a1b933470dc7090596bbb221257b448d89
e1a94715be582708ec5e6fa222cb6542b797ddec6d07cfb17db69a8ab734c885
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e48f7de9f4f0a098fc743d477ffc95125f081ca426964b11a20460a6471c4e4e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
e8917955beb110a600b9196c614945d6c1a4df8f10a6d07347b4952f46ed3252
e9930ca0b4f506945202556e1c0fe27bf63a3672223d25ece7012241504d7f5c
ea6a17b03adfaa055742a4ca247f1ad1f376d32cbee4a765ac2172a36df020a2
eabfba4bea70cd69f6f08d60e233d051ac02ec3b38e7e2727a7500353420463d
eb18d854b15239fc134d2015b2f97e5470e2030ee0ddfd8a8ad2360acb8896e8
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
edbc64751c4123ad95fffb524a475689b7a8f3d373b32b21162f6a2f5c25ac06
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb06d2d48721404d23c1f20df010d1a12762ccc2811241a2c79fd586441fb66
f2668cd7f0a5b5880cd4b038c30bc4677d6cabaaff4658369ef0cf779b0ae2ca
f26a1246ce0427931d9a7d6142c6c59a3238cb920996b310b3e023fa9d3628f3
f4127355ac290363de8507cea422bf5505963d5334ff120e908bc21b35df1287
f4449213aa4e94ffdf10cd408b6735c07b06ec92c849f9a96fd3506415b53d1e
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f790a3ed7beb9510e977cc8a31b0c1264fd10694033498ef6a86f2effd13f262
f7c08a6f1488081a5e7a6999bd734810dbe6e9743773514552acb04412ced2db
f9bad6acca2c3aef0c73a337cd6d0cd25436e3eddf6fd420658397466d336446
fa81764522fc5b3f24fc65ff1147012c4b296557b077b4a1a0248899babba4bf
fbddb5dc71dbc432fe3c0882955fd4942934d931ea1cf8ed3107b6f8e8f6c7c8
fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8
fdf7263a9db74a048052b867fe0408c151c034dd361288d4032b56586eaea321
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.tinthethao.com.vn Open in urlscan Pro 203.162.2.86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

600 Requests

99 %HTTPS

32 %IPv6

72 Domains

115 Subdomains

81 IPs

13 Countries

8647 kBTransfer

18637 kBSize

36 Cookies

4 Outgoing links

Page URL History

Redirected requests

600 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tinthethao.com.vn Open in urlscan Pro
203.162.2.86 Public Scan

Screenshot
Live screenshot

Full Image

600
Requests

99 %
HTTPS

32 %
IPv6

72
Domains

115
Subdomains

81
IPs

13
Countries

8647 kB
Transfer

18637 kB
Size

36
Cookies

600 HTTP transactions
12 data transactions