k8ccwwesx.store Open in urlscan Pro
2606:4700:3034::6815:4df3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://k8ccwwesx.store/
Effective URL:
https://k8ccwwesx.store/indexdavc.php
Submission: On May 03 via api (May 3rd 2023, 5:50:11 pm UTC) from US — Scanned from DE

Summary HTTP 233 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 32 IPs in 9 countries across 36 domains to perform 233 HTTP transactions. The main IP is 2606:4700:3034::6815:4df3, located in United States and belongs to CLOUDFLARENET, US. The main domain is k8ccwwesx.store.
TLS certificate: Issued by GTS CA 1P5 on May 3rd 2023. Valid for: 3 months.

This is the only time k8ccwwesx.store was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::ac43:d509	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2606:4700:303... 2606:4700:3034::6815:4df3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
57	123.30.242.10 123.30.242.10	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
16	2405:f980::1:13 2405:f980::1:13	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
8	2405:f980::1:10 2405:f980::1:10	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
4	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	123.30.151.76 123.30.151.76	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
21	123.30.151.88 123.30.151.88	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
6	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4 18	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	103.229.205.243 103.229.205.243	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	3.126.13.24 3.126.13.24	16509 (AMAZON-02) (AMAZON-02)
2 2	3.125.94.102 3.125.94.102	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2600:9000:211... 2600:9000:211e:e600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:a6ef:9034:ef93:4d3e	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	216.52.2.39 216.52.2.39	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 2	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1 1	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	123.30.151.81 123.30.151.81	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
233	32

1 2606:4700:3034::ac43:d509 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

k8ccwwesx.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::6815:4df3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

k8ccwwesx.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 123.30.242.10 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

gamek.mediacdn.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vccorp.mediacdn.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adi.admicro.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2405:f980::1:13 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)

media1.admicro.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.contineljs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2405:f980::1:10 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)

static.amcdn.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
deqik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amcdn.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg.nanda.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.philacct.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 123.30.151.76 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

adminplayer.sohatv.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 123.30.151.88 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

lg1.logging.admicro.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.181.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.52 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.205.243 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.13.24 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-13-24.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.94.102 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-94-102.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:e600:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:a6ef:9034:ef93:4d3e (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.85 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 123.30.151.81 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

fgp.philacct.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	mediacdn.vn gamek.mediacdn.vn — Cisco Umbrella Rank: 698532 vccorp.mediacdn.vn — Cisco Umbrella Rank: 336233	2 MB
38	admicro.vn media1.admicro.vn — Cisco Umbrella Rank: 49476 lg1.logging.admicro.vn — Cisco Umbrella Rank: 40623 adi.admicro.vn — Cisco Umbrella Rank: 66376	211 KB
37	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 94 tpc.googlesyndication.com — Cisco Umbrella Rank: 137 ade.googlesyndication.com — Cisco Umbrella Rank: 290	1019 KB
33	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 74 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 352	96 KB
13	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 292	901 KB
10	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 70	2 KB
7	google.de www.google.de — Cisco Umbrella Rank: 6386 adservice.google.de — Cisco Umbrella Rank: 9108	2 KB
5	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 945	1 KB
5	amcdn.vn static.amcdn.vn — Cisco Umbrella Rank: 58906 amcdn.vn — Cisco Umbrella Rank: 37509	17 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 299	2 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 211 secure.adnxs.com — Cisco Umbrella Rank: 406	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 523	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2587	21 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	16 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 150	222 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	248 KB
4	k8ccwwesx.store 2 redirects k8ccwwesx.store	21 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 753	545 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 608	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 699	1 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 318	973 B
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2267	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	98 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 810	134 KB
2	philacct.com static.philacct.com — Cisco Umbrella Rank: 103049 fgp.philacct.com — Cisco Umbrella Rank: 66453	15 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 328	6 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 428	757 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 725	444 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1258	351 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 740	711 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 479	872 B
1	nanda.vn lg.nanda.vn — Cisco Umbrella Rank: 66583	464 B
1	contineljs.com static.contineljs.com — Cisco Umbrella Rank: 54759	4 KB
1	sohatv.vn adminplayer.sohatv.vn — Cisco Umbrella Rank: 57630	10 KB
1	deqik.com deqik.com — Cisco Umbrella Rank: 79119	13 KB
0	everesttech.net Failed sync-tm.everesttech.net Failed
233	36

	Domain	Requested by
54	gamek.mediacdn.vn	k8ccwwesx.store gamek.mediacdn.vn
26	pagead2.googlesyndication.com	media1.admicro.vn pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net k8ccwwesx.store www.googletagservices.com
21	lg1.logging.admicro.vn	k8ccwwesx.store media1.admicro.vn
18	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net k8ccwwesx.store
15	media1.admicro.vn	k8ccwwesx.store media1.admicro.vn
13	s0.2mdn.net	k8ccwwesx.store s0.2mdn.net
10	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net
10	googleads.g.doubleclick.net	www.googletagmanager.com pagead2.googlesyndication.com googleads.g.doubleclick.net
5	adservice.google.com	pagead2.googlesyndication.com
5	adservice.google.de	pagead2.googlesyndication.com
5	partner.googleadservices.com	pagead2.googlesyndication.com
5	www.google.com	1 redirects k8ccwwesx.store googleads.g.doubleclick.net
4	x.bidswitch.net	4 redirects
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.facebook.com	connect.facebook.net k8ccwwesx.store
4	connect.facebook.net	k8ccwwesx.store connect.facebook.net deqik.com
4	www.googletagmanager.com	k8ccwwesx.store deqik.com www.googletagmanager.com
4	k8ccwwesx.store	2 redirects k8ccwwesx.store
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	stats.g.doubleclick.net	deqik.com k8ccwwesx.store www.google-analytics.com
3	www.google-analytics.com	deqik.com www.google-analytics.com
3	amcdn.vn	k8ccwwesx.store
2	googleads4.g.doubleclick.net	k8ccwwesx.store
2	onetag-sys.com	1 redirects googleads.g.doubleclick.net
2	ap.lijit.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	a.sportradarserving.com	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net
2	static.xx.fbcdn.net	www.facebook.com
2	www.google.de	k8ccwwesx.store
2	adi.admicro.vn	media1.admicro.vn
2	static.amcdn.vn	k8ccwwesx.store lg1.logging.admicro.vn
1	ade.googlesyndication.com	k8ccwwesx.store
1	fgp.philacct.com	k8ccwwesx.store
1	ajax.googleapis.com	s0.2mdn.net
1	secure.adnxs.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	sync.mathtag.com	1 redirects
1	static.philacct.com	media1.admicro.vn
1	region1.google-analytics.com	www.googletagmanager.com
1	lg.nanda.vn	k8ccwwesx.store
1	static.contineljs.com	media1.admicro.vn
1	adminplayer.sohatv.vn	k8ccwwesx.store
1	vccorp.mediacdn.vn	k8ccwwesx.store
1	deqik.com	k8ccwwesx.store
0	sync-tm.everesttech.net Failed	googleads.g.doubleclick.net
233	50

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
gamek.vn
www.vccorp.vn
www.messenger.com

Subject Issuer	Validity	Valid
k8ccwwesx.store GTS CA 1P5	`2023-05-03` - `2023-08-01`	3 months	crt.sh
*.mediacdn.vn Sectigo RSA Domain Validation Secure Server CA	`2022-07-02` - `2023-06-15`	a year	crt.sh
*.admicro.vn Sectigo RSA Domain Validation Secure Server CA	`2022-10-21` - `2023-11-21`	a year	crt.sh
*.amcdn.vn Sectigo RSA Domain Validation Secure Server CA	`2022-12-30` - `2023-12-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
deqik.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-28` - `2023-06-28`	a year	crt.sh
*.sohatv.vn Sectigo RSA Domain Validation Secure Server CA	`2022-10-03` - `2023-11-03`	a year	crt.sh
*.logging.admicro.vn Sectigo RSA Domain Validation Secure Server CA	`2022-06-17` - `2023-07-18`	a year	crt.sh
*.contineljs.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-14` - `2023-09-23`	a year	crt.sh
*.nanda.vn Sectigo RSA Domain Validation Secure Server CA	`2022-05-28` - `2023-06-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-10` - `2023-05-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.philacct.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-14` - `2023-09-23`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://k8ccwwesx.store/indexdavc.php
Frame ID: B680C5947B889A5DFFED5447731DEAC4
Requests: 126 HTTP requests in this frame

Frame: https://lg1.logging.admicro.vn/_tracking1.gif?dg=78550e439b1a87e578b51200a1bb5622&fl=-1.-1.&je=0&sr=1600x1200&sc=24&hn=k8ccwwesx.store&cat=%2Ftag%2Fgame-online-viet-nam%2F&g=0&i=s%3B1683136201498%3B0%3B0%3B1%3B0%3B0%3B1600x1200%3B0%3B0%3B78550e439b1a87e578b51200a1bb5622%3B78550e439b1a87e578b51200a1bb5622%3B%3B-1683136197189%3B0%3B0%3B1898%3B84%3B414%3B-1683136197189%3B-1683136197189&rdm=0.382817320933756&p=%2Findexdavc.php&r=&dg=78550e439b1a87e578b51200a1bb5622&ce=1&lc=&cr=&ui=
Frame ID: 178E33E59AC7B9FC65E27DDA193EA586
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: FDC2D820901D7E01EE6594FB49A64CF3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: B1AC65280F8813DEBCB1EAAE9DDF74FA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: A11096193BF6A85C10FA936EF89457FE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 0B17B2520231BCB0896F6DDC5E9FB24A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 8951B41D2A72BDB331DC9502108C9779
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=618158328194206&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df301e77e668dbd4%26domain%3Dk8ccwwesx.store%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fk8ccwwesx.store%252Ff3f102ac7ad82f4%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fgamek.vn%2Fgame-online-viet-nam.htm&layout=button_count&locale=vi_VN&sdk=joey&show_faces=true&width=450
Frame ID: B7CB77CE602CDA025F59D330437599DB
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=90&slotname=6721968282&adk=3456145410&adf=3471351507&pi=t.ma~as.6721968282&w=728&lmt=1683136204&url=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136203918&bpp=10&bdt=213&idt=176&shv=r20230501&mjsv=m202304270101&ptt=5&saldr=sa&correlator=305097339994&frm=23&ife=1&pv=2&ga_vid=449717621.1683136203&ga_sid=1683136203&ga_hid=2019224567&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=160&biw=1600&bih=1200&isw=728&ish=90&ifk=213394084&scr_x=0&scr_y=0&eid=44773809%2C44759876%2C44759927%2C44759837%2C31074265%2C44788442%2C44789761%2C44789924%2C31071260&oid=2&pvsid=3806225720832992&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7egnt0t3xgz6&fsb=1&dtd=195
Frame ID: 1F77EEF2493F84D073BF26D633D70AC7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=600&slotname=6721968282&adk=1592157575&adf=2098014275&pi=t.ma~as.6721968282&w=300&lmt=1683136204&url=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136203855&bpp=10&bdt=347&idt=275&shv=r20230501&mjsv=m202305010101&ptt=5&saldr=sa&correlator=305097339994&frm=23&ife=1&pv=1&ga_vid=449717621.1683136203&ga_sid=1683136203&ga_hid=141230988&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=4812&biw=1600&bih=1200&isw=300&ish=600&ifk=3194483421&scr_x=0&scr_y=0&eid=44759926%2C44773809%2C44759837%2C44759875%2C31074291%2C44788441%2C44789761%2C44789925&oid=2&pvsid=3214247643899122&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cp9qjao4sp7k&btvi=1&fsb=1&dtd=291
Frame ID: 5DF68698CCE75FA1DD52B33011FC09DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=250&slotname=8198676162&adk=3065671642&adf=2098014273&pi=t.ma~as.8198676162&w=300&lmt=1683136204&url=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136203978&bpp=10&bdt=241&idt=192&shv=r20230501&mjsv=m202305010101&ptt=5&saldr=sa&cookie=ID%3Ddf3d13ebe2fbfcd8-22b331d0b7dd00c0%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MZ_nAXVK4RpSATiAPpngIzGg336_A&gpic=UID%3D00000bf51c696b12%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MaxcC-aXJTq-s-UjOLzD2mJ7OAW3A&correlator=305097339994&frm=23&ife=1&pv=1&ga_vid=449717621.1683136203&ga_sid=1683136203&ga_hid=584764907&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=265&biw=1600&bih=1200&isw=300&ish=250&ifk=3194250365&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773810%2C31074266%2C44788441%2C44789761%2C44789779&oid=2&pvsid=2091338123323422&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5w994cbwk55w&fsb=1&dtd=208
Frame ID: 592A48306E6E49A0960700701D77AD30
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=600&slotname=8198676162&adk=3372607032&adf=2098014303&pi=t.ma~as.8198676162&w=300&lmt=1683136204&url=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136203966&bpp=11&bdt=171&idt=237&shv=r20230501&mjsv=m202304270101&ptt=5&saldr=sa&cookie=ID%3D4f1399e1dd6401f9-2249b24eb8dd004a%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MYXKYnQXGm7KDeVdimufzAvRUVnug&gpic=UID%3D00000bf51c913968%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MYtXxHJuscG-Opj-Rv6yw9le87sJQ&correlator=305097339994&frm=23&ife=1&pv=1&ga_vid=449717621.1683136203&ga_sid=1683136203&ga_hid=724927852&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=5422&biw=1600&bih=1200&isw=300&ish=600&ifk=3194483421&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C42531705%2C44788441%2C44789761%2C44789925&oid=2&pvsid=960905417375282&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ukx236s1szsk&btvi=1&fsb=1&dtd=251
Frame ID: E9C306E5793A0DF79809275103AF6A77
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=250&slotname=8198676162&adk=3065671642&adf=2098014272&pi=t.ma~as.8198676162&w=300&lmt=1683136204&url=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136203994&bpp=10&bdt=251&idt=236&shv=r20230501&mjsv=m202304270101&ptt=5&saldr=sa&cookie=ID%3D4f1399e1dd6401f9-2249b24eb8dd004a%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MYXKYnQXGm7KDeVdimufzAvRUVnug&gpic=UID%3D00000bf51c913968%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MYtXxHJuscG-Opj-Rv6yw9le87sJQ&correlator=305097339994&frm=23&ife=1&pv=1&ga_vid=449717621.1683136203&ga_sid=1683136203&ga_hid=393648676&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=523&biw=1600&bih=1200&isw=300&ish=250&ifk=3194250365&scr_x=0&scr_y=0&eid=44773809%2C44759837%2C44759875%2C44759926%2C44788441%2C44789761%2C44789925&oid=2&pvsid=4331248582009054&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.erxleja41ask&fsb=1&dtd=257
Frame ID: 08C44212967B662D2F094A2197B02BAE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY5er4xgEwAQ&v=APEucNUlZEqo7ClygDOPh81yWlBHNbDjNFYE6chOvKgxi07wtjAAhYUdJcH5gKFJcmPnOpZ3PK9pehI6agh8qbdWXlz8GTNzTB6sMe7EdGCrOxIJbK50bS0uuaNMFO0WJRbqGkuFhK_JhwdOUh6wR3_En3X6OtKPwRy6YIW-briGatvxyWlio4g
Frame ID: 5A89FEB2E37533CDFA868C36A14208A8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0CC476BCC734E87F0F24C0745C688686
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 02F507464B7F32B5B028FF8EE0F1C4D8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FHHDynUGsrfH4TjWcGmt-S1vebovfm5iFoLlE4fXdvI.js
Frame ID: 5B80E14C92D933FFBBEF56FDF7EBF518
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6CECE62AD7CF8981B48E167475235436
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 38E2878B0E847B777359FA3217223B91
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=8tcsuNcgk9&t=1&renderingType=2&ev=01_247
Frame ID: CAD6B67A6EF83C6B733C302785A0867A
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FHHDynUGsrfH4TjWcGmt-S1vebovfm5iFoLlE4fXdvI.js
Frame ID: B5DCB75F160C36F64C4E81DBBF753F5E
Requests: 1 HTTP requests in this frame

Frame: https://fgp.philacct.com/genuuidpc
Frame ID: 5B354398C6270750563B538875582394
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GAME ONLINE VIỆT NAM

Page URL History Show full URLs

http://k8ccwwesx.store/ HTTP 301
https://k8ccwwesx.store/ HTTP 301
https://k8ccwwesx.store/indexdavc.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

233
Requests

93 %
HTTPS

55 %
IPv6

36
Domains

50
Subdomains

32
IPs

9
Countries

4719 kB
Transfer

9582 kB
Size

52
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/gamek.vn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCBEwTpFOP44fyi_7PbFYgXg

Search URL Search Domain Scan URL

URL: https://gamek.vn/
Title: GameK.vn

Search URL Search Domain Scan URL

URL: https://gamek.vn/game-online-viet-nam.htm
Title: game online Việt Nam

Search URL Search Domain Scan URL

URL: http://www.vccorp.vn/

Search URL Search Domain Scan URL

URL: https://www.messenger.com/t/152595292913
Title: Chat với tư vấn viên

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://k8ccwwesx.store/ HTTP 301
https://k8ccwwesx.store/ HTTP 301
https://k8ccwwesx.store/indexdavc.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHq1BDMwuea9EMUfR7gnQHQ&google_cver=1

Request Chain 178

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFKezGZV2BlYFJLo-UAf7QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHq1BDMwuea9EMUfR7gnQHQ&google_cver=1

Request Chain 179

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAWlKJSpE2ooDvO94zR4fm0&google_cver=1

Request Chain 180

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI3OTM2NDczNzIzODkzNTgwMg%3D%3D

Request Chain 181

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEK1HkLDYshFgbop-P-akap8&google_cver=1&google_push=ATf1kGOcNo7nYXrxBD4kWlLrgwdb735aZo1i_e5UZe0y0I1npfUCoiv-J7BHqh4OKCTr-SDxxDQ4Qm3gDa60p7UOL29XdKBYE9E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOcNo7nYXrxBD4kWlLrgwdb735aZo1i_e5UZe0y0I1npfUCoiv-J7BHqh4OKCTr-SDxxDQ4Qm3gDa60p7UOL29XdKBYE9E

Request Chain 183

https://um.simpli.fi/gp_match?google_gid=CAESEPkV36ZO8hZKLD9QpQsDSZw&google_cver=1&google_push=ATf1kGMhzLEBny9xS2Fj3dk04Mh34pOSmBGDVVNt1sWrC52JCqFPCIVzV1xauN78oLpnQSpFdEHVcL_lxisiIFbxtW4UqHhOZA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4D6F041C3663422B887DA9164EE94A59&google_push=ATf1kGMhzLEBny9xS2Fj3dk04Mh34pOSmBGDVVNt1sWrC52JCqFPCIVzV1xauN78oLpnQSpFdEHVcL_lxisiIFbxtW4UqHhOZA

Request Chain 184

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHs5kiO0RBtG6P3rUw_fw2g&google_cver=1&google_push=ATf1kGMe47v840nkoxHgmvjokVtUi8JPg9LMWGMrmu2VCX1iflzalAjpoio45dDvK28SZf4v7Dafrb_J7A-2zAc-f2gvJveM4cY HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHs5kiO0RBtG6P3rUw_fw2g&google_cver=1&google_push=ATf1kGMe47v840nkoxHgmvjokVtUi8JPg9LMWGMrmu2VCX1iflzalAjpoio45dDvK28SZf4v7Dafrb_J7A-2zAc-f2gvJveM4cY HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=722dc26b-525f-44d3-b660-e6cb27949596&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMe47v840nkoxHgmvjokVtUi8JPg9LMWGMrmu2VCX1iflzalAjpoio45dDvK28SZf4v7Dafrb_J7A-2zAc-f2gvJveM4cY&google_hm=yyIAvG0qTAONnSpIit4xjA==

Request Chain 186

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHdNSyQUEwlSKnvLfpv_Vvs&google_cver=1&google_push=ATf1kGOuhU3M9sXWxWUis51XWc85LnneQhfBG9ypfviE2ZJJVqFxfImRi9WGe9hEcmdTngjVYHr1QfK2a15wkrI6099ceNFJvDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg3WlU3RlAtMTYtUlJH&google_push=ATf1kGOuhU3M9sXWxWUis51XWc85LnneQhfBG9ypfviE2ZJJVqFxfImRi9WGe9hEcmdTngjVYHr1QfK2a15wkrI6099ceNFJvDQ

Request Chain 187

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIoryW8k9my_fUcvla51oDw&google_cver=1&google_push=ATf1kGOnWEQLn707PDqMYjQLCWSlJm6XsAuTKfO59CrHpW5mIP-ecGvdP4qvzLTrywR7vTD97Gl2an1-0RPp5xjdRkvRTsjQ1oU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOnWEQLn707PDqMYjQLCWSlJm6XsAuTKfO59CrHpW5mIP-ecGvdP4qvzLTrywR7vTD97Gl2an1-0RPp5xjdRkvRTsjQ1oU

Request Chain 189

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 201

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEK3Smw13EY6uxt2BLNUopXw&google_cver=1&google_push=ATf1kGPRGIEP3dqQMvmCPeJmqOibz5OwTeXrfzR9dgvn6pGoOEnTi4JBDEGEM8YMDkgTqMzfvj-zXY6tPKGdAGM2Mbicr8CMrLUe56TxbiyQfCdFqqikbGXHnQ-9RzYP0wplZ6agkh461F6q0rF1NQg-MBrD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPRGIEP3dqQMvmCPeJmqOibz5OwTeXrfzR9dgvn6pGoOEnTi4JBDEGEM8YMDkgTqMzfvj-zXY6tPKGdAGM2Mbicr8CMrLUe56TxbiyQfCdFqqikbGXHnQ-9RzYP0wplZ6agkh461F6q0rF1NQg-MBrD&google_hm=eS1qUmdvbS5kRTJwSGlQX2lOUE5vS0l4OUguUzJnWUdnSX5B

Request Chain 202

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECFhPrfor5AXkbCJLtkJPSs&google_cver=1&google_push=ATf1kGPZmBhPmbg-lao0Ro0ihpu50nIT4Ybzrf3G7BdypfSiGONFyIjtcvH7Nl0UpXpqpL5fZ7C2-HB6GhtL71mPL6lKgki1DS8YGeH7GkrDplMQnBWxjI61O7vQwd22xlyZ8PsjLlnaHwVj3JjHO8AvDkQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECFhPrfor5AXkbCJLtkJPSs&google_cver=1&google_push=ATf1kGPZmBhPmbg-lao0Ro0ihpu50nIT4Ybzrf3G7BdypfSiGONFyIjtcvH7Nl0UpXpqpL5fZ7C2-HB6GhtL71mPL6lKgki1DS8YGeH7GkrDplMQnBWxjI61O7vQwd22xlyZ8PsjLlnaHwVj3JjHO8AvDkQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pg0rAWHFQGGgiCHeQ75vcQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPZmBhPmbg-lao0Ro0ihpu50nIT4Ybzrf3G7BdypfSiGONFyIjtcvH7Nl0UpXpqpL5fZ7C2-HB6GhtL71mPL6lKgki1DS8YGeH7GkrDplMQnBWxjI61O7vQwd22xlyZ8PsjLlnaHwVj3JjHO8AvDkQ

Request Chain 203

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFCYqM4WTT7jEER3_rnMoBo&google_cver=1&google_push=ATf1kGMiz7_sf8jz3EUIw_SJFrsYCfomlwV_6NSiHtpSMR49t1dGsUWz7GxLHgKqyat7A-gNlRmZD8d7nggN4HBKc8Y1zNbQ-H_4jj2sEPaEFmxc6bCcIUCjb_-mxlZRp1xHmC_IiRcEKB9xNridr3OGLr05 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg3WlU3SlYtMTMtOE5aNQ==&google_push=ATf1kGMiz7_sf8jz3EUIw_SJFrsYCfomlwV_6NSiHtpSMR49t1dGsUWz7GxLHgKqyat7A-gNlRmZD8d7nggN4HBKc8Y1zNbQ-H_4jj2sEPaEFmxc6bCcIUCjb_-mxlZRp1xHmC_IiRcEKB9xNridr3OGLr05

Request Chain 204

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM7zJ2T8_8qdb4FIO5Hifos&google_cver=1&google_push=ATf1kGMoklQhXQ0evTxRWaf4NqQoudawB5lzDCMopuGlfPEtM-0oLY4bCVnnmx5dyQbmD-z_Adm8uQrvZO19hN5_B4y84-Ch6TSGRK6jBSG3LvfbmvCpLCGhz2GofpS0YeDfiO2Z9vJg_FoLPINXR4ErR_5H HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM7zJ2T8_8qdb4FIO5Hifos&google_cver=1&google_push=ATf1kGMoklQhXQ0evTxRWaf4NqQoudawB5lzDCMopuGlfPEtM-0oLY4bCVnnmx5dyQbmD-z_Adm8uQrvZO19hN5_B4y84-Ch6TSGRK6jBSG3LvfbmvCpLCGhz2GofpS0YeDfiO2Z9vJg_FoLPINXR4ErR_5H&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGMoklQhXQ0evTxRWaf4NqQoudawB5lzDCMopuGlfPEtM-0oLY4bCVnnmx5dyQbmD-z_Adm8uQrvZO19hN5_B4y84-Ch6TSGRK6jBSG3LvfbmvCpLCGhz2GofpS0YeDfiO2Z9vJg_FoLPINXR4ErR_5H&google_hm=GlbuvGZH_gPswSUwS06cW7DF

Request Chain 205

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENo2CLIodESrAMldx_tTrF8&google_cver=1&google_push=ATf1kGOF3gQ97Ip5TBe-zLOwwWdTAEHgxf128HFUjwHFZqLQjImNCLy-rbmLdkIBp_YSAh0GxyZqwF7sCb5pJceBDrCOjUzsWPEmnqREXvZZzqVV_eBu9J4AwqjWh4HI_L5Us1ACabD9gmqgfTstfUX2Fh-XRw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOF3gQ97Ip5TBe-zLOwwWdTAEHgxf128HFUjwHFZqLQjImNCLy-rbmLdkIBp_YSAh0GxyZqwF7sCb5pJceBDrCOjUzsWPEmnqREXvZZzqVV_eBu9J4AwqjWh4HI_L5Us1ACabD9gmqgfTstfUX2Fh-XRw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 206

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJEXOnldDB0sjTmWFIXr3ms&google_cver=1&google_push=ATf1kGM2HvijTHbjiWp880ekLPEFMMcnP2u3IoQ9rFtiAqCo7xl1nIkkoOfM6ehtCxJl4us4Kp4FjY-emQ7vLYHJr6SDLCQA2JOjwR-p0TG6RqnrPttBH78xdH8EPhviku7hd6wcfitYrsneNxYgqx91AYYpxw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzI3OTM2NDczNzIzODkzNTgwMg%3D%3D&google_gid=CAESEJEXOnldDB0sjTmWFIXr3ms&google_cver=1&google_push=ATf1kGM2HvijTHbjiWp880ekLPEFMMcnP2u3IoQ9rFtiAqCo7xl1nIkkoOfM6ehtCxJl4us4Kp4FjY-emQ7vLYHJr6SDLCQA2JOjwR-p0TG6RqnrPttBH78xdH8EPhviku7hd6wcfitYrsneNxYgqx91AYYpxw

Request Chain 207

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKWlkyLH-xLt1glKEy_y6Ck&google_cver=1&google_push=ATf1kGPE-CYk4R6vMGO_EbL6elnntCnizsCB45APPJRqQECKliy8zxfDhH8aoZxLhepjLroV9SrpBxbGtXtkAdWycy5cP47nITcBg5KxWtf6dJVZ0ILCaMl4dChz1txUYQ0-POeTa8N_wjsh61iThYvguQrQXg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=cb2200bc-6d2a-4c03-8d9d-2a488ade318c&%%GOOGLE_PUSH_PAIR%%

233 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request indexdavc.php Show response
k8ccwwesx.store/
Redirect Chain

http://k8ccwwesx.store/
https://k8ccwwesx.store/
https://k8ccwwesx.store/indexdavc.php

68 KB
19 KB

1898ms
1898ms

Document
text/html

2606:4700:3034::6815:4df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://k8ccwwesx.store/indexdavc.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 835384d482f89227a54a2c6cbea18c2835aa4f2a724eaa094955a40bc9f15641

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7c1a57f30aa62c19-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 03 May 2023 17:49:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8N6LGqjEk3zv7kWhX7AyKgNeAwun%2BGgfWN4%2B2%2Bq6%2FKCzadbfYTe68%2FKiaS07GyMc7EE40k5%2Fj%2FX1ExLNwH958KyvVd8gzkumeVqEMiD09fX9vf9k8DpXdM4xdVrA4a2Z8W3nHLaiUTVD%2BbiPgY8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7c1a57f12fb22c19-FRA
content-type: text/html; charset=UTF-8
date: Wed, 03 May 2023 17:49:57 GMT
location: https://k8ccwwesx.store/indexdavc.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1EqO%2B77bvrObZjW2HyRXd5%2FQEuMab2DqpyStXixLFdrKXANhsInQr7HplzAwOTHO2l2GJPPcWbttp7SHF7MRiFAvIcDkP%2FXGVCMg87MxlWyKy9MC5zD%2BEzi64IDt2Nzq26%2BZ%2BwY18LMMkC5SwY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 main-30012023v1.min.css
gamek.mediacdn.vn/web_css/ 156 KB
40 KB 1816ms
485ms Stylesheet
text/css 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://gamek.mediacdn.vn/web_css/main-30012023v1.min.css

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.3f1bef9f04f099ad2833b4e6bcc6f13b /

Resource Hash

b9d5f3f6f18ec7d8d11e99e4d5296910252a92317fcc7526d6838dbee524792d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 Mar 2023 04:56:56 GMT
server: VCCloud CDN / 247.3f1bef9f04f099ad2833b4e6bcc6f13b
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
xcache-created-at: Thursday, 23-Mar-2023 11:57:18 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 adm_tracking.js Show response
media1.admicro.vn/core/ 26 KB
8 KB 1281ms
241ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/core/adm_tracking.js?v=1
Requested by: Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17068 /
Resource Hash: 6e34e8696d51c15b5f0e261c0633ac2fb615ed51ac4795844e72b2a58fa12dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:00 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 09:41:58 GMT
server: ss1/17068
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:00 GMT

GET
H2 200 cdn.js Show response
static.amcdn.vn/tka/ 26 KB
7 KB 1525ms
223ms Script
application/x-javascript 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.amcdn.vn/tka/cdn.js
Requested by: Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17205 /
Resource Hash: 6a2959b48940ae172de360c0635dac0f6f8e57201b148c4828c5e84385a9a04f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:02 GMT
content-encoding: gzip
last-modified: Fri, 25 Nov 2022 03:18:21 GMT
server: ss1/17205
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:02 GMT

GET
H2 200 home2424.png
gamek.mediacdn.vn/web_images/ 208 B
341 B 248ms
235ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/web_images/home2424.png

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.3e1e9a24472c53724ae03edae82911c0 /

Resource Hash

51492c14a0556272b9fe301830cfcdddb14c1c498557f2d24b2e31e826be7512

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 11:05:34 GMT
server: VCCloud CDN / 247.3e1e9a24472c53724ae03edae82911c0
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 208
x-xss-protection: 1; mode=block

GET
H2 200 social_fb_s.png
gamek.mediacdn.vn/web_images/ 1 KB
1 KB 261ms
246ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/web_images/social_fb_s.png

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.74cacad8cfa05d9156e19ae304772027 /

Resource Hash

e3bc8d2946d9ac7e39fd45039d18f29cb88b5feb2608a81816d082894d63090c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Feb 2023 07:42:41 GMT
server: VCCloud CDN / 247.74cacad8cfa05d9156e19ae304772027
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Friday, 24-Feb-2023 03:44:50 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 1296
x-xss-protection: 1; mode=block

GET
H2 200 photo-1-1587375331787768650294.jpg
gamek.mediacdn.vn/zoom/220_160/133514250583805952/2020/4/20/ 15 KB
15 KB 262ms
247ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/133514250583805952/2020/4/20/photo-1-1587375331787768650294.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.6b230209478f66d1f3e1986515be0de6 /

Resource Hash

f11d127031b80973c04739bd58d1b1324144c222e14689b0a097caef7f584d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 29 Jan 2023 09:56:20 GMT
server: VCCloud CDN / 247.6b230209478f66d1f3e1986515be0de6
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 13:31:34 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 15616
x-xss-protection: 1; mode=block

GET
H2 200 8070064629790700521449411368167183670050816n-1577782529096836135346-crop-15777826151761268516072.jpg
gamek.mediacdn.vn/zoom/220_160/2019/12/31/ 16 KB
16 KB 584ms
569ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2019/12/31/8070064629790700521449411368167183670050816n-1577782529096836135346-crop-15777826151761268516072.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.9910d4cf8d745b61bf1ed63562bece20 /

Resource Hash

77314b8e2383ace311d6db887e7318c8cbb3c905c93eac63f16f2bf0e14882dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Feb 2023 05:56:05 GMT
server: VCCloud CDN / 247.9910d4cf8d745b61bf1ed63562bece20
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Monday, 01-May-2023 09:29:02 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 16570
x-xss-protection: 1; mode=block

GET
H2 200 7421730338875308079391497648784052014546944n-157605484304454070430.jpg
gamek.mediacdn.vn/zoom/220_160/2019/12/11/ 15 KB
16 KB 487ms
472ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2019/12/11/7421730338875308079391497648784052014546944n-157605484304454070430.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.96f7fa145b10512b5b381e7b72f5dbb5 /

Resource Hash

c5ff2238b1b43b730e2150b349e38068dd51d8b4f5d31a64116ba81af53af0e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 29 Jan 2023 10:08:12 GMT
server: VCCloud CDN / 247.96f7fa145b10512b5b381e7b72f5dbb5
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 13:31:34 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 15780
x-xss-protection: 1; mode=block

GET
H2 200 screenshot10-15758796530581675522974.jpg
gamek.mediacdn.vn/zoom/220_160/2019/12/9/ 17 KB
17 KB 549ms
534ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2019/12/9/screenshot10-15758796530581675522974.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.6426725e2486c254796ff54dd4bcc9e7 /

Resource Hash

4cebd28d5cd2175f2fe62d440e48f143eed9662cc73a97a030e14d71752714b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Feb 2023 05:56:05 GMT
server: VCCloud CDN / 247.6426725e2486c254796ff54dd4bcc9e7
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 13:31:34 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 17016
x-xss-protection: 1; mode=block

GET
H2 200 photo-1-1554281576845256173383.jpg
gamek.mediacdn.vn/zoom/220_160/2019/4/3/ 13 KB
13 KB 293ms
279ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2019/4/3/photo-1-1554281576845256173383.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.868887c7801c5e8dac60e8eafa7dd1a3 /

Resource Hash

d87cee1615afcf6042d954ecee3c0cab8b8a86e9a41d6a241d1a567a9827e164

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 12 Feb 2023 04:24:46 GMT
server: VCCloud CDN / 247.868887c7801c5e8dac60e8eafa7dd1a3
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 13:31:34 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 12902
x-xss-protection: 1; mode=block

GET
H2 200 photo-1-1543284764924432222003.jpg
gamek.mediacdn.vn/zoom/220_160/2018/11/27/ 14 KB
14 KB 262ms
248ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2018/11/27/photo-1-1543284764924432222003.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.ad5759eb2408c212421b5a00fa6c6c55 /

Resource Hash

7dc3b671e27501f8496f119a4552243e4a29ce815e7349eb64c58cbd8a8905ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 Apr 2023 02:17:52 GMT
server: VCCloud CDN / 247.ad5759eb2408c212421b5a00fa6c6c55
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 08:13:48 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 14520
x-xss-protection: 1; mode=block

GET
H2 200 photo-1-15395983457251827156532.jpg
gamek.mediacdn.vn/zoom/220_160/2018/10/15/ 14 KB
14 KB 518ms
504ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2018/10/15/photo-1-15395983457251827156532.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.807b9b4917f6ecfd6984e09100454aad /

Resource Hash

f38e31ecde6f7ee87f73444f49e9a4a5262e4604b94a321750010e5f0b1bb9fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Mar 2023 21:10:11 GMT
server: VCCloud CDN / 247.807b9b4917f6ecfd6984e09100454aad
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 13:31:34 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 14352
x-xss-protection: 1; mode=block

GET
H2 200 fifa-online-4-splash-art1kiz47xngwgl71sy1rffuqmosr-15385358602831214227971.jpg
gamek.mediacdn.vn/zoom/220_160/2018/10/3/ 9 KB
9 KB 593ms
579ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2018/10/3/fifa-online-4-splash-art1kiz47xngwgl71sy1rffuqmosr-15385358602831214227971.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.d8dcefc4d5a11bd2ffed2182a4adb718 /

Resource Hash

84c07924a07fec756e2098f444738954e34123f1404b60414402d0f6e74c030b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Mar 2023 08:17:09 GMT
server: VCCloud CDN / 247.d8dcefc4d5a11bd2ffed2182a4adb718
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Tuesday, 02-May-2023 13:16:02 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 8994
x-xss-protection: 1; mode=block

GET
H2 200 photo-6-15283934524441942735340-15364255382291633689678.jpg
gamek.mediacdn.vn/zoom/220_160/2018/9/8/ 13 KB
13 KB 594ms
580ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2018/9/8/photo-6-15283934524441942735340-15364255382291633689678.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.b7c692b663f01752d770a4350a42a5c0 /

Resource Hash

d0eccd86bbd329e3138a4a81ee2f6737644b052e9e8090f3c5321ba8a635e5a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Apr 2023 21:20:11 GMT
server: VCCloud CDN / 247.b7c692b663f01752d770a4350a42a5c0
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 13:31:34 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 13118
x-xss-protection: 1; mode=block

GET
H2 200 photo-1-15356856299371712991240.jpg
gamek.mediacdn.vn/zoom/220_160/2018/8/31/ 10 KB
10 KB 594ms
580ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2018/8/31/photo-1-15356856299371712991240.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.7f115929816051f99e2dd996297e1a1c /

Resource Hash

2202b803df7cd5c60ec348ad46d1abd54206e7e0af84ee13a5e68a2de7e7f18d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Nov 2022 00:57:14 GMT
server: VCCloud CDN / 247.7f115929816051f99e2dd996297e1a1c
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Monday, 01-May-2023 09:29:02 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 10078
x-xss-protection: 1; mode=block

GET
H2 200 photo-1-15326860052561582644524.jpg
gamek.mediacdn.vn/zoom/220_160/2018/7/27/ 13 KB
14 KB 594ms
581ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2018/7/27/photo-1-15326860052561582644524.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.ff96380315fc719ef11013f0aae44077 /

Resource Hash

94f86e4a909c28a57b9995bccf8689f1597affecd652f0a8fed7e49890d84bfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 29 Jan 2023 09:56:21 GMT
server: VCCloud CDN / 247.ff96380315fc719ef11013f0aae44077
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 13:31:34 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 13730
x-xss-protection: 1; mode=block

GET
H2 200 photo-1-1532246956682307945905.jpg
gamek.mediacdn.vn/zoom/220_160/2018/7/22/ 13 KB
13 KB 595ms
581ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2018/7/22/photo-1-1532246956682307945905.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.9094e8e3967435efef35087d375b6eda /

Resource Hash

1b1a858fb5e6db806cf5cf78b66c32be6eefe34cbba2ffe3bcdf856ab6d3eaf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 23 Jan 2022 12:59:41 GMT
server: VCCloud CDN / 247.9094e8e3967435efef35087d375b6eda
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 13:31:34 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 13106
x-xss-protection: 1; mode=block

GET
H2 200 photo-1-1531243468183218857559.jpg
gamek.mediacdn.vn/zoom/220_160/2018/7/11/ 12 KB
12 KB 595ms
581ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2018/7/11/photo-1-1531243468183218857559.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.8a709e30a0faf527551efb45fe8b0785 /

Resource Hash

2ec30c42bfeed0600dee842997ab59e84e0fbe03bd13921e573dde3cb18a7546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 26 Jun 2022 14:19:27 GMT
server: VCCloud CDN / 247.8a709e30a0faf527551efb45fe8b0785
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Monday, 01-May-2023 09:29:02 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 12148
x-xss-protection: 1; mode=block

GET
H2 200 photo-0-153027246772096086075.gif
gamek.mediacdn.vn/zoom/220_160/2018/6/29/ 163 KB
164 KB 595ms
582ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2018/6/29/photo-0-153027246772096086075.gif

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.635d0964ffdaf53884b4e1cdbd4efd4b /

Resource Hash

c691b65e0019946387eaa3d7069e8818754bf1160349f7b997e6b71534f49d2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Mon, 30 Jan 2023 14:44:17 GMT
server: VCCloud CDN / 247.635d0964ffdaf53884b4e1cdbd4efd4b
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Friday, 28-Apr-2023 04:20:11 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 167420
x-xss-protection: 1; mode=block

GET
H2 200 photo-4-15301236791211821093845.jpg
gamek.mediacdn.vn/zoom/220_160/2018/6/28/ 10 KB
10 KB 595ms
582ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2018/6/28/photo-4-15301236791211821093845.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.ce2d2381e37533ece3ef556551d52a07 /

Resource Hash

8cf51a28990267e6a6c75b633015f68016344a8104f0f525ba677ec9cf269dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Nov 2022 08:45:23 GMT
server: VCCloud CDN / 247.ce2d2381e37533ece3ef556551d52a07
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Tuesday, 02-May-2023 13:16:02 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 9870
x-xss-protection: 1; mode=block

GET
H2 200 vo-lam-truyen-ky-vinagame-vng-1529751683414235752942.jpg
gamek.mediacdn.vn/zoom/220_160/2018/6/23/ 14 KB
14 KB 595ms
582ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2018/6/23/vo-lam-truyen-ky-vinagame-vng-1529751683414235752942.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.1343b61389014c88e9e09b73ace18b6d /

Resource Hash

929db1de11fdd6ac33f066937926f55fb9d23aaf611daf00781612601d7c9ecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Sat, 25 Feb 2023 11:52:17 GMT
server: VCCloud CDN / 247.1343b61389014c88e9e09b73ace18b6d
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Monday, 01-May-2023 09:29:02 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 14390
x-xss-protection: 1; mode=block

GET
H2 200 photo-7-1529171292401201255594.jpg
gamek.mediacdn.vn/zoom/220_160/2018/6/17/ 14 KB
14 KB 596ms
583ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2018/6/17/photo-7-1529171292401201255594.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.5cb5cef577bec5352570a0b16d861670 /

Resource Hash

558d480f52903f44c0656288c548423ae5ad63518779d9d4ba16d103690679ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 Apr 2023 10:32:15 GMT
server: VCCloud CDN / 247.5cb5cef577bec5352570a0b16d861670
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Monday, 01-May-2023 09:29:02 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 14100
x-xss-protection: 1; mode=block

GET
H2 200 photo-3-152911905468810307729.jpg
gamek.mediacdn.vn/zoom/220_160/2018/6/16/ 5 KB
5 KB 596ms
583ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2018/6/16/photo-3-152911905468810307729.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.46f53d95e748540da213ee26538e7254 /

Resource Hash

23bee9e982dbb98d07b9a900a405fc6d207839360315a6e45ea8093d1199535c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Mon, 03 Oct 2022 15:31:07 GMT
server: VCCloud CDN / 247.46f53d95e748540da213ee26538e7254
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 13:31:34 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 4726
x-xss-protection: 1; mode=block

GET
H2 200 photo-1-15290557088221695415756.jpg
gamek.mediacdn.vn/zoom/220_160/2018/6/15/ 9 KB
9 KB 596ms
583ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2018/6/15/photo-1-15290557088221695415756.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.04315af11f065de1a0c7bfa5442c8a77 /

Resource Hash

ba8a3a57bf2bc545a10f3cc5003d041f975b2d2217d14462e39ef6c7d10aba2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 29 Jan 2023 10:08:13 GMT
server: VCCloud CDN / 247.04315af11f065de1a0c7bfa5442c8a77
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 13:31:34 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 8950
x-xss-protection: 1; mode=block

GET
H2 200 10-15289642661581925732515.png
gamek.mediacdn.vn/zoom/220_160/2018/6/14/ 54 KB
54 KB 596ms
584ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2018/6/14/10-15289642661581925732515.png

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.ea644ab7d06fac6a7500b4af736c604b /

Resource Hash

c82b1b5855b42a5531c51f09010b584e330fddd17569b552cb78300843f98466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Mar 2023 08:32:17 GMT
server: VCCloud CDN / 247.ea644ab7d06fac6a7500b4af736c604b
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Monday, 01-May-2023 09:29:02 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 55186
x-xss-protection: 1; mode=block

GET
H2 200 photo-1-15283164577901759450200.jpg
gamek.mediacdn.vn/zoom/220_160/2018/6/7/ 11 KB
12 KB 596ms
584ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2018/6/7/photo-1-15283164577901759450200.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.3c491db69bb1d59af7a44583b56e14a5 /

Resource Hash

d338459da55c6a88acde4cc52be9bed9e26bc8aadc9ff8cdc2e430f9f17dd14f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 08 May 2022 15:08:45 GMT
server: VCCloud CDN / 247.3c491db69bb1d59af7a44583b56e14a5
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Monday, 01-May-2023 09:29:02 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 11760
x-xss-protection: 1; mode=block

GET
H2 200 1-15282955726991582982282.jpg
gamek.mediacdn.vn/zoom/220_160/2018/6/6/ 18 KB
18 KB 597ms
584ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2018/6/6/1-15282955726991582982282.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.2a30e21206e4d4b7a5dac884acebac25 /

Resource Hash

c193e8e1f65a1507398d6abfb5304330c60ab9934e7e8b886b26288bdcaac240

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 Apr 2023 07:51:09 GMT
server: VCCloud CDN / 247.2a30e21206e4d4b7a5dac884acebac25
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Monday, 01-May-2023 09:29:02 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 18232
x-xss-protection: 1; mode=block

GET
H2 200 photo-3-15282197049091780557972.jpg
gamek.mediacdn.vn/zoom/220_160/2018/6/6/ 12 KB
12 KB 597ms
585ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2018/6/6/photo-3-15282197049091780557972.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.2e58fc2e968173afd11f810c7a47c8b4 /

Resource Hash

ece02d06227c1bfc5e4439ea3fa37bab51694a1a00056f315dc06769a666ac9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Nov 2022 08:45:24 GMT
server: VCCloud CDN / 247.2e58fc2e968173afd11f810c7a47c8b4
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 13:31:34 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 12402
x-xss-protection: 1; mode=block

GET
H2 200 bns-ue4-preview-1-15259723818481167834347.png
gamek.mediacdn.vn/zoom/220_160/2018/5/11/ 46 KB
46 KB 597ms
585ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2018/5/11/bns-ue4-preview-1-15259723818481167834347.png

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.4d39242959f6ee5224264b3c9f0ecdd7 /

Resource Hash

3de14af47e0c097866ade6f7c491a1ea4324b97f629dfc0afc9f22de35a9fc8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 12 Feb 2023 15:17:06 GMT
server: VCCloud CDN / 247.4d39242959f6ee5224264b3c9f0ecdd7
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Monday, 01-May-2023 09:29:02 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 46796
x-xss-protection: 1; mode=block

GET
H2 200 1-15223097134641623603600.png
gamek.mediacdn.vn/zoom/220_160/2018/3/29/ 52 KB
53 KB 597ms
585ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2018/3/29/1-15223097134641623603600.png

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.8dc13ed98ab946c52da6df6afdd67eb8 /

Resource Hash

2f97afc77928330809390a97f7536e2f9a31b03ad0f6cf77ff95fcbe61ee4986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Nov 2022 13:12:36 GMT
server: VCCloud CDN / 247.8dc13ed98ab946c52da6df6afdd67eb8
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 13:31:34 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 53718
x-xss-protection: 1; mode=block

GET
H2 200 photo-0-1522254862477698848130.jpg
gamek.mediacdn.vn/zoom/220_160/2018/3/28/ 12 KB
12 KB 597ms
585ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2018/3/28/photo-0-1522254862477698848130.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.6c86af638346882734ae4c50926bfeb4 /

Resource Hash

d4e538d27534fa3cf2a18a1b057420bd62e86d1b31078fd4c523dbef9e4eeb21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 23 Jan 2022 12:59:41 GMT
server: VCCloud CDN / 247.6c86af638346882734ae4c50926bfeb4
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 13:31:34 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 12094
x-xss-protection: 1; mode=block

GET
H2 200 photo-0-1514372943918.jpg
gamek.mediacdn.vn/zoom/220_160/2017/ 11 KB
11 KB 598ms
586ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2017/photo-0-1514372943918.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.ffa02f6b72ff91d05c9ff9d9d4238bbd /

Resource Hash

69330f1082873ed22a1191812e88256e1db8eacb18c0bca7e84416b5d47a0bc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 29 Jan 2023 09:56:21 GMT
server: VCCloud CDN / 247.ffa02f6b72ff91d05c9ff9d9d4238bbd
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Monday, 01-May-2023 09:29:02 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 10852
x-xss-protection: 1; mode=block

GET
H2 200 photo-0-1514296136181.jpg
gamek.mediacdn.vn/zoom/220_160/2017/ 12 KB
12 KB 598ms
586ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2017/photo-0-1514296136181.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.3fdcbd92915b7cd867a7b7ad4cea1c2c /

Resource Hash

d370b9485701d3c481274102dbe868b667cee1ab4c61aee8abc07d3860ef9a3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Dec 2021 13:56:57 GMT
server: VCCloud CDN / 247.3fdcbd92915b7cd867a7b7ad4cea1c2c
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Monday, 01-May-2023 09:29:02 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 12494
x-xss-protection: 1; mode=block

GET
H2 200 2game-ddtank-garena-anh-5png-1512121420411.jpg
gamek.mediacdn.vn/zoom/220_160/2017/ 14 KB
14 KB 598ms
586ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/220_160/2017/2game-ddtank-garena-anh-5png-1512121420411.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.576c4c1159e59ff0bc788f541301d1d5 /

Resource Hash

889d851a77181025a20b66ed1d301fc4efbaeacdaae8b8fc520a06c54696a0c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Nov 2022 13:12:36 GMT
server: VCCloud CDN / 247.576c4c1159e59ff0bc788f541301d1d5
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 13:31:34 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 14164
x-xss-protection: 1; mode=block

GET
H2 200 photo-3-1508047414723.jpg
gamek.mediacdn.vn/zoom/345_230/2017/ 50 KB
50 KB 598ms
587ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/345_230/2017/photo-3-1508047414723.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.c985528fc7de6c24c51dc102e888e246 /

Resource Hash

e9384d83692549a6d3d0799b3fb5f65d4fd49a0400ff27036e1ff0c072b81db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Mon, 30 Jan 2023 14:56:10 GMT
server: VCCloud CDN / 247.c985528fc7de6c24c51dc102e888e246
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Monday, 01-May-2023 09:29:02 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 51486
x-xss-protection: 1; mode=block

GET
H2 200 avatar1683107007220-16831070079801375042742.png
gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/ 76 KB
76 KB 598ms
587ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/avatar1683107007220-16831070079801375042742.png

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.736d00e4aa3f8bc1a5f61ab4e140b87e /

Resource Hash

eed66b5d034df77901c6c3b413a5aa31d7be3a160f121159438e492aa67bd8e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
server: VCCloud CDN / 247.736d00e4aa3f8bc1a5f61ab4e140b87e
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
xcache-created-at: Wednesday, 03-May-2023 16:48:03 +07
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 avatar1683102358974-16831023592151520432450-0-144-629-1150-crop-16831032779472102378699.png
gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/ 87 KB
87 KB 599ms
587ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/avatar1683102358974-16831023592151520432450-0-144-629-1150-crop-16831032779472102378699.png

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.5042a9a585617b9932a55a1de38b382d /

Resource Hash

839a374643947431ca0114748399e7f3b1c645277e823f03a50bcd6e1c0c0baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
server: VCCloud CDN / 247.5042a9a585617b9932a55a1de38b382d
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
xcache-created-at: Wednesday, 03-May-2023 16:00:24 +07
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 103 KB
41 KB 462ms
20ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MZ4QL46

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ae65e1c6e07f08231c675c6b65cd138e6a5e1e09daad2c65d0180902ea1318f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41207
x-xss-protection: 0
last-modified: Wed, 03 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 May 2023 17:50:01 GMT

GET
H2 200 ATMJGB0YKY21R.js Show response
deqik.com/tag/corejs/ 42 KB
13 KB 1746ms
453ms Script
application/x-javascript 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://deqik.com/tag/corejs/ATMJGB0YKY21R.js
Requested by: Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: aws/v1 /
Resource Hash: a263eac2ad4afa7f7c974e9676e0fb60bc735b450b57ce30f08bd37a575d5e5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:02 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 06:58:29 GMT
server: aws/v1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
content-length: 13154
expires: Wed, 03 May 2023 18:00:02 GMT

GET
H2 200 avatar1683102325650-1683102326216648725347.png
gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/ 83 KB
83 KB 599ms
587ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/avatar1683102325650-1683102326216648725347.png

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.d979c1394d7fb384423e899d2e84e11a /

Resource Hash

4a97d0436cb1463ada3aa57030a208f83ed40348eef3b96554663c1e3bcf806a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
server: VCCloud CDN / 247.d979c1394d7fb384423e899d2e84e11a
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
xcache-created-at: Wednesday, 03-May-2023 15:31:17 +07
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 avatar1683100456704-16831004572561347801309.jpg
gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/ 27 KB
28 KB 599ms
588ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/avatar1683100456704-16831004572561347801309.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.004e46420a060bbb9c87cde567837116 /

Resource Hash

9b034492bdf4019ff901d0666c46b9d484347af400eea27d4268f50fd0c4d31d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
server: VCCloud CDN / 247.004e46420a060bbb9c87cde567837116
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
xcache-created-at: Wednesday, 03-May-2023 14:56:58 +07
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 avatar1683096742749-1683096743078900879923.jpg
gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/ 18 KB
18 KB 599ms
588ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/avatar1683096742749-1683096743078900879923.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.3bd811f715b82c84885094af39745dcb /

Resource Hash

eadd5798005b45f223f3b16fde87bbe0cdd43e7e42997825c148ae940d62f9ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
server: VCCloud CDN / 247.3bd811f715b82c84885094af39745dcb
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
xcache-created-at: Wednesday, 03-May-2023 14:52:25 +07
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 avatar1683099338933-168309933954427551701.png
gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/ 42 KB
42 KB 599ms
588ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/avatar1683099338933-168309933954427551701.png

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.97619832dbb7f874fd9aad1801ba2cdf /

Resource Hash

ad4b54958e22dfa1d3c6b94b99d8390230d9074327687c297e4831315a0b6818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
server: VCCloud CDN / 247.97619832dbb7f874fd9aad1801ba2cdf
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
xcache-created-at: Wednesday, 03-May-2023 14:38:21 +07
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 avatar1683099315991-1683099316220353918639.png
gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/ 93 KB
93 KB 599ms
588ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/avatar1683099315991-1683099316220353918639.png

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.aec8b1b52690530bd0004a37f98427dc /

Resource Hash

dc96c259aa15c0ecfbc0b14e954c210e5434dd9d1db192c4d222d1e22f2c0f5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
server: VCCloud CDN / 247.aec8b1b52690530bd0004a37f98427dc
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
xcache-created-at: Wednesday, 03-May-2023 14:37:07 +07
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 avatar1683088078241-1683088078462781835523.jpeg
gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/ 12 KB
12 KB 599ms
589ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/avatar1683088078241-1683088078462781835523.jpeg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.eb951e2dd4f96611bf624276291ab78b /

Resource Hash

2753bc838fb99f221507e0867972e92a1ed359dda0af974d2a1c07f56dd28003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
server: VCCloud CDN / 247.eb951e2dd4f96611bf624276291ab78b
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
xcache-created-at: Wednesday, 03-May-2023 14:27:40 +07
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 avatar1683040746435-1683040746586467122959.png
gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/2/ 76 KB
76 KB 600ms
589ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/2/avatar1683040746435-1683040746586467122959.png

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.ea808f6c7b2454d3eb15d0f083601e7e /

Resource Hash

b340a906d4fc4c35e931097f28954c76a1d8f618c2dbd599054cde7fef903ff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
server: VCCloud CDN / 247.ea808f6c7b2454d3eb15d0f083601e7e
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
xcache-created-at: Wednesday, 03-May-2023 14:18:47 +07
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 avatar1683096721324-16830967217052005535784-0-58-628-1063-crop-168309679513060460823.jpg
gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/ 22 KB
23 KB 600ms
589ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/avatar1683096721324-16830967217052005535784-0-58-628-1063-crop-168309679513060460823.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.3392534f377867c595a6394910b9003b /

Resource Hash

67551df7530ecb331c923d14ca78147919dd31d475dc7c1353aa182f2bd67409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
server: VCCloud CDN / 247.3392534f377867c595a6394910b9003b
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
xcache-created-at: Wednesday, 03-May-2023 13:54:48 +07
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 avatar1683090522224-1683090522467232802640.jpg
gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/ 21 KB
22 KB 600ms
590ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/avatar1683090522224-1683090522467232802640.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.7edd5568ad556ad66e9631fe086a972e /

Resource Hash

852201c3b57de7b594b520c94ac6da686e3520cb54d756d248fa0b9bd337ad89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
server: VCCloud CDN / 247.7edd5568ad556ad66e9631fe086a972e
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
xcache-created-at: Wednesday, 03-May-2023 14:00:36 +07
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 avatar1683087931243-16830879318061664339416.jpg
gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/ 36 KB
37 KB 600ms
590ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/avatar1683087931243-16830879318061664339416.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.e905db6f50884dc36175ec143ba5aa6d /

Resource Hash

ed5f84e46b2733178901bd0f32b1ef122b594cc42d86c0e91e3f7910394f803e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
server: VCCloud CDN / 247.e905db6f50884dc36175ec143ba5aa6d
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
xcache-created-at: Wednesday, 03-May-2023 13:54:48 +07
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 avatar1683096796364-1683096796537666753398.jpg
gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/ 29 KB
29 KB 600ms
590ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/avatar1683096796364-1683096796537666753398.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.28d1a2e6977a65fe9ba37495642b3dfb /

Resource Hash

093e65b069d8ce60d6eed1d7d50ddff713536a3ca0d4351da7d27a3ec4b0cbca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
server: VCCloud CDN / 247.28d1a2e6977a65fe9ba37495642b3dfb
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
xcache-created-at: Wednesday, 03-May-2023 13:54:48 +07
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 avatar1683090172522-16830901733591280037389-0-49-314-551-crop-1683092593338207422925.png
gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/ 71 KB
71 KB 600ms
590ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/avatar1683090172522-16830901733591280037389-0-49-314-551-crop-1683092593338207422925.png

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.d29d89cce6a303aaa516a5bc8f878a3f /

Resource Hash

452450fbb6564fa68de2a52c031936cc345f33c7f4ac0637a997fbb903607c91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
server: VCCloud CDN / 247.d29d89cce6a303aaa516a5bc8f878a3f
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
xcache-created-at: Wednesday, 03-May-2023 13:00:12 +07
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 avatar1683087749281-16830877497061468844142.jpg
gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/ 19 KB
19 KB 601ms
591ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/300_200/133514250583805952/2023/5/3/avatar1683087749281-16830877497061468844142.jpg

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.a6226b1f404569807d05e459b9aba6bd /

Resource Hash

1fc5dd801f5c97faa3fe08cfc441f0f461da165ebf6e75a357b33fa6da021a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
server: VCCloud CDN / 247.a6226b1f404569807d05e459b9aba6bd
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
xcache-created-at: Wednesday, 03-May-2023 12:48:15 +07
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: STALE from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 vccorp-s.png
vccorp.mediacdn.vn/ 8 KB
8 KB 1210ms
319ms Image
image/png 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vccorp.mediacdn.vn/vccorp-s.png

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.ea37bf9f5e05a590852f8179ea67a130 /

Resource Hash

fa696f5f1aa34c6b3b3bd4dd87edcd587ac891fc2c03a68fe9b82f975241ebb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:02 GMT
x-content-type-options: nosniff
server: VCCloud CDN / 247.ea37bf9f5e05a590852f8179ea67a130
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/png; charset=utf-8
xcache-created-at: Wednesday, 03-May-2023 18:10:52 +07
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 7687
x-xss-protection: 1; mode=block

GET
H3 200 email-decode.min.js Show response
k8ccwwesx.store/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
9ms Script
application/javascript 2606:4700:3034::6815:4df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://k8ccwwesx.store/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:4df3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/indexdavc.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 25 Apr 2023 11:29:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6447b986-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQI%2BDaHh%2BuRE8aBYMg4AAi7b56%2Buj3ZZ5vpbiElZcjMc0sMW2o4nVg1hRVXHGpkmIWAB6SePaqcg7LmiyC8V2OzqZraY3Z630EBWLPhjhGyX%2F%2B1r08E%2F5MNjqCSDHrXE2oH82ccLpHTFd35cDNA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7c1a5806fe456993-FRA
expires: Fri, 05 May 2023 17:50:00 GMT

GET
H2 200 gamek-09092022v1.min.js Show response
gamek.mediacdn.vn/web_js/ 263 KB
97 KB 601ms
591ms Script
application/javascript 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://gamek.mediacdn.vn/web_js/gamek-09092022v1.min.js

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.65696d41f56d1b6d1743c00c5b84490d /

Resource Hash

c8e1eebc02599c9896e78d721eb085cf848d4de35b795b0c704928230ac43d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Mar 2023 11:05:52 GMT
server: VCCloud CDN / 247.65696d41f56d1b6d1743c00c5b84490d
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
xcache-created-at: Friday, 24-Mar-2023 18:06:01 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 playerInitScript.js Show response
adminplayer.sohatv.vn/resource/init-script/ 25 KB
10 KB 1394ms
242ms Script
application/javascript 123.30.151.76
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://adminplayer.sohatv.vn/resource/init-script/playerInitScript.js
Requested by: Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.76 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: / X3-PLAYER
Resource Hash: 2cffcfaacd57b1261f9528bf5cf177907f5dbfc64d5f39796a8bb329e8d1a430

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-response-time: 1.298ms
date: Wed, 03 May 2023 17:50:02 GMT
content-encoding: gzip
x-powered-by: X3-PLAYER
etag: W/"64e6-AlsgVvW/MvfywaUw1cv7LgBWh9A"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
x-content-length: 25830
x-host-name: SVR515R-NPS-16-40-55

GET
H2 200 admcore.js Show response
media1.admicro.vn/core/ 156 KB
43 KB 243ms
233ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/core/admcore.js
Requested by: Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17205 /
Resource Hash: 5796dad7ea6e51f9ebcb34f34a0494c63afe5ebb32edf14e25987404e89640c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
content-encoding: gzip
last-modified: Wed, 29 Mar 2023 08:28:02 GMT
server: ss1/17205
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:01 GMT

GET
H2 200 ftest
lg1.logging.admicro.vn/ 35 B
619 B 832ms
227ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/ftest?url=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php
Requested by: Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: aws/v1/11R376RNTC /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:02 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/v1/11R376RNTC
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ftest
amcdn.vn/ 35 B
458 B 1516ms
225ms Image
image/gif 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amcdn.vn/ftest?url=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php
Requested by: Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: aws/a1563 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:02 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/a1563
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sprite20150608.png
gamek.mediacdn.vn/web_images/ 95 KB
96 KB 599ms
591ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/web_images/sprite20150608.png

Requested by

Host: gamek.mediacdn.vn
URL: https://gamek.mediacdn.vn/web_css/main-30012023v1.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.79bfda50e23f098a28048b76fec223e8 /

Resource Hash

750adbcdb929dc3e8a56318ce17088877980d77119e2bb8b5cdaac33a7098aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamek.mediacdn.vn/web_css/main-30012023v1.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 Apr 2023 17:59:09 GMT
server: VCCloud CDN / 247.79bfda50e23f098a28048b76fec223e8
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Thursday, 27-Apr-2023 13:00:00 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 97710
x-xss-protection: 1; mode=block

GET
H2 200 gamek_logo_30052022.svg
gamek.mediacdn.vn/web_images/ 11 KB
4 KB 595ms
591ms Image
image/svg+xml 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/web_images/gamek_logo_30052022.svg

Requested by

Host: gamek.mediacdn.vn
URL: https://gamek.mediacdn.vn/web_css/main-30012023v1.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.865111d4339049ccc579f78412b01b5a /

Resource Hash

8455c1c2d1cfbcc4d91725ec2d6ff649c6479110951dac890fdf6bb9da74ba5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamek.mediacdn.vn/web_css/main-30012023v1.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Dec 2022 08:31:49 GMT
server: VCCloud CDN / 247.865111d4339049ccc579f78412b01b5a
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
xcache-created-at: Sunday, 01-Jan-2023 15:33:06 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 sprite201506x.png
gamek.mediacdn.vn/web_images/ 4 KB
4 KB 595ms
592ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/web_images/sprite201506x.png

Requested by

Host: gamek.mediacdn.vn
URL: https://gamek.mediacdn.vn/web_css/main-30012023v1.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.9e50de4f0c277e6098ea9cb3b7cd9bef /

Resource Hash

adc8730b8a390f108424de8be9eb0585e5d581c03e7811095aae89ebb3fb38a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamek.mediacdn.vn/web_css/main-30012023v1.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Jul 2022 11:04:04 GMT
server: VCCloud CDN / 247.9e50de4f0c277e6098ea9cb3b7cd9bef
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 4108
x-xss-protection: 1; mode=block

GET
H2 200 UTM_Bebas.woff2
gamek.mediacdn.vn/web_font/ 9 KB
10 KB 693ms
230ms Font
application/font-woff2 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://gamek.mediacdn.vn/web_font/UTM_Bebas.woff2

Requested by

Host: gamek.mediacdn.vn
URL: https://gamek.mediacdn.vn/web_css/main-30012023v1.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.d1113552e3601414fe19b8b298581580 /

Resource Hash

33c654bc9298696de6a89c1367f976c63c2648472ff6e7f1dc8447a7b096f466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gamek.mediacdn.vn/web_css/main-30012023v1.min.css
Origin: https://k8ccwwesx.store
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:02 GMT
x-content-type-options: nosniff
last-modified: Sat, 06 Aug 2022 11:03:16 GMT
server: VCCloud CDN / 247.d1113552e3601414fe19b8b298581580
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 9272
x-xss-protection: 1; mode=block

GET
H2 200 ads_code_1.ads Show response
media1.admicro.vn/ads_codes/ 0
242 B 667ms
667ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/ads_codes/ads_code_1.ads
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/adm_tracking.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17077 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:01 GMT
content-encoding: gzip
last-modified: Tue, 27 Apr 2021 04:47:24 GMT
server: ss1/17077
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
content-length: 23
expires: Wed, 03 May 2023 18:00:01 GMT

GET
H2 200 lgnews.js Show response
static.contineljs.com/core/ 11 KB
4 KB 1480ms
233ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.contineljs.com/core/lgnews.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/adm_tracking.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17206 /
Resource Hash: 8de73b8c9c9d8b3359c9e50a046f1cc12277e3fbbe4f19c8d47434b2fdccebe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:02 GMT
content-encoding: gzip
last-modified: Fri, 21 Apr 2023 08:41:29 GMT
server: ss1/17206
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:02 GMT

GET
H2 200 ftest
amcdn.vn/ 35 B
458 B 1473ms
227ms Image
image/gif 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amcdn.vn/ftest?lsn=78550e439b1a87e578b51200a1bb5622&dg=78550e439b1a87e578b51200a1bb5622&ui=&url=http%3A%2F%2F1k8ccwwesx.store%2Findexdavc.php&rd=0.3629533850831934
Requested by: Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: aws/a2364 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:02 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/a2364
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ftest
lg1.logging.admicro.vn/ 35 B
619 B 786ms
226ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/ftest?lsn=78550e439b1a87e578b51200a1bb5622&dg=78550e439b1a87e578b51200a1bb5622&ui=&url=http%3A%2F%2F2k8ccwwesx.store%2Findexdavc.php&rd=0.3048481069312414
Requested by: Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: aws/v1/86R225L0A1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:02 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/v1/86R225L0A1
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _tracking1.gif
lg1.logging.admicro.vn/ 35 B
716 B 785ms
225ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg1.logging.admicro.vn/_tracking1.gif?dg=78550e439b1a87e578b51200a1bb5622&fl=-1.-1.&je=0&sr=1600x1200&sc=24&hn=k8ccwwesx.store&cat=%2Ftag%2Fgame-online-viet-nam%2F&g=0&i=v%3B1683136201498%3B0%3B0%3B1%3B0%3B0%3B1600x1200%3B0%3B0%3B78550e439b1a87e578b51200a1bb5622%3B78550e439b1a87e578b51200a1bb5622%3B%3B-1683136197189%3B0%3B0%3B1898%3B84%3B414%3B-1683136197189%3B-1683136197189&rdm=0.19265700753607207&p=%2Findexdavc.php&r=&dg=78550e439b1a87e578b51200a1bb5622&ce=1&lc=&cr=&ui=

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

aws/v1/88R3430A1B /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Frame-Options	allowall

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:02 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/v1/88R3430A1B
x-frame-options: allowall
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mapid
lg.nanda.vn/ 35 B
464 B 1183ms
224ms Image
image/gif 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg.nanda.vn/mapid?src=admicro&dguid=78550e439b1a87e578b51200a1bb5622&3guid=
Requested by: Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: aws/n2392 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:02 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/n2392
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 admcoreext.js Show response
media1.admicro.vn/core/ 14 KB
5 KB 233ms
233ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/core/admcoreext.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17069 /
Resource Hash: 8c6dc32d121be2319e6605e1f583ef12a9d76a9d0d68ab1a6dd76049e35d87a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:02 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 09:02:41 GMT
server: ss1/17069
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:02 GMT

GET
H2 200 arf-57.min.js Show response
media1.admicro.vn/cms/ 89 KB
9 KB 233ms
233ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/cms/arf-57.min.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17069 /
Resource Hash: cf0cf3a4991aa017eea8141c9918da7f32a776fcf779f37cdd9505a3c50539d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:02 GMT
content-encoding: gzip
last-modified: Wed, 03 May 2023 17:30:57 GMT
server: ss1/17069
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:02 GMT

GET
H2 200 genjs_ht26032019.js Show response
adi.admicro.vn/adt/cpc/tvcads/tracking/ 28 B
527 B 1413ms
229ms Script
application/javascript 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://adi.admicro.vn/adt/cpc/tvcads/tracking/genjs_ht26032019.js?v=0.6751976853077426

Requested by

Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.c02a3728a49e5e31c8ed752fec6d296a /

Resource Hash

e8fab4708422172956dd7b3e03593b6158704e6c1a1cc8a5313e461c166afa5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: VCCloud CDN / 247.c02a3728a49e5e31c8ed752fec6d296a
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/javascript; charset=utf-8
xcache-created-at: Thursday, 04-May-2023 00:50:02 +07
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 adm_tracking.js Show response
media1.admicro.vn/core/ 26 KB
8 KB 234ms
234ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/core/adm_tracking.js?id=1
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17205 /
Resource Hash: 6e34e8696d51c15b5f0e261c0633ac2fb615ed51ac4795844e72b2a58fa12dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:02 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 09:41:58 GMT
server: ss1/17205
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:02 GMT

GET
H2 200 arf-24381.min.js Show response
media1.admicro.vn/cms/ 4 KB
2 KB 233ms
233ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/cms/arf-24381.min.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17205 /
Resource Hash: fd9f1c67d23ef3b8254a0085c3610d787f30b3bab9bfdffdeb6bf808321909c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:02 GMT
content-encoding: gzip
last-modified: Wed, 03 May 2023 17:30:56 GMT
server: ss1/17205
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
content-length: 1925
expires: Wed, 03 May 2023 18:00:02 GMT

GET
H2 200 all.js Show response
connect.facebook.net/vi_VN/ 3 KB
2 KB 318ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/all.js

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

80dda122ffbd6798f6854c78267fa4d2279a0c54846f1af93bb842c7320f2bfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 May 2023 17:50:02 GMT
content-md5: y9021oN5/wuxoN89PBHI8Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: KFOi9gFiuAbKI9GNVWL4l/gf+J363P2v+KWcXGecRW4ATkA2xsYYtflc/ax/cFoCyK2zSlWOpr5ke/vC1JQauw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 8b200430a7bdfa86f6a6138247b98f8e
cross-origin-opener-policy: same-origin-allow-popups
etag: "c7293fd49e340e518bd39d7f51ee31a3"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 03 May 2023 17:56:06 GMT

GET
H2 200 _tracking1.gif Show response
lg1.logging.admicro.vn/ Frame 178E 720 B
1 KB 228ms
228ms Document
text/html 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://lg1.logging.admicro.vn/_tracking1.gif?dg=78550e439b1a87e578b51200a1bb5622&fl=-1.-1.&je=0&sr=1600x1200&sc=24&hn=k8ccwwesx.store&cat=%2Ftag%2Fgame-online-viet-nam%2F&g=0&i=s%3B1683136201498%3B0%3B0%3B1%3B0%3B0%3B1600x1200%3B0%3B0%3B78550e439b1a87e578b51200a1bb5622%3B78550e439b1a87e578b51200a1bb5622%3B%3B-1683136197189%3B0%3B0%3B1898%3B84%3B414%3B-1683136197189%3B-1683136197189&rdm=0.382817320933756&p=%2Findexdavc.php&r=&dg=78550e439b1a87e578b51200a1bb5622&ce=1&lc=&cr=&ui=

Requested by

Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/adm_tracking.js?v=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

aws/v1/88R3430A1B /

Resource Hash

ad07124f6ae9a6764aec90d9900afddb2cc5b48ddfd4a890d02eb67b1e8e5077

Security Headers

Name	Value
X-Frame-Options	allowall

Request headers

Referer: https://k8ccwwesx.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 720
content-type: text/html; charset=utf-8
date: Wed, 03 May 2023 17:50:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
pragma: no-cache
server: aws/v1/88R3430A1B
x-frame-options: allowall

GET
H2 200 arf-59.min.js Show response
media1.admicro.vn/cms/ 89 KB
8 KB 233ms
233ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/cms/arf-59.min.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17206 /
Resource Hash: a3fbbc62acbc33a05f52d5c410dfff26fa7ae3907929329f64379421cdb20e34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:02 GMT
content-encoding: gzip
last-modified: Wed, 03 May 2023 17:30:57 GMT
server: ss1/17206
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:02 GMT

GET
H2 200 arf-498.min.js Show response
media1.admicro.vn/cms/ 4 KB
2 KB 233ms
233ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/cms/arf-498.min.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17069 /
Resource Hash: 90acc1dcbd45e9a5eb9217b4fa15a601d207d1345ee97717769a5d2f05f7cea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:02 GMT
content-encoding: gzip
last-modified: Wed, 03 May 2023 17:30:56 GMT
server: ss1/17069
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
content-length: 1868
expires: Wed, 03 May 2023 18:00:02 GMT

GET
H2 200 Arf.min.js Show response
media1.admicro.vn/cms/ 289 KB
91 KB 233ms
233ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/cms/Arf.min.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/cms/arf-24381.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17206 /
Resource Hash: 9b69708c866676e9c188a7727e93b0c10d9e4c37945f1a8490ed6a24d692f8bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:02 GMT
content-encoding: gzip
last-modified: Wed, 03 May 2023 14:28:53 GMT
server: ss1/17206
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:02 GMT

GET
H3 200 all.js Show response
connect.facebook.net/vi_VN/ 303 KB
85 KB 20ms
12ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/all.js?hash=02e4c234acd477406c91167f190b08c6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2815303d3b0b23269b57e4a5ff8494cbfc8ff0cc65e67180f250f1a6dfdabcac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://k8ccwwesx.store/
Origin: https://k8ccwwesx.store
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 May 2023 17:50:02 GMT
content-md5: Ix8mCg1nQOBhSD3kvh63Lw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87143
x-fb-rlafr: 0
x-fb-debug: 3cetW5N40esnKrWi3uZvAMpUIyLpjSMA9eEpqUMI6OluaVhEXhO9BDI2GarrD72Ah19pLoletNiVxIi0JOLDow==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: c340eea193a432614c66b9be2bf31061
cross-origin-opener-policy: same-origin-allow-popups
etag: "33dd20b658ad4ad0393e881594585931"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 May 2024 12:45:53 GMT

GET
H2 200 arf-60.min.js Show response
media1.admicro.vn/cms/ 4 KB
2 KB 440ms
440ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/cms/arf-60.min.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17077 /
Resource Hash: a56d383cffdd997135de848ffc9e93f1326a09d02a07a3f38f39b0e9895d1395

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:02 GMT
content-encoding: gzip
last-modified: Wed, 03 May 2023 17:30:56 GMT
server: ss1/17077
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
content-length: 1863
expires: Wed, 03 May 2023 18:00:02 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 172ms
114ms Fetch
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=618158328194206&input_token&origin=1&redirect_uri=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/all.js?hash=02e4c234acd477406c91167f190b08c6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Wed, 03 May 2023 17:50:02 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: fy+zs+VIKZKHSodO0YcUkL+Ek+jDvNItrPGT+RLwvqFEPiv026Nt1ii/gdWp9dSoUEQTvNOcxCs0jXmHB5w1bw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://k8ccwwesx.store
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 arf-962.min.js Show response
media1.admicro.vn/cms/ 83 KB
8 KB 290ms
290ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/cms/arf-962.min.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17206 /
Resource Hash: 5e434be5c7492450a0ba45737d3da4c666830c67bb7eef36ba165c07d189dac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:03 GMT
content-encoding: gzip
last-modified: Wed, 03 May 2023 17:30:57 GMT
server: ss1/17206
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:03 GMT

GET
H2 200 persist.js Show response
static.amcdn.vn/core/ Frame 178E 26 KB
8 KB 223ms
223ms Script
application/x-javascript 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.amcdn.vn/core/persist.js
Requested by: Host: lg1.logging.admicro.vn
URL: https://lg1.logging.admicro.vn/_tracking1.gif?dg=78550e439b1a87e578b51200a1bb5622&fl=-1.-1.&je=0&sr=1600x1200&sc=24&hn=k8ccwwesx.store&cat=%2Ftag%2Fgame-online-viet-nam%2F&g=0&i=s%3B1683136201498%3B0%3B0%3B1%3B0%3B0%3B1600x1200%3B0%3B0%3B78550e439b1a87e578b51200a1bb5622%3B78550e439b1a87e578b51200a1bb5622%3B%3B-1683136197189%3B0%3B0%3B1898%3B84%3B414%3B-1683136197189%3B-1683136197189&rdm=0.382817320933756&p=%2Findexdavc.php&r=&dg=78550e439b1a87e578b51200a1bb5622&ce=1&lc=&cr=&ui=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17205 /
Resource Hash: 9e9efcb83c65b19c1e5beda26cfd017576e8ed57bd67876ca87f7634ffc8bf8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lg1.logging.admicro.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:03 GMT
content-encoding: gzip
last-modified: Tue, 04 Jan 2022 06:49:30 GMT
server: ss1/17205
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:03 GMT

GET
H2 200 cmd_track
amcdn.vn/ 35 B
239 B 225ms
225ms Image
image/gif 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amcdn.vn/cmd_track?lsn=78550e439b1a87e578b51200a1bb5622&dg=78550e439b1a87e578b51200a1bb5622&ui=&fl=-1.-1.&je=0&sr=1600x1200&sc=24&hn=k8ccwwesx.store&p=%2Findexdavc.php&r=&cat=%2Ftag%2Fgame-online-viet-nam%2F&vp=1600x1200
Requested by: Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: aws/a2555 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:03 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/a2555
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 list-09092022v1.min.js Show response
gamek.mediacdn.vn/web_js/ 1 KB
600 B 246ms
246ms Script
application/javascript 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://gamek.mediacdn.vn/web_js/list-09092022v1.min.js

Requested by

Host: gamek.mediacdn.vn
URL: https://gamek.mediacdn.vn/web_js/gamek-09092022v1.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.374e65c2706b312b880b5afac720845c /

Resource Hash

0fb48768d4afbe2ae2b680b90443bf4e458c755622e2550bf3989e93ca3c3c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 12 Mar 2023 08:42:59 GMT
server: VCCloud CDN / 247.374e65c2706b312b880b5afac720845c
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
xcache-created-at: Wednesday, 15-Mar-2023 15:45:19 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 arf-360.min.js Show response
media1.admicro.vn/cms/ 85 KB
8 KB 234ms
233ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/cms/arf-360.min.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17069 /
Resource Hash: 534fb3bf760b3ec8d347f30f85b2de955d6a4052161b39e2a615dfcddaba3faa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:03 GMT
content-encoding: gzip
last-modified: Wed, 03 May 2023 17:30:57 GMT
server: ss1/17069
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:03 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: deqik.com
URL: https://deqik.com/tag/corejs/ATMJGB0YKY21R.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 May 2023 16:35:44 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4459
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 03 May 2023 18:35:44 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 105 KB
27 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: deqik.com
URL: https://deqik.com/tag/corejs/ATMJGB0YKY21R.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f7b103418c76d3c630fa9ac6128249bebab1e97454948c2fcfc22fc88f4ea3a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 03 May 2023 17:50:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27428
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: elDF1fIPDne5I/6F1pLTrwTYEdKRJb4g3iQfAtZTBbvYfGPtTXkr+3sFclz9zzNiauIBcCnFHE6TBTAqK0iruA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 63ms
20ms Script
text/javascript 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: deqik.com
URL: https://deqik.com/tag/corejs/ATMJGB0YKY21R.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 May 2023 15:58:43 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6680
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17093
expires: Wed, 03 May 2023 17:58:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
78 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SPFXF87NXW

Requested by

Host: deqik.com
URL: https://deqik.com/tag/corejs/ATMJGB0YKY21R.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a3c0b5fae0616b2eb0d3447922bf7fb9c0508c6adec107accb4767bf9b5c894e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79741
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 May 2023 17:50:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
78 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SPFXF87NXW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ4QL46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f13dfb1c4185b555c42f610c21bdbfd60cd543d1b6e07850d5a741b5bb01d555

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79643
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 May 2023 17:50:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
51 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-748929497

Requested by

Host: deqik.com
URL: https://deqik.com/tag/corejs/ATMJGB0YKY21R.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f418e41e3ceb8b627a8a961ea24a7eaa52cbc7cb8bf0ddc997b75bc2035df64e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52433
x-xss-protection: 0
last-modified: Wed, 03 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 May 2023 17:50:03 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 15ms
14ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=473185837&t=pageview&_s=1&dl=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&ul=en-us&de=UTF-8&dt=GAME%20ONLINE%20VI%E1%BB%86T%20NAM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1511502260&gjid=1203002627&cid=449717621.1683136203&tid=UA-34575478-19&_gid=274602505.1683136203&_r=1&_slc=1&z=1030297244

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://k8ccwwesx.store/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://k8ccwwesx.store
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
70 B 14ms
14ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=473185837&t=pageview&_s=1&dl=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&ul=en-us&de=UTF-8&dt=GAME%20ONLINE%20VI%E1%BB%86T%20NAM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=575860920&gjid=1493521284&cid=449717621.1683136203&tid=UA-143999657-2&_gid=274602505.1683136203&_r=1&_slc=1&z=1791168634

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://k8ccwwesx.store/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://k8ccwwesx.store
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
stats.g.doubleclick.net/r/ 35 B
198 B 22ms
21ms Image
image/gif 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=169156175&utmhn=k8ccwwesx.store&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=GAME%20ONLINE%20VI%E1%BB%86T%20NAM&utmhid=473185837&utmr=-&utmp=%2Findexdavc.php&utmht=1683136203352&utmac=UA-46362619-5&utmcc=__utma%3D228882502.449717621.1683136203.1683136203.1683136203.1%3B%2B__utmz%3D228882502.1683136203.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=497354294&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAABAAAE~

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 03 May 2023 17:50:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 272928993613453 Show response
connect.facebook.net/signals/config/ 375 KB
107 KB 230ms
229ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/272928993613453?v=2.9.103&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1562d52e7ec908dc77567979eefa514e785555a51fa6ecddd56f7edf67e909a9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 03 May 2023 17:50:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: N3aFqpFi8RGweEYGK2upNZp0fpOWWAs3CvH7k+NVTKlKbQQuy+fSxbAmLaD/P9wUiecIbIYozDn9gl48lXFAEw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/748929497/ 3 KB
2 KB 55ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/748929497/?random=1683136203368&cv=11&fst=1683136203368&bg=ffffff&guid=ON&async=1&gtm=45be3510&u_w=1600&u_h=1200&url=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&hn=www.googleadservices.com&frm=0&tiba=GAME%20ONLINE%20VI%E1%BB%86T%20NAM&auid=683302837.1683136203&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-748929497

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36f72db671128b39b7c0a45e367ef4f85d5a8c59de756b8c3a8cf4d405c250ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 20ms
19ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-34575478-19&cid=449717621.1683136203&jid=1511502260&gjid=1203002627&_gid=274602505.1683136203&_u=IEBAAEAAAAAAACAAI~&z=1193550261

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://k8ccwwesx.store/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 03 May 2023 17:50:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://k8ccwwesx.store
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 35ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SPFXF87NXW&gtm=45je3510&_p=473185837&cid=449717621.1683136203&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683136203&sct=1&seg=0&dl=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&dt=GAME%20ONLINE%20VI%E1%BB%86T%20NAM&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SPFXF87NXW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://k8ccwwesx.store
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 67ms
43ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-34575478-19&cid=449717621.1683136203&jid=1511502260&_u=IEBAAEAAAAAAACAAI~&z=961311091

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 65ms
43ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-34575478-19&cid=449717621.1683136203&jid=1511502260&_u=IEBAAEAAAAAAACAAI~&z=961311091

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advbcms
lg1.logging.admicro.vn/ 35 B
543 B 225ms
224ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg1.logging.admicro.vn/advbcms?dmn=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&zid=24381&pgid=1683136203249268957&uid=7731362023644888841&ui=7731362023644888841&cr=1683136202

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Frame-Options	allowall

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:03 GMT
x-frame-options: allowall
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 advbcms
lg1.logging.admicro.vn/ 35 B
543 B 225ms
224ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg1.logging.admicro.vn/advbcms?dmn=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&zid=57&pgid=1683136203249268957&uid=7731362023644888841&ui=7731362023644888841&cr=1683136202

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Frame-Options	allowall

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:03 GMT
x-frame-options: allowall
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 arf-jxjxpls5.min.js Show response
media1.admicro.vn/cms/ 12 KB
3 KB 233ms
233ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/cms/arf-jxjxpls5.min.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/cms/Arf.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17069 /
Resource Hash: fa852ae558d81f45f70172edda0888aa0bc9d2a9b8dd0af065c5fdafd2b66404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:03 GMT
content-encoding: gzip
last-modified: Wed, 03 May 2023 17:30:57 GMT
server: ss1/17069
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:03 GMT

GET
H2 200 advbcms
lg1.logging.admicro.vn/ 35 B
543 B 224ms
224ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg1.logging.admicro.vn/advbcms?dmn=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&zid=59&pgid=1683136203249268957&uid=7731362023644888841&ui=7731362023644888841&cr=1683136202

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Frame-Options	allowall

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:03 GMT
x-frame-options: allowall
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pr_gamek.vn.js Show response
media1.admicro.vn/core/pr/ 18 B
261 B 233ms
233ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/core/pr/pr_gamek.vn.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/cms/Arf.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17068 /
Resource Hash: 96056e3107d5ec8350a5f06d2540d47ee7532d0f07aa5571871b1bc3cf82aa46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:03 GMT
content-encoding: gzip
last-modified: Wed, 03 May 2023 17:50:03 GMT
server: ss1/17068
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
content-length: 42
expires: Wed, 03 May 2023 18:00:03 GMT

GET
H2 200 advbcms
lg1.logging.admicro.vn/ 35 B
543 B 224ms
224ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg1.logging.admicro.vn/advbcms?dmn=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&zid=498&pgid=1683136203249268957&uid=7731362023644888841&ui=7731362023644888841&cr=1683136202

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Frame-Options	allowall

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:03 GMT
x-frame-options: allowall
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 advbcms
lg1.logging.admicro.vn/ 35 B
543 B 225ms
225ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg1.logging.admicro.vn/advbcms?dmn=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&zid=60&pgid=1683136203249268957&uid=7731362023644888841&ui=7731362023644888841&cr=1683136202

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Frame-Options	allowall

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:03 GMT
x-frame-options: allowall
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 advbcms
lg1.logging.admicro.vn/ 35 B
543 B 225ms
224ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg1.logging.admicro.vn/advbcms?dmn=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&zid=962&pgid=1683136203249268957&uid=7731362023644888841&ui=7731362023644888841&cr=1683136202

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Frame-Options	allowall

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:03 GMT
x-frame-options: allowall
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame FDC2 91 KB
32 KB 333ms
57ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: media1.admicro.vn
URL: https://media1.admicro.vn/cms/Arf.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d54acc2f3c80e30c691fb6260a4941f8e4e1c7ef295534e71a7dfc778404b08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32214
x-xss-protection: 0
server: cafe
etag: 14858611690954203839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 May 2023 17:50:03 GMT

GET
H2 200 cpx_cms
lg1.logging.admicro.vn/ 35 B
477 B 225ms
225ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/cpx_cms?dmn=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&zid=962&pli=276923&cmpg=1042600&items=276923&cat=%2ftag%2fgame-online-viet-nam%2f&cov=0&pgid=1683136203249268957&uid=7731362023644888841
Requested by: Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: aws/v1/78R430L0A1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:03 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/v1/78R430L0A1
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advbcms
lg1.logging.admicro.vn/ 35 B
543 B 225ms
225ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg1.logging.admicro.vn/advbcms?dmn=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&zid=360&pgid=1683136203249268957&uid=7731362023644888841&ui=7731362023644888841&cr=1683136202

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Frame-Options	allowall

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:03 GMT
x-frame-options: allowall
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sticky.js Show response
adi.admicro.vn/adt/cpc/tvcads/files/js/sticky_220818/ 7 KB
2 KB 226ms
225ms Script
application/javascript 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://adi.admicro.vn/adt/cpc/tvcads/files/js/sticky_220818/sticky.js

Requested by

Host: media1.admicro.vn
URL: https://media1.admicro.vn/cms/Arf.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.d05023399f66b86079136411dd167ee2 /

Resource Hash

60131c41e4202c29147bab657da90f51429bc4cdb35c16bd807e491358912083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 29 Jan 2023 10:45:09 GMT
server: VCCloud CDN / 247.d05023399f66b86079136411dd167ee2
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
xcache-created-at: Wednesday, 01-Feb-2023 17:45:01 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 /
www.google.com/pagead/1p-user-list/748929497/ 42 B
154 B 20ms
19ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/748929497/?random=1683136203368&cv=11&fst=1683133200000&bg=ffffff&guid=ON&async=1&gtm=45be3510&u_w=1600&u_h=1200&url=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&frm=0&tiba=GAME%20ONLINE%20VI%E1%BB%86T%20NAM&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1303549462&rmt_tld=0&ipr=y

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/748929497/ 42 B
154 B 18ms
18ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/748929497/?random=1683136203368&cv=11&fst=1683133200000&bg=ffffff&guid=ON&async=1&gtm=45be3510&u_w=1600&u_h=1200&url=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&frm=0&tiba=GAME%20ONLINE%20VI%E1%BB%86T%20NAM&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1303549462&rmt_tld=1&ipr=y

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
100 B 7ms
6ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=272928993613453&ev=PageView&dl=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&rl=&if=false&ts=1683136203634&sw=1600&sh=1200&v=2.9.103&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1683136203633.27036260&it=1683136203360&coo=false&rqm=GET

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 03 May 2023 17:50:03 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame B1AC 91 KB
32 KB 199ms
121ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: media1.admicro.vn
URL: https://media1.admicro.vn/cms/Arf.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93eb712aed2c12446379c5364ea343d329061fba7f9490e413d7d087348b5e31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32214
x-xss-protection: 0
server: cafe
etag: 12605587003421629065
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 May 2023 17:50:03 GMT

GET
H2 200 cpx_cms
lg1.logging.admicro.vn/ 35 B
477 B 225ms
225ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/cpx_cms?dmn=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&zid=57&pli=276920&cmpg=1042600&items=276920&cat=%2ftag%2fgame-online-viet-nam%2f&cov=0&pgid=1683136203249268957&uid=7731362023644888841
Requested by: Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: aws/v1/78R430L0A1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:03 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/v1/78R430L0A1
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame A110 91 KB
32 KB 214ms
167ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: media1.admicro.vn
URL: https://media1.admicro.vn/cms/Arf.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c231fb1705859e85fe90c24a6ac19723b655c8e6c0ccd30fdea356e1d68a05aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32213
x-xss-protection: 0
server: cafe
etag: 17205070857385873700
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 May 2023 17:50:03 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 0B17 91 KB
32 KB 216ms
175ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: media1.admicro.vn
URL: https://media1.admicro.vn/cms/Arf.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0f7dec02e12ef802d0d33ce2182132222205bfcfa16db5d49240c2bf7e0e4b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32210
x-xss-protection: 0
server: cafe
etag: 2110405211638665098
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 May 2023 17:50:03 GMT

GET
H2 200 cpx_cms
lg1.logging.admicro.vn/ 35 B
477 B 225ms
224ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/cpx_cms?dmn=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&zid=59&pli=jx1inkvw&cmpg=1042599&items=jx1inmdo&cat=%2ftag%2fgame-online-viet-nam%2f&cov=0&pgid=1683136203249268957&uid=7731362023644888841
Requested by: Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: aws/v1/46R5540A1B /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:03 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/v1/46R5540A1B
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cpx_cms
lg1.logging.admicro.vn/ 35 B
477 B 225ms
225ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/cpx_cms?dmn=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&zid=59&pli=jx5t3896&cmpg=1042599&items=jx5t39n1&cat=%2ftag%2fgame-online-viet-nam%2f&cov=0&pgid=1683136203249268957&uid=7731362023644888841
Requested by: Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: aws/v1/76R454R0A1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:03 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/v1/76R454R0A1
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 8951 91 KB
32 KB 153ms
153ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: media1.admicro.vn
URL: https://media1.admicro.vn/cms/Arf.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

218438d9064ed348e8c8dcf0e7e2af9773e570b2b6423126a111cc99fd955011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32211
x-xss-protection: 0
server: cafe
etag: 16177691870400793265
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 May 2023 17:50:03 GMT

GET
H2 200 cpx_cms
lg1.logging.admicro.vn/ 35 B
477 B 225ms
224ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/cpx_cms?dmn=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&zid=360&pli=276919&cmpg=1042599&items=276919&cat=%2ftag%2fgame-online-viet-nam%2f&cov=0&pgid=1683136203249268957&uid=7731362023644888841
Requested by: Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: aws/v1/76R454R0A1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:03 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/v1/76R454R0A1
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advbcms
lg1.logging.admicro.vn/ 35 B
543 B 225ms
225ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg1.logging.admicro.vn/advbcms?dmn=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&zid=jxjxpls5&pgid=1683136203249268957&uid=7731362023644888841&ui=7731362023644888841&cr=1683136202

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Frame-Options	allowall

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:03 GMT
x-frame-options: allowall
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305010101/ Frame FDC2 354 KB
119 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6366951472589375&plah=k8ccwwesx.store&bust=31074291

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4616d49eb72c505c0c7c4d4149da5461d221564483d9a269c3f61f0694874365

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122102
x-xss-protection: 0
server: cafe
etag: 6481832557933435769
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 May 2023 17:50:03 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/ Frame B1AC 354 KB
119 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6366951472589375&plah=k8ccwwesx.store&bust=31074265

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5593d6421d13970adb76b5de6b04e1cfb11ccc982792f715e68eb79b08de0bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122069
x-xss-protection: 0
server: cafe
etag: 10688988950784239687
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 May 2023 17:50:03 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/ Frame 8951 354 KB
119 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6366951472589375&plah=k8ccwwesx.store

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d5c876612e40f214f4a5583d90a50af75e95c38f2ba63141e92262a26f7a596

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122073
x-xss-protection: 0
server: cafe
etag: 5076788894814610631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 May 2023 17:50:04 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305010101/ Frame A110 354 KB
119 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6366951472589375&plah=k8ccwwesx.store&bust=31074266

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b46b999110afeb35ec22b707e8402f3f6d96a62f1825955441601aa265544633

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122103
x-xss-protection: 0
server: cafe
etag: 1167706500951373360
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 May 2023 17:50:04 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/ Frame 0B17 354 KB
119 KB 133ms
132ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6366951472589375&plah=k8ccwwesx.store

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b3b56c9c2982c038bd0ddbf68f4ac9891835e1907baa3acab03567716a131ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122074
x-xss-protection: 0
server: cafe
etag: 17098734205143880972
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 May 2023 17:50:04 GMT

GET
H2 200 bundle.js Show response
static.philacct.com/ngvmfg/static/js/ 45 KB
14 KB 1223ms
243ms Script
application/x-javascript 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.philacct.com/ngvmfg/static/js/bundle.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17205 /
Resource Hash: e61fd45407ec94fcaf4f11a2a4cb98fc514a45a56d73be14ed0cbe8d896a4f4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:05 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 08:39:52 GMT
server: ss1/17205
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:05 GMT

GET
H3 200 like.php Show response
www.facebook.com/plugins/ Frame B7CB 45 KB
15 KB 271ms
271ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=618158328194206&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df301e77e668dbd4%26domain%3Dk8ccwwesx.store%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fk8ccwwesx.store%252Ff3f102ac7ad82f4%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fgamek.vn%2Fgame-online-viet-nam.htm&layout=button_count&locale=vi_VN&sdk=joey&show_faces=true&width=450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/all.js?hash=02e4c234acd477406c91167f190b08c6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

519d60dc92bdc5c99ad8db226493d19c5aea03d981b378010fb397cf3f5c3841

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://k8ccwwesx.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 03 May 2023 17:50:04 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: L6PL8q6vO5TY44xmqS3O5hOmekwJQ6wpYwLeXOqF1gB5UctTpKh9euGq4HXxpD8YzAcDDKl9eVKefqDSJ+PH/Q==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame B1AC 397 B
605 B 36ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=k8ccwwesx.store&callback=_gfp_s_&client=ca-pub-6366951472589375

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6366951472589375&plah=k8ccwwesx.store&bust=31074265

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5c438d3d0f71ca6e76f691457bc5570ebc6189bd9adf04a8ff9589523cda27f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame B1AC 107 B
531 B 68ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=k8ccwwesx.store

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B1AC 107 B
456 B 39ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=k8ccwwesx.store

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1F77 603 B
390 B 384ms
383ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=90&slotname=6721968282&adk=3456145410&adf=3471351507&pi=t.ma~as.6721968282&w=728&lmt=1683136204&url=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136203918&bpp=10&bdt=213&idt=176&shv=r20230501&mjsv=m202304270101&ptt=5&saldr=sa&correlator=305097339994&frm=23&ife=1&pv=2&ga_vid=449717621.1683136203&ga_sid=1683136203&ga_hid=2019224567&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=160&biw=1600&bih=1200&isw=728&ish=90&ifk=213394084&scr_x=0&scr_y=0&eid=44773809%2C44759876%2C44759927%2C44759837%2C31074265%2C44788442%2C44789761%2C44789924%2C31071260&oid=2&pvsid=3806225720832992&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7egnt0t3xgz6&fsb=1&dtd=195

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://k8ccwwesx.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 17:50:04 GMT
expires: Wed, 03 May 2023 17:50:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame FDC2 397 B
324 B 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=k8ccwwesx.store&callback=_gfp_s_&client=ca-pub-6366951472589375

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6366951472589375&plah=k8ccwwesx.store&bust=31074291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32b0a64bd42803f6e8af33df31e7307a7951dbb07f21e2cd3d68b7fd48b2b07b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame FDC2 107 B
165 B 44ms
26ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=k8ccwwesx.store

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame FDC2 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=k8ccwwesx.store

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5DF6 603 B
69 B 446ms
445ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=600&slotname=6721968282&adk=1592157575&adf=2098014275&pi=t.ma~as.6721968282&w=300&lmt=1683136204&url=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136203855&bpp=10&bdt=347&idt=275&shv=r20230501&mjsv=m202305010101&ptt=5&saldr=sa&correlator=305097339994&frm=23&ife=1&pv=1&ga_vid=449717621.1683136203&ga_sid=1683136203&ga_hid=141230988&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=4812&biw=1600&bih=1200&isw=300&ish=600&ifk=3194483421&scr_x=0&scr_y=0&eid=44759926%2C44773809%2C44759837%2C44759875%2C31074291%2C44788441%2C44789761%2C44789925&oid=2&pvsid=3214247643899122&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cp9qjao4sp7k&btvi=1&fsb=1&dtd=291

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://k8ccwwesx.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 17:50:04 GMT
expires: Wed, 03 May 2023 17:50:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=272928993613453&ev=Microdata&dl=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&rl=&if=false&ts=1683136204158&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22GAME%20ONLINE%20VI%E1%BB%86T%20NAM%22%2C%22meta%3Adescription%22%3A%22game%20%20online%20Vi%E1%BB%87t%20Nam%22%2C%22meta%3Akeywords%22%3A%22game-online-viet-nam%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22GAME%20%20ONLINE%20VI%E1%BB%86T%20NAM%22%2C%22og%3Adescription%22%3A%22game%20%20online%20Vi%E1%BB%87t%20Nam%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22gamek.vn%22%2C%22og%3Arich_attachment%22%3A%22true%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fgamek.vn%2Fgame-online-viet-nam.htm%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fgamek.mediacdn.vn%2Fweb_images%2Fgamek-1200x630.jpg%22%2C%22twitter%3Aimage%22%3A%22https%3A%2F%2Fgamek.mediacdn.vn%2Fweb_images%2Fgamek-1200x630.jpg%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fpng%22%2C%22twitter%3Acard%22%3A%22summary_large_image%22%2C%22og%3Aimage%3Awidth%22%3A%22600%22%2C%22og%3Aimage%3Aheight%22%3A%22315%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.103&r=stable&ec=1&o=30&fbp=fb.1.1683136203633.27036260&it=1683136203360&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 03 May 2023 17:50:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame A110 12 B
100 B 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=k8ccwwesx.store&callback=_gfp_s_&client=ca-pub-6366951472589375&cookie=ID%3Ddf3d13ebe2fbfcd8-22b331d0b7dd00c0%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MZ_nAXVK4RpSATiAPpngIzGg336_A&gpic=UID%3D00000bf51c696b12%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MaxcC-aXJTq-s-UjOLzD2mJ7OAW3A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame A110 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=k8ccwwesx.store

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame A110 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=k8ccwwesx.store

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 592A 20 KB
9 KB 483ms
482ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=250&slotname=8198676162&adk=3065671642&adf=2098014273&pi=t.ma~as.8198676162&w=300&lmt=1683136204&url=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136203978&bpp=10&bdt=241&idt=192&shv=r20230501&mjsv=m202305010101&ptt=5&saldr=sa&cookie=ID%3Ddf3d13ebe2fbfcd8-22b331d0b7dd00c0%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MZ_nAXVK4RpSATiAPpngIzGg336_A&gpic=UID%3D00000bf51c696b12%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MaxcC-aXJTq-s-UjOLzD2mJ7OAW3A&correlator=305097339994&frm=23&ife=1&pv=1&ga_vid=449717621.1683136203&ga_sid=1683136203&ga_hid=584764907&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=265&biw=1600&bih=1200&isw=300&ish=250&ifk=3194250365&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773810%2C31074266%2C44788441%2C44789761%2C44789779&oid=2&pvsid=2091338123323422&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5w994cbwk55w&fsb=1&dtd=208

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e539941cb311e6e78f14367925ffad0a4375ede1609ea99697836b9112ec5f9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://k8ccwwesx.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 9255
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 17:50:04 GMT
expires: Wed, 03 May 2023 17:50:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 8951 12 B
53 B 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=k8ccwwesx.store&callback=_gfp_s_&client=ca-pub-6366951472589375&cookie=ID%3D4f1399e1dd6401f9-2249b24eb8dd004a%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MYXKYnQXGm7KDeVdimufzAvRUVnug&gpic=UID%3D00000bf51c913968%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MYtXxHJuscG-Opj-Rv6yw9le87sJQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 8951 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=k8ccwwesx.store

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8951 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=k8ccwwesx.store

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E9C3 71 KB
28 KB 455ms
455ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=600&slotname=8198676162&adk=3372607032&adf=2098014303&pi=t.ma~as.8198676162&w=300&lmt=1683136204&url=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136203966&bpp=11&bdt=171&idt=237&shv=r20230501&mjsv=m202304270101&ptt=5&saldr=sa&cookie=ID%3D4f1399e1dd6401f9-2249b24eb8dd004a%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MYXKYnQXGm7KDeVdimufzAvRUVnug&gpic=UID%3D00000bf51c913968%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MYtXxHJuscG-Opj-Rv6yw9le87sJQ&correlator=305097339994&frm=23&ife=1&pv=1&ga_vid=449717621.1683136203&ga_sid=1683136203&ga_hid=724927852&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=5422&biw=1600&bih=1200&isw=300&ish=600&ifk=3194483421&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C42531705%2C44788441%2C44789761%2C44789925&oid=2&pvsid=960905417375282&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ukx236s1szsk&btvi=1&fsb=1&dtd=251

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a825d7f32c342c0918c688208cfee5034c4bae82b19d3d895dd1136a6f47d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://k8ccwwesx.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 28659
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 17:50:04 GMT
expires: Wed, 03 May 2023 17:50:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cpx_cms
lg1.logging.admicro.vn/ 35 B
477 B 225ms
224ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/cpx_cms?dmn=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&zid=57&pli=276920&cmpg=1042600&items=276920&cat=%2ftag%2fgame-online-viet-nam%2f&cov=2&pgid=1683136203249268957&uid=7731362023644888841
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: aws/v1/88R3430A1B /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:04 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/v1/88R3430A1B
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 0B17 12 B
53 B 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0B17 107 B
122 B 20ms
19ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=k8ccwwesx.store

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0B17 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=k8ccwwesx.store

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 08C4 603 B
69 B 364ms
363ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=250&slotname=8198676162&adk=3065671642&adf=2098014272&pi=t.ma~as.8198676162&w=300&lmt=1683136204&url=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136203994&bpp=10&bdt=251&idt=236&shv=r20230501&mjsv=m202304270101&ptt=5&saldr=sa&cookie=ID%3D4f1399e1dd6401f9-2249b24eb8dd004a%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MYXKYnQXGm7KDeVdimufzAvRUVnug&gpic=UID%3D00000bf51c913968%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MYtXxHJuscG-Opj-Rv6yw9le87sJQ&correlator=305097339994&frm=23&ife=1&pv=1&ga_vid=449717621.1683136203&ga_sid=1683136203&ga_hid=393648676&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=523&biw=1600&bih=1200&isw=300&ish=250&ifk=3194250365&scr_x=0&scr_y=0&eid=44773809%2C44759837%2C44759875%2C44759926%2C44788441%2C44789761%2C44789925&oid=2&pvsid=4331248582009054&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.erxleja41ask&fsb=1&dtd=257

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://k8ccwwesx.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 17:50:04 GMT
expires: Wed, 03 May 2023 17:50:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cpx_cms
lg1.logging.admicro.vn/ 35 B
477 B 225ms
225ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/cpx_cms?dmn=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&zid=59&pli=jx1inkvw&cmpg=1042599&items=jx1inmdo&cat=%2ftag%2fgame-online-viet-nam%2f&cov=2&pgid=1683136203249268957&uid=7731362023644888841
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: aws/v1/46R5540A1B /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:04 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/v1/46R5540A1B
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cpx_cms
lg1.logging.admicro.vn/ 35 B
477 B 225ms
225ms Image
image/gif 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/cpx_cms?dmn=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&zid=59&pli=jx5t3896&cmpg=1042599&items=jx5t39n1&cat=%2ftag%2fgame-online-viet-nam%2f&cov=2&pgid=1683136203249268957&uid=7731362023644888841
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: aws/v1/76R454R0A1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:04 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/v1/76R454R0A1
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame B7CB 299 B
546 B 7ms
7ms Image
image/png 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?app_id=618158328194206&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df301e77e668dbd4%26domain%3Dk8ccwwesx.store%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fk8ccwwesx.store%252Ff3f102ac7ad82f4%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fgamek.vn%2Fgame-online-viet-nam.htm&layout=button_count&locale=vi_VN&sdk=joey&show_faces=true&width=450

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
x-fb-rlafr: 0
x-fb-debug: 5tFPkj3lU+MSEZFKzVHE7NjFBH1kQON+12Ndu0WhK1w/Pps2zpxSTdA6ddeClVg90COmuD1y8ETdYI3Opu73wQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 02 May 2024 00:18:24 GMT

GET
H2 200 42u84PpgTPB.js Show response
static.xx.fbcdn.net/rsrc.php/v3iSa94/y-/l/vi_VN/ Frame B7CB 513 KB
133 KB 22ms
8ms XHR
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iSa94/y-/l/vi_VN/42u84PpgTPB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0535b2dd5b534b752aa5b1774246f26c5e20f5ff5952dca8a64e9b1af4763bd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: SUdiqY8KsIaNbkKOOcV2Iw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 135890
x-fb-rlafr: 0
x-fb-debug: 12GqArzqieFT4XjEocbDEXsAFRomg3I2ohbi0nnQVFfkBX3mb/kqU+JENqp4px//mExjOZ4TszJIF+AljWA9NQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 01 May 2024 01:46:24 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 592A 42 B
63 B 109ms
108ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BEYL3hQAVV7gloYUmSTjciUBu5kNGT4pGj43N88JsUCjwH2V3zPhBdD2M7IwJDKnQ7UNYOQwvFJxTCSZGGN0ol8emhimoHuplXPNHdyNwxH7UtAgA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=250&slotname=8198676162&adk=3065671642&adf=2098014273&pi=t.ma~as.8198676162&w=300&lmt=1683136204&url=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136203978&bpp=10&bdt=241&idt=192&shv=r20230501&mjsv=m202305010101&ptt=5&saldr=sa&cookie=ID%3Ddf3d13ebe2fbfcd8-22b331d0b7dd00c0%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MZ_nAXVK4RpSATiAPpngIzGg336_A&gpic=UID%3D00000bf51c696b12%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MaxcC-aXJTq-s-UjOLzD2mJ7OAW3A&correlator=305097339994&frm=23&ife=1&pv=1&ga_vid=449717621.1683136203&ga_sid=1683136203&ga_hid=584764907&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=265&biw=1600&bih=1200&isw=300&ish=250&ifk=3194250365&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773810%2C31074266%2C44788441%2C44789761%2C44789779&oid=2&pvsid=2091338123323422&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5w994cbwk55w&fsb=1&dtd=208

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 592A 0
20 B 109ms
108ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11445927840847070687&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 592A 78 KB
27 KB 125ms
124ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 03 May 2023 17:50:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 592A 3 KB
1 KB 35ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 07:37:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36780
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 07:37:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 592A 19 KB
8 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7141471cf38c1e5f68499d03fc12899c1d4f91358d533881a7c5e8ddf10a5ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:34:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7957
x-xss-protection: 0
server: cafe
etag: 10936619172403307163
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:34:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 592A 0
0 15ms
15ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-DipUfd4aZk_4MqKvC32HFOsuobZYoVhABpZ8HwNxP4dOI1qoEAkjfuhBqSklCaLaq8d_NNJI0kmcBeV-5yanA83zFg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=250&slotname=8198676162&adk=3065671642&adf=2098014273&pi=t.ma~as.8198676162&w=300&lmt=1683136204&url=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136203978&bpp=10&bdt=241&idt=192&shv=r20230501&mjsv=m202305010101&ptt=5&saldr=sa&cookie=ID%3Ddf3d13ebe2fbfcd8-22b331d0b7dd00c0%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MZ_nAXVK4RpSATiAPpngIzGg336_A&gpic=UID%3D00000bf51c696b12%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MaxcC-aXJTq-s-UjOLzD2mJ7OAW3A&correlator=305097339994&frm=23&ife=1&pv=1&ga_vid=449717621.1683136203&ga_sid=1683136203&ga_hid=584764907&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=265&biw=1600&bih=1200&isw=300&ish=250&ifk=3194250365&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773810%2C31074266%2C44788441%2C44789761%2C44789779&oid=2&pvsid=2091338123323422&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5w994cbwk55w&fsb=1&dtd=208
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 592A 160 KB
49 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 17:50:04 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5A89 624 B
242 B 47ms
47ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY5er4xgEwAQ&v=APEucNUlZEqo7ClygDOPh81yWlBHNbDjNFYE6chOvKgxi07wtjAAhYUdJcH5gKFJcmPnOpZ3PK9pehI6agh8qbdWXlz8GTNzTB6sMe7EdGCrOxIJbK50bS0uuaNMFO0WJRbqGkuFhK_JhwdOUh6wR3_En3X6OtKPwRy6YIW-briGatvxyWlio4g

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=250&slotname=8198676162&adk=3065671642&adf=2098014273&pi=t.ma~as.8198676162&w=300&lmt=1683136204&url=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136203978&bpp=10&bdt=241&idt=192&shv=r20230501&mjsv=m202305010101&ptt=5&saldr=sa&cookie=ID%3Ddf3d13ebe2fbfcd8-22b331d0b7dd00c0%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MZ_nAXVK4RpSATiAPpngIzGg336_A&gpic=UID%3D00000bf51c696b12%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MaxcC-aXJTq-s-UjOLzD2mJ7OAW3A&correlator=305097339994&frm=23&ife=1&pv=1&ga_vid=449717621.1683136203&ga_sid=1683136203&ga_hid=584764907&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=265&biw=1600&bih=1200&isw=300&ish=250&ifk=3194250365&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773810%2C31074266%2C44788441%2C44789761%2C44789779&oid=2&pvsid=2091338123323422&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5w994cbwk55w&fsb=1&dtd=208
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 17:50:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 12133188066651366145
tpc.googlesyndication.com/simgad/ Frame E9C3 102 KB
102 KB 32ms
13ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12133188066651366145

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=600&slotname=8198676162&adk=3372607032&adf=2098014303&pi=t.ma~as.8198676162&w=300&lmt=1683136204&url=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136203966&bpp=11&bdt=171&idt=237&shv=r20230501&mjsv=m202304270101&ptt=5&saldr=sa&cookie=ID%3D4f1399e1dd6401f9-2249b24eb8dd004a%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MYXKYnQXGm7KDeVdimufzAvRUVnug&gpic=UID%3D00000bf51c913968%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MYtXxHJuscG-Opj-Rv6yw9le87sJQ&correlator=305097339994&frm=23&ife=1&pv=1&ga_vid=449717621.1683136203&ga_sid=1683136203&ga_hid=724927852&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=5422&biw=1600&bih=1200&isw=300&ish=600&ifk=3194483421&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C42531705%2C44788441%2C44789761%2C44789925&oid=2&pvsid=960905417375282&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ukx236s1szsk&btvi=1&fsb=1&dtd=251

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65278bdabf96ce77a8ac2995147edcbf3608a5e1233e778e0863915a9331edb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 01:19:49 GMT
x-content-type-options: nosniff
age: 405015
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104340
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:23:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Apr 2024 01:19:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/ Frame E9C3 22 KB
9 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00d6272f8ba086bd63eed498e6a916b8d9eb0f51920af223b1596e0b72c9a4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 857
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8743
x-xss-protection: 0
server: cafe
etag: 14489809188666054284
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:35:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame E9C3 3 KB
1 KB 19ms
12ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 07:37:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36780
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 07:37:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame E9C3 19 KB
8 KB 16ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7141471cf38c1e5f68499d03fc12899c1d4f91358d533881a7c5e8ddf10a5ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:34:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7957
x-xss-protection: 0
server: cafe
etag: 10936619172403307163
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:34:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E9C3 0
0 16ms
14ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_1kFs5SIHWY-g0TYG5FOYcUUQaehdNHeenQyUzYdeTWTiV0V0z14salVpnCk8teDFoQZNODBUdMv4LLyuCNm_cwXRXg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=600&slotname=8198676162&adk=3372607032&adf=2098014303&pi=t.ma~as.8198676162&w=300&lmt=1683136204&url=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136203966&bpp=11&bdt=171&idt=237&shv=r20230501&mjsv=m202304270101&ptt=5&saldr=sa&cookie=ID%3D4f1399e1dd6401f9-2249b24eb8dd004a%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MYXKYnQXGm7KDeVdimufzAvRUVnug&gpic=UID%3D00000bf51c913968%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MYtXxHJuscG-Opj-Rv6yw9le87sJQ&correlator=305097339994&frm=23&ife=1&pv=1&ga_vid=449717621.1683136203&ga_sid=1683136203&ga_hid=724927852&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=5422&biw=1600&bih=1200&isw=300&ish=600&ifk=3194483421&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C42531705%2C44788441%2C44789761%2C44789925&oid=2&pvsid=960905417375282&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ukx236s1szsk&btvi=1&fsb=1&dtd=251
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E9C3 160 KB
49 KB 35ms
28ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 17:50:04 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame E9C3 32 KB
13 KB 28ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb62fff5455c97f66ddb233cfba61136f51bf98e4fbd9ec7c203a62ab1012417

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 18:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13019
x-xss-protection: 0
server: cafe
etag: 8496199140094913793
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 18:13:43 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0CC4 143 B
166 B 8ms
7ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=600&slotname=8198676162&adk=3372607032&adf=2098014303&pi=t.ma~as.8198676162&w=300&lmt=1683136204&url=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136203966&bpp=11&bdt=171&idt=237&shv=r20230501&mjsv=m202304270101&ptt=5&saldr=sa&cookie=ID%3D4f1399e1dd6401f9-2249b24eb8dd004a%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MYXKYnQXGm7KDeVdimufzAvRUVnug&gpic=UID%3D00000bf51c913968%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MYtXxHJuscG-Opj-Rv6yw9le87sJQ&correlator=305097339994&frm=23&ife=1&pv=1&ga_vid=449717621.1683136203&ga_sid=1683136203&ga_hid=724927852&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=5422&biw=1600&bih=1200&isw=300&ish=600&ifk=3194483421&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C42531705%2C44788441%2C44789761%2C44789925&oid=2&pvsid=960905417375282&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ukx236s1szsk&btvi=1&fsb=1&dtd=251
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2432
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 17:09:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 02F5 1 KB
643 B 7ms
7ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 15:17:48 GMT
etag: 48472445140208031
expires: Thu, 04 May 2023 15:17:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E9C3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc850d8e6964c31758d6d1ea7db7de2c4d11db71ccc93f1813649e77727f6014

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5A89
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHq1BDMwuea9EMUfR7gnQHQ&google_cver=1

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHq1BDMwuea9EMUfR7gnQHQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY5er4xgEwAQ&v=APEucNUlZEqo7ClygDOPh81yWlBHNbDjNFYE6chOvKgxi07wtjAAhYUdJcH5gKFJcmPnOpZ3PK9pehI6agh8qbdWXlz8GTNzTB6sMe7EdGCrOxIJbK50bS0uuaNMFO0WJRbqGkuFhK_JhwdOUh6wR3_En3X6OtKPwRy6YIW-briGatvxyWlio4g
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 May 2023 17:50:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHq1BDMwuea9EMUfR7gnQHQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5A89
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFKezGZV2BlYFJLo-UAf7QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHq1BDMwuea9EMUfR7gnQHQ&google_cver=1

43 B
766 B

9ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHq1BDMwuea9EMUfR7gnQHQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY5er4xgEwAQ&v=APEucNUlZEqo7ClygDOPh81yWlBHNbDjNFYE6chOvKgxi07wtjAAhYUdJcH5gKFJcmPnOpZ3PK9pehI6agh8qbdWXlz8GTNzTB6sMe7EdGCrOxIJbK50bS0uuaNMFO0WJRbqGkuFhK_JhwdOUh6wR3_En3X6OtKPwRy6YIW-briGatvxyWlio4g
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 May 2023 17:50:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHq1BDMwuea9EMUfR7gnQHQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5A89
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAWlKJSpE2ooDvO94zR4fm0&google_cver=1

43 B
1 KB

19ms
7ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAWlKJSpE2ooDvO94zR4fm0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY5er4xgEwAQ&v=APEucNUlZEqo7ClygDOPh81yWlBHNbDjNFYE6chOvKgxi07wtjAAhYUdJcH5gKFJcmPnOpZ3PK9pehI6agh8qbdWXlz8GTNzTB6sMe7EdGCrOxIJbK50bS0uuaNMFO0WJRbqGkuFhK_JhwdOUh6wR3_En3X6OtKPwRy6YIW-briGatvxyWlio4g

Protocol

HTTP/1.1

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 May 2023 17:50:04 GMT
AN-X-Request-Uuid: c8808977-97c7-4f7b-8ad6-2197a1e5e1b0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.9; 217.64.151.9; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAWlKJSpE2ooDvO94zR4fm0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A89
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI3OTM2NDczNzIzODkzNTgwMg%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI3OTM2NDczNzIzODkzNTgwMg%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 03 May 2023 17:50:04 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.9; 217.64.151.9; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 11d6ee51-c25d-431a-913a-4db065a296df
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI3OTM2NDczNzIzODkzNTgwMg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02F5
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEK1HkLDYshFgbop-P-akap8&google_cver=1&google_push=ATf1kGOcNo7nYXrxBD4kWlLrgwdb735aZo1i_e5UZe0y0I1npfUCoiv-J7BHqh4OKCTr-SDxxDQ4Qm3gDa60p7UO...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOcNo7nYXrxBD4kWlLrgwdb735aZo1i_e5UZe0y0I1npfUCoiv-J7BHqh4OKCTr-SDxxDQ4Qm3gDa60p7UOL29XdKBYE9E

170 B
188 B

17ms
17ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOcNo7nYXrxBD4kWlLrgwdb735aZo1i_e5UZe0y0I1npfUCoiv-J7BHqh4OKCTr-SDxxDQ4Qm3gDa60p7UOL29XdKBYE9E

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 03 May 2023 17:50:05 GMT
Server: MT3 830 785530e master nrt-pixel-x20 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOcNo7nYXrxBD4kWlLrgwdb735aZo1i_e5UZe0y0I1npfUCoiv-J7BHqh4OKCTr-SDxxDQ4Qm3gDa60p7UOL29XdKBYE9E
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 03 May 2023 17:50:04 GMT

GET 5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 02F5 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02F5
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEPkV36ZO8hZKLD9QpQsDSZw&google_cver=1&google_push=ATf1kGMhzLEBny9xS2Fj3dk04Mh34pOSmBGDVVNt1sWrC52JCqFPCIVzV1xauN78oLpnQSpFdEHVcL_lxisiIFbxtW4UqHhOZA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4D6F041C3663422B887DA9164EE94A59&google_push=ATf1kGMhzLEBny9xS2Fj3dk04Mh34pOSmBGDVVNt1sWrC52JCqFPCIVzV1xauN78oLpnQSpFdEHVcL_lxisiIFb...

170 B
188 B

18ms
17ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4D6F041C3663422B887DA9164EE94A59&google_push=ATf1kGMhzLEBny9xS2Fj3dk04Mh34pOSmBGDVVNt1sWrC52JCqFPCIVzV1xauN78oLpnQSpFdEHVcL_lxisiIFbxtW4UqHhOZA

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 03 May 2023 17:50:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4D6F041C3663422B887DA9164EE94A59&google_push=ATf1kGMhzLEBny9xS2Fj3dk04Mh34pOSmBGDVVNt1sWrC52JCqFPCIVzV1xauN78oLpnQSpFdEHVcL_lxisiIFbxtW4UqHhOZA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 02 May 2023 17:50:04 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02F5
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHs5kiO0RBtG6P3rUw_fw2g&google_cver=1&google_push=ATf1kGMe47v840nkoxHgmvjokVtUi8JPg9LMWGMrmu2VCX1iflzalAjpoio45dDvK28SZf4v7Dafrb_J7A-2zAc-f2gv...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHs5kiO0RBtG6P3rUw_fw2g&google_cver=1&google_push=ATf1kGMe47v840nkoxHgmvjokVtUi8JPg9LMWGMrmu2VCX1iflzalAjpoio45dDvK28SZf4v7Dafrb_J7A-2zA...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=722dc26b-525f-44d3-b660-e6cb27949596&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMe47v840nkoxHgmvjokVtUi8JPg9LMWGMrmu2VCX1iflzalAjpoio45dDvK28SZf4v7Dafrb_J7A-2zAc-f2gvJveM4cY&google_hm=yyIAvG0qTAONnSpIit4xjA==

170 B
188 B

17ms
17ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMe47v840nkoxHgmvjokVtUi8JPg9LMWGMrmu2VCX1iflzalAjpoio45dDvK28SZf4v7Dafrb_J7A-2zAc-f2gvJveM4cY&google_hm=yyIAvG0qTAONnSpIit4xjA==

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMe47v840nkoxHgmvjokVtUi8JPg9LMWGMrmu2VCX1iflzalAjpoio45dDvK28SZf4v7Dafrb_J7A-2zAc-f2gvJveM4cY&google_hm=yyIAvG0qTAONnSpIit4xjA==
date: Wed, 03 May 2023 17:50:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 02F5 43 B
351 B 37ms
16ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDujWfjnc9qYAzFMaum3r0M&google_cver=1&google_push=ATf1kGOU7it8MjJTuJWadcbml9yWfzKyN08UbKEnnZOn10xmf9DvGS7u6_uBma5GfXp7PdZOJ07PGZmRy8pBM5C8PkXyWJbV08A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=600&slotname=8198676162&adk=3372607032&adf=2098014303&pi=t.ma~as.8198676162&w=300&lmt=1683136204&url=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136203966&bpp=11&bdt=171&idt=237&shv=r20230501&mjsv=m202304270101&ptt=5&saldr=sa&cookie=ID%3D4f1399e1dd6401f9-2249b24eb8dd004a%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MYXKYnQXGm7KDeVdimufzAvRUVnug&gpic=UID%3D00000bf51c913968%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MYtXxHJuscG-Opj-Rv6yw9le87sJQ&correlator=305097339994&frm=23&ife=1&pv=1&ga_vid=449717621.1683136203&ga_sid=1683136203&ga_hid=724927852&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=5422&biw=1600&bih=1200&isw=300&ish=600&ifk=3194483421&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C42531705%2C44788441%2C44789761%2C44789925&oid=2&pvsid=960905417375282&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ukx236s1szsk&btvi=1&fsb=1&dtd=251
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:04 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 71akm4go7qm9fmdv1h2n3dh27p44hb0k

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02F5
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHdNSyQUEwlSKnvLfpv_Vvs&google_cver=1&google_push=ATf1kGOuhU3M9sXWxWUis51XWc85LnneQhfBG9ypfviE2ZJJVqFxfImRi9WGe9hEcmdTngjVYHr...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg3WlU3RlAtMTYtUlJH&google_push=ATf1kGOuhU3M9sXWxWUis51XWc85LnneQhfBG9ypfviE2ZJJVqFxfImRi9WGe9hEcmdTngjVYHr1QfK2a15wkrI6099ceNFJvDQ

170 B
188 B

21ms
19ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg3WlU3RlAtMTYtUlJH&google_push=ATf1kGOuhU3M9sXWxWUis51XWc85LnneQhfBG9ypfviE2ZJJVqFxfImRi9WGe9hEcmdTngjVYHr1QfK2a15wkrI6099ceNFJvDQ

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg3WlU3RlAtMTYtUlJH&google_push=ATf1kGOuhU3M9sXWxWUis51XWc85LnneQhfBG9ypfviE2ZJJVqFxfImRi9WGe9hEcmdTngjVYHr1QfK2a15wkrI6099ceNFJvDQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02F5
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIoryW8k9my_fUcvla51oDw&google_cver=1&google_push=ATf1kGOnWEQLn707PDqMYjQLCWSlJm6XsAuTKfO59CrHpW5mIP-ecGvdP4qvzLTrywR7vTD97Gl2an1-0RPp5xjd...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOnWEQLn707PDqMYjQLCWSlJm6XsAuTKfO59CrHpW5mIP-ecGvdP4qvzLTrywR7vTD97Gl2an1-0RPp5xjdRkvRTsjQ1oU

170 B
188 B

17ms
17ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOnWEQLn707PDqMYjQLCWSlJm6XsAuTKfO59CrHpW5mIP-ecGvdP4qvzLTrywR7vTD97Gl2an1-0RPp5xjdRkvRTsjQ1oU

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 03 May 2023 17:50:04 GMT
via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOnWEQLn707PDqMYjQLCWSlJm6XsAuTKfO59CrHpW5mIP-ecGvdP4qvzLTrywR7vTD97Gl2an1-0RPp5xjdRkvRTsjQ1oU
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: g2ZBYS7yLdJ4xlF3ZnZBRLZeRQ-GFD4mB62OM9fFd85jWL7vGfXYgA==

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 02F5 0
59 B 15ms
14ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I9ZD6cKM460fqVF5KeWt55OJG3O3_18rp9qKXp-IGKeoKcicU5LrF3fur06ZSLwUpDiCjT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0CC4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

16ms
16ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 17:50:04 GMT
expires: Wed, 03 May 2023 17:50:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 17:50:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 592A 0
20 B 108ms
108ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5797956996296&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 592A 0
20 B 108ms
108ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5797956996296&version=m202301230201&ct=76&x=1&cor=11445927840847071000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 592A 90 KB
36 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDusFsDnTokTQ-KhMvSPsSQ7W5rS_-zLqCX8p_WksulK9p5q8AnsB-mpG75UUxInm6oXQpy0q1DnvaMZz-ac3QwsXGtcEukL50BeuLWt_gSzhtAx6JQg3NvVP64tB11g4lUdVY6ptZabuWvrnMn-n_iGJ9ZmtArPA7PM7M0PgvGdcs5CI&dbm_d=AKAmf-CstCuvk2cgSH6Lq8c1SUXmj-Zw6KIlVB5R8CQla1auW9KO_7ligCEf7JDx_cL5jebNTxOjCf9G238CrxxcER1BorBh5ZTkOE2ePfFFC6lSkK_XDmtDM7ujW8vdSMDPRE1uo_7mvWqQP_wCKsty1UjtUKtQyThRFB_sPRCFZY7I1iG_UPZ9XLrQJb20zbourTATOcgAQEl6w4LSpIjD-HA8VNv63CYZ0hw5muj6e7YKJzfNVKYKRf2ij3WQNnS9cYufzBu-N9iv12Vg1l5VxCY4hjwh6lxOR0toPz23NEsuM5-Ro_xQLLHi-gHDl28EBiKUH4oFdBbXK-4QeTUqwGwPnWASK6u0Jho4ZmPTsiathvEZqxUvgdofXdmqXP89hW_EQlVlraOyaHK5oi4w7ZhqMzFsQQiThCGOsr12ntMgae8j8efJ1fE3z79txInBKxSj7IozF6nB_1Z13F1q6IB_3cY58ZepsxyizYyu91t3ANAXDGMo9jDE3ifW9L6VDmLmRH-GCKMt7bU8dnQZUBLEizvPVr0NsyjkaHe1VLN7seJJU8gm7wVFOraYHZcnDFALPwEKOXEDI9iBqEKFBt9AtjC_r1JRzVFI56V6d48v1njo2p87_dYFiVjd3CB0sFG5_XWoJeJC0JSzf5cO5gR4Pu00K5KOlZW2MRupOHqV3IoA4GNMSmOm6VJkxSQjycw-ZIt_F45i0DaJDS0B-lv0q9Je-oSXnQRyi7at3-dYv_bfNKOHjW0GvpCClwl3GKRoqwvfeqgK0NlSHwHxlmMFHOL_w-kQZV5OqXxlFFUiWtkwLTjKX5l_ZXpN_izUqdr3MzZ39czRBrusq0ArGQIGf6EucUtNziHrfk1Hcfy-WPbsuRC-SOvdzOw-o0rlSiBeIbAP-PfTqpSmDpZjKz2UR5yIcUuPIcFcnV3RO-bcU2k81DYlRyvVe-7-i98_7m1Sf3oBAbV-PSCg556byHsI2bVP4QFI3GlSnR9nhCdvzZspdVlepQitJ4ZY-VHHzNAv5WZBCP9IO2lGo_m5xziFh8z0nidC5mdst3uZWMDILlxTsmqupWVizfbCQmDhoTktYUd8TweHCTrprT9eNagxcMDgXDorBBbVGKeyJqZ3k-f-PsTlpd-uR1zD_fsJ_R5TpRAup7qmARvDZ9LaXNEaOGhxyeAcGzHFYu6NezZYGVcwIDYTYDfr2dxQRmP9HDMuWdYA5V4aTfIPa7laqOuLP4WBSFQEERvBp_f5TFOmkYZPxlnIuBt9GKGLbU4bjW-cGJs36k-OkLS0DddwMWtg3c8wvrtZ7Xcs2KYnsL9JYd-Ajc8vL4W_SLluI3aqhnMKUsvsOQWl5vzVu6rWlffWCDzFLfT_y9G4_AT4AO2-Ny3ZbEetpRC3Ua35pjbdw9Z4sJy-yIQ3qeQRkL54P0dsLfqKJMRUyqkwcTS7HJVUGv-KmlBBRuMl7dApsW61oCQWItAqYzLaQo6H75MGi2FMVL8-8Jxh43hWYwd3N1JfEg42xE8qYP-HGjLXbDKlz0X240JLR5hZQvgE-f1b_RQGP5wt-MjFnr27XsMydAhkrWh0f7ACJj9KfXc_TRYbnCMca4wkajmFyAzGX_lVqO4nbd4IJQcuGKmeeeu_pbkvFMEJ5WO0Aaj7m2rFt28IsdAwqLdK4qmZl1m-n-FVR35WPrW9YVvLVNhkLwCLUuridihCaMbAqr8DTztrBLKAJGepIXi0zWW1aZ7Q-JNh1UulLIsOCSPhZtJuMkoKyWMfBJ7oTxfOlgcgvDJHtjST2KADB8zbg4rHwFzaIzSXkVWsNXNMeS-LEZY0ozCZbZT3zKVryK2RgXgD5LKzztl2RMdNF3En0sIrWgLSZOGFcdSbyfsF7NQbL1367YFLGJiy8Gt2O_sTbf6Rnb7rY5knQlg_nhbi1tvaorl1iMr74-XQTWvsTMTVvOG_2DcmIDETxIYh9bL8kaHbtyP6nQkfCgCzrMriLuUj2e5cXAAY_J9NUcB-n7OzgF_6QYjSHdBqC5FMK6koIlEvuEPbtauPeVsdyYj5AxELeMqrV33wfCQSxzo0-Q9LAEuxz-281eoezonMYvgjN4AA42K88BNTzForKVixeoLkzNOtLud1LTh-yfhxxwMcpOrEE0wFRoUeX-u6wYSRdMZw0GpHyosHJM-MtzdawTcUISn5YnPfMKZOiGuSyLHOSoOR8XK87T-vKXaVg4tkrqtikfhNx4nVK9i-kM-CSmbuvQanPzRp5uxSouzVOb_WZq8AMe1pC7wbjSWBMWRGZx8MsTTArjKJy6KEy8IdeNN2NVX14rGgZCxTXGqibevOT1X5yXD8tFAIM0ulS0joDMM45qeFQ03Ir947_SLExNeigEkgIdWfcBbxRXm_ZHNMwDcQpElxX-dfepKLl2_hXlgMycyeaSX4EG-m_Z-QX_BbNGOoOHQ2tYH4UlpBebW06PKYQ0K4AQxr_VWGJeJxHsWP2r87OeGhNEqa7Syjlw5kC6Buz3NaPlGCxmpvAafru_ndZDnVCTXQzInerC87IDzh0UyxzPuCWig0WsLyNaSkAouIPGGMZo09w_RjiGs_qCqS17e_GEtNuh7E2n3TNf4CHbTCjESaGELXxkHJ6rFDNJeHa0DEE_zG7GyJQUqs_3mcCb-CGgkdBfJ2wfH0ou0yoEf8s2ZmMbOJrvqa3oyc8UzhRncr_cqGR5-s1LuKAz-Kr9cj_mHStjdveU2nyllqCa6F1QOVckZ4axAE2rVqlNtHUq6IYeQMKXcP2v3YVOkAsxx9h_FynjV1d6NEc0gz3ZGpQf0zYQQEvcSkVBOqbB_EajZgJwqM9oWe87vi_RxpUwxVFePn7vGoBGg-l180EVOFiskxDORpsHETHRVoV___2r3MbCoHbHqXa49T1pCsR6HObpiCzS4macIVJAa1PFLk87g2ZXQE5mCZEBsBfhCYvdutJt1pkIfhsspqaFhH4D14Sa7faNx8OjJ1Uy0uFhTkX6gU5QMZyFCOOQZtwEOJJr3CHrNEO2Ag6a5y4tuwFsM4BAexxFN_PfnTQBPCNi-OctCOQOtsf6MdR-hNHxKfam3Zhl-3s1MUZVYLYjga6npV4BcJ95qjAyx8BrnIlWAscwwztbzU21f0KMfS2875Uq2d7VxS7OQP0xi163dsEXDIDud8ljGPr0YPy9xo9S20LPTcSQMtm0C6O1HUYNb-RzWaDuFiQnVLJyiqLxCeXnc_ewQZAono22saZJfzkI-hVG8cnmoBGfxcYq-tGQxEWdyCTZtbsg2P3TtDd_uCp71aX5sIYoyM_BGAayMqm_f2mFuKjOCLocQOaX780gDAe4z1c6K4MZEfsutbhHsFDJ443_a5ddTNPxTxgCCHbPLiVreossfHoe8p1fUNKCv13ZHtfdx-OvwF2_sxrrf9NUIHFiwJA5ivWWEKKobTYbR8sP439nI4TMNIZgms3P5uvAklbpE3ft1HqhDAY7WI1KZx9QinFv7k3_jplb7Xd8TmF3QxY3xW2Bv587o113RevRQeCoJHbjxtySjJLEM2Oa8hDAfq6IMh9qdhRcNbv1BiurE9UJ4OHdHWELD_aZF-e7MNk4vfbdekF2NesEp3n4sGgpxTyHy5xzv0gg_Yi2Kqww7NJ2pqru_aB83SphTy6It1AWXwZ4jYCmPy6lwX86B9eH2Oz0STIis&cid=CAQSPABygQiDvoUtwut5JIDGSwGUN4FfJNpl-8zvpeKLBuMNV91jnyI99Q2MibykjbFeqR2Kt-d0JqTHKtrgpBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fk8ccwwesx.store&ds=l&xdt=1&iif=1&cor=11445927840847071000&adk=497053795&idt=135&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6aa19fb8f4bee0ce6ef084579cea33c7b7c8bd2688a947aedb4bce0b42c21c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=250&slotname=8198676162&adk=3065671642&adf=2098014273&pi=t.ma~as.8198676162&w=300&lmt=1683136204&url=https%3A%2F%2Fk8ccwwesx.store%2Findexdavc.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136203978&bpp=10&bdt=241&idt=192&shv=r20230501&mjsv=m202305010101&ptt=5&saldr=sa&cookie=ID%3Ddf3d13ebe2fbfcd8-22b331d0b7dd00c0%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MZ_nAXVK4RpSATiAPpngIzGg336_A&gpic=UID%3D00000bf51c696b12%3AT%3D1683136204%3ART%3D1683136204%3AS%3DALNI_MaxcC-aXJTq-s-UjOLzD2mJ7OAW3A&correlator=305097339994&frm=23&ife=1&pv=1&ga_vid=449717621.1683136203&ga_sid=1683136203&ga_hid=584764907&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=265&biw=1600&bih=1200&isw=300&ish=250&ifk=3194250365&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773810%2C31074266%2C44788441%2C44789761%2C44789779&oid=2&pvsid=2091338123323422&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5w994cbwk55w&fsb=1&dtd=208
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37029
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 FHHDynUGsrfH4TjWcGmt-S1vebovfm5iFoLlE4fXdvI.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B80 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FHHDynUGsrfH4TjWcGmt-S1vebovfm5iFoLlE4fXdvI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1471c3ca7506b2b7c7e138d67069adf92d6f79ba2f7e6e621682e51387d776f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 12:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14620
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 May 2024 12:09:05 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 592A 170 KB
59 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 13:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14201
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 04 May 2023 13:53:23 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230501/r20110914/elements/html/ Frame 592A 11 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230501/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDusFsDnTokTQ-KhMvSPsSQ7W5rS_-zLqCX8p_WksulK9p5q8AnsB-mpG75UUxInm6oXQpy0q1DnvaMZz-ac3QwsXGtcEukL50BeuLWt_gSzhtAx6JQg3NvVP64tB11g4lUdVY6ptZabuWvrnMn-n_iGJ9ZmtArPA7PM7M0PgvGdcs5CI&dbm_d=AKAmf-CstCuvk2cgSH6Lq8c1SUXmj-Zw6KIlVB5R8CQla1auW9KO_7ligCEf7JDx_cL5jebNTxOjCf9G238CrxxcER1BorBh5ZTkOE2ePfFFC6lSkK_XDmtDM7ujW8vdSMDPRE1uo_7mvWqQP_wCKsty1UjtUKtQyThRFB_sPRCFZY7I1iG_UPZ9XLrQJb20zbourTATOcgAQEl6w4LSpIjD-HA8VNv63CYZ0hw5muj6e7YKJzfNVKYKRf2ij3WQNnS9cYufzBu-N9iv12Vg1l5VxCY4hjwh6lxOR0toPz23NEsuM5-Ro_xQLLHi-gHDl28EBiKUH4oFdBbXK-4QeTUqwGwPnWASK6u0Jho4ZmPTsiathvEZqxUvgdofXdmqXP89hW_EQlVlraOyaHK5oi4w7ZhqMzFsQQiThCGOsr12ntMgae8j8efJ1fE3z79txInBKxSj7IozF6nB_1Z13F1q6IB_3cY58ZepsxyizYyu91t3ANAXDGMo9jDE3ifW9L6VDmLmRH-GCKMt7bU8dnQZUBLEizvPVr0NsyjkaHe1VLN7seJJU8gm7wVFOraYHZcnDFALPwEKOXEDI9iBqEKFBt9AtjC_r1JRzVFI56V6d48v1njo2p87_dYFiVjd3CB0sFG5_XWoJeJC0JSzf5cO5gR4Pu00K5KOlZW2MRupOHqV3IoA4GNMSmOm6VJkxSQjycw-ZIt_F45i0DaJDS0B-lv0q9Je-oSXnQRyi7at3-dYv_bfNKOHjW0GvpCClwl3GKRoqwvfeqgK0NlSHwHxlmMFHOL_w-kQZV5OqXxlFFUiWtkwLTjKX5l_ZXpN_izUqdr3MzZ39czRBrusq0ArGQIGf6EucUtNziHrfk1Hcfy-WPbsuRC-SOvdzOw-o0rlSiBeIbAP-PfTqpSmDpZjKz2UR5yIcUuPIcFcnV3RO-bcU2k81DYlRyvVe-7-i98_7m1Sf3oBAbV-PSCg556byHsI2bVP4QFI3GlSnR9nhCdvzZspdVlepQitJ4ZY-VHHzNAv5WZBCP9IO2lGo_m5xziFh8z0nidC5mdst3uZWMDILlxTsmqupWVizfbCQmDhoTktYUd8TweHCTrprT9eNagxcMDgXDorBBbVGKeyJqZ3k-f-PsTlpd-uR1zD_fsJ_R5TpRAup7qmARvDZ9LaXNEaOGhxyeAcGzHFYu6NezZYGVcwIDYTYDfr2dxQRmP9HDMuWdYA5V4aTfIPa7laqOuLP4WBSFQEERvBp_f5TFOmkYZPxlnIuBt9GKGLbU4bjW-cGJs36k-OkLS0DddwMWtg3c8wvrtZ7Xcs2KYnsL9JYd-Ajc8vL4W_SLluI3aqhnMKUsvsOQWl5vzVu6rWlffWCDzFLfT_y9G4_AT4AO2-Ny3ZbEetpRC3Ua35pjbdw9Z4sJy-yIQ3qeQRkL54P0dsLfqKJMRUyqkwcTS7HJVUGv-KmlBBRuMl7dApsW61oCQWItAqYzLaQo6H75MGi2FMVL8-8Jxh43hWYwd3N1JfEg42xE8qYP-HGjLXbDKlz0X240JLR5hZQvgE-f1b_RQGP5wt-MjFnr27XsMydAhkrWh0f7ACJj9KfXc_TRYbnCMca4wkajmFyAzGX_lVqO4nbd4IJQcuGKmeeeu_pbkvFMEJ5WO0Aaj7m2rFt28IsdAwqLdK4qmZl1m-n-FVR35WPrW9YVvLVNhkLwCLUuridihCaMbAqr8DTztrBLKAJGepIXi0zWW1aZ7Q-JNh1UulLIsOCSPhZtJuMkoKyWMfBJ7oTxfOlgcgvDJHtjST2KADB8zbg4rHwFzaIzSXkVWsNXNMeS-LEZY0ozCZbZT3zKVryK2RgXgD5LKzztl2RMdNF3En0sIrWgLSZOGFcdSbyfsF7NQbL1367YFLGJiy8Gt2O_sTbf6Rnb7rY5knQlg_nhbi1tvaorl1iMr74-XQTWvsTMTVvOG_2DcmIDETxIYh9bL8kaHbtyP6nQkfCgCzrMriLuUj2e5cXAAY_J9NUcB-n7OzgF_6QYjSHdBqC5FMK6koIlEvuEPbtauPeVsdyYj5AxELeMqrV33wfCQSxzo0-Q9LAEuxz-281eoezonMYvgjN4AA42K88BNTzForKVixeoLkzNOtLud1LTh-yfhxxwMcpOrEE0wFRoUeX-u6wYSRdMZw0GpHyosHJM-MtzdawTcUISn5YnPfMKZOiGuSyLHOSoOR8XK87T-vKXaVg4tkrqtikfhNx4nVK9i-kM-CSmbuvQanPzRp5uxSouzVOb_WZq8AMe1pC7wbjSWBMWRGZx8MsTTArjKJy6KEy8IdeNN2NVX14rGgZCxTXGqibevOT1X5yXD8tFAIM0ulS0joDMM45qeFQ03Ir947_SLExNeigEkgIdWfcBbxRXm_ZHNMwDcQpElxX-dfepKLl2_hXlgMycyeaSX4EG-m_Z-QX_BbNGOoOHQ2tYH4UlpBebW06PKYQ0K4AQxr_VWGJeJxHsWP2r87OeGhNEqa7Syjlw5kC6Buz3NaPlGCxmpvAafru_ndZDnVCTXQzInerC87IDzh0UyxzPuCWig0WsLyNaSkAouIPGGMZo09w_RjiGs_qCqS17e_GEtNuh7E2n3TNf4CHbTCjESaGELXxkHJ6rFDNJeHa0DEE_zG7GyJQUqs_3mcCb-CGgkdBfJ2wfH0ou0yoEf8s2ZmMbOJrvqa3oyc8UzhRncr_cqGR5-s1LuKAz-Kr9cj_mHStjdveU2nyllqCa6F1QOVckZ4axAE2rVqlNtHUq6IYeQMKXcP2v3YVOkAsxx9h_FynjV1d6NEc0gz3ZGpQf0zYQQEvcSkVBOqbB_EajZgJwqM9oWe87vi_RxpUwxVFePn7vGoBGg-l180EVOFiskxDORpsHETHRVoV___2r3MbCoHbHqXa49T1pCsR6HObpiCzS4macIVJAa1PFLk87g2ZXQE5mCZEBsBfhCYvdutJt1pkIfhsspqaFhH4D14Sa7faNx8OjJ1Uy0uFhTkX6gU5QMZyFCOOQZtwEOJJr3CHrNEO2Ag6a5y4tuwFsM4BAexxFN_PfnTQBPCNi-OctCOQOtsf6MdR-hNHxKfam3Zhl-3s1MUZVYLYjga6npV4BcJ95qjAyx8BrnIlWAscwwztbzU21f0KMfS2875Uq2d7VxS7OQP0xi163dsEXDIDud8ljGPr0YPy9xo9S20LPTcSQMtm0C6O1HUYNb-RzWaDuFiQnVLJyiqLxCeXnc_ewQZAono22saZJfzkI-hVG8cnmoBGfxcYq-tGQxEWdyCTZtbsg2P3TtDd_uCp71aX5sIYoyM_BGAayMqm_f2mFuKjOCLocQOaX780gDAe4z1c6K4MZEfsutbhHsFDJ443_a5ddTNPxTxgCCHbPLiVreossfHoe8p1fUNKCv13ZHtfdx-OvwF2_sxrrf9NUIHFiwJA5ivWWEKKobTYbR8sP439nI4TMNIZgms3P5uvAklbpE3ft1HqhDAY7WI1KZx9QinFv7k3_jplb7Xd8TmF3QxY3xW2Bv587o113RevRQeCoJHbjxtySjJLEM2Oa8hDAfq6IMh9qdhRcNbv1BiurE9UJ4OHdHWELD_aZF-e7MNk4vfbdekF2NesEp3n4sGgpxTyHy5xzv0gg_Yi2Kqww7NJ2pqru_aB83SphTy6It1AWXwZ4jYCmPy6lwX86B9eH2Oz0STIis&cid=CAQSPABygQiDvoUtwut5JIDGSwGUN4FfJNpl-8zvpeKLBuMNV91jnyI99Q2MibykjbFeqR2Kt-d0JqTHKtrgpBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fk8ccwwesx.store&ds=l&xdt=1&iif=1&cor=11445927840847071000&adk=497053795&idt=135&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:37:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230501/r20110914/ Frame 592A 28 KB
11 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230501/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7310c44f614d2e5bf715e47504daf9ed198eacc46fb29894c51e1b84d3e1fa36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10869
x-xss-protection: 0
server: cafe
etag: 11726329994378424975
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:37:58 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 592A 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 338682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 19:45:22 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6CEC 1 KB
643 B 6ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 15:17:48 GMT
etag: 48472445140208031
expires: Thu, 04 May 2023 15:17:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 592A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cca0fafdd48c55624c9476a005fc469f112dc3c9e26fa2bc331e48b63867b3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 38E2 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 346984
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Apr 2023 17:27:00 GMT
expires: Sun, 28 Apr 2024 17:27:00 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6CEC
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEK3Smw13EY6uxt2BLNUopXw&google_cver=1&google_push=ATf1kGPRGIEP3dqQMvmCPeJmqOibz5OwTeXrfzR9dgvn6pGoOEnTi4JBDEGEM8YMDkgTqMzfvj-zXY6tPKGdAGM2Mbicr8C...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPRGIEP3dqQMvmCPeJmqOibz5OwTeXrfzR9dgvn6pGoOEnTi4JBDEGEM8YMDkgTqMzfvj-zXY6tPKGdAGM2Mbicr8CMrLUe56TxbiyQfCdFqqikbGXHnQ-9RzYP0wplZ...

170 B
188 B

17ms
17ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPRGIEP3dqQMvmCPeJmqOibz5OwTeXrfzR9dgvn6pGoOEnTi4JBDEGEM8YMDkgTqMzfvj-zXY6tPKGdAGM2Mbicr8CMrLUe56TxbiyQfCdFqqikbGXHnQ-9RzYP0wplZ6agkh461F6q0rF1NQg-MBrD&google_hm=eS1qUmdvbS5kRTJwSGlQX2lOUE5vS0l4OUguUzJnWUdnSX5B

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 03 May 2023 17:50:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPRGIEP3dqQMvmCPeJmqOibz5OwTeXrfzR9dgvn6pGoOEnTi4JBDEGEM8YMDkgTqMzfvj-zXY6tPKGdAGM2Mbicr8CMrLUe56TxbiyQfCdFqqikbGXHnQ-9RzYP0wplZ6agkh461F6q0rF1NQg-MBrD&google_hm=eS1qUmdvbS5kRTJwSGlQX2lOUE5vS0l4OUguUzJnWUdnSX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6CEC
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pg0rAWHFQGGgiCHeQ75vcQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
17ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pg0rAWHFQGGgiCHeQ75vcQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPZmBhPmbg-lao0Ro0ihpu50nIT4Ybzrf3G7BdypfSiGONFyIjtcvH7Nl0UpXpqpL5fZ7C2-HB6GhtL71mPL6lKgki1DS8YGeH7GkrDplMQnBWxjI61O7vQwd22xlyZ8PsjLlnaHwVj3JjHO8AvDkQ

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pg0rAWHFQGGgiCHeQ75vcQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPZmBhPmbg-lao0Ro0ihpu50nIT4Ybzrf3G7BdypfSiGONFyIjtcvH7Nl0UpXpqpL5fZ7C2-HB6GhtL71mPL6lKgki1DS8YGeH7GkrDplMQnBWxjI61O7vQwd22xlyZ8PsjLlnaHwVj3JjHO8AvDkQ
date: Wed, 03 May 2023 17:50:04 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6CEC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFCYqM4WTT7jEER3_rnMoBo&google_cver=1&google_push=ATf1kGMiz7_sf8jz3EUIw_SJFrsYCfomlwV_6NSiHtpSMR49t1dGsUWz7GxLHgKqyat7A-gNlRm...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg3WlU3SlYtMTMtOE5aNQ==&google_push=ATf1kGMiz7_sf8jz3EUIw_SJFrsYCfomlwV_6NSiHtpSMR49t1dGsUWz7GxLHgKqyat7A-gNlRmZD8d7nggN4HBKc8Y1zNbQ-H_4j...

170 B
188 B

21ms
20ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg3WlU3SlYtMTMtOE5aNQ==&google_push=ATf1kGMiz7_sf8jz3EUIw_SJFrsYCfomlwV_6NSiHtpSMR49t1dGsUWz7GxLHgKqyat7A-gNlRmZD8d7nggN4HBKc8Y1zNbQ-H_4jj2sEPaEFmxc6bCcIUCjb_-mxlZRp1xHmC_IiRcEKB9xNridr3OGLr05

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg3WlU3SlYtMTMtOE5aNQ==&google_push=ATf1kGMiz7_sf8jz3EUIw_SJFrsYCfomlwV_6NSiHtpSMR49t1dGsUWz7GxLHgKqyat7A-gNlRmZD8d7nggN4HBKc8Y1zNbQ-H_4jj2sEPaEFmxc6bCcIUCjb_-mxlZRp1xHmC_IiRcEKB9xNridr3OGLr05
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6CEC
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM7zJ2T8_8qdb4FIO5Hifos&google_cver=1&google_push=ATf1kGMoklQhXQ0evTxRWaf4NqQoudawB5lzDCMopuGlfPEtM-0oLY4bCVnnmx5dyQbmD-z_Adm8uQrvZO19hN5_B...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM7zJ2T8_8qdb4FIO5Hifos&google_cver=1&google_push=ATf1kGMoklQhXQ0evTxRWaf4NqQoudawB5lzDCMopuGlfPEtM-0oLY4bCVnnmx5dyQbmD-z_Adm8uQrvZO19hN5_B...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGMoklQhXQ0evTxRWaf4NqQoudawB5lzDCMopuGlfPEtM-0oLY4bCVnnmx5dyQbmD-z_Adm8uQrvZO19hN5_B4y84-Ch6TSGRK6jBSG3LvfbmvCpLCGhz2GofpS0YeDfi...

170 B
188 B

17ms
16ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGMoklQhXQ0evTxRWaf4NqQoudawB5lzDCMopuGlfPEtM-0oLY4bCVnnmx5dyQbmD-z_Adm8uQrvZO19hN5_B4y84-Ch6TSGRK6jBSG3LvfbmvCpLCGhz2GofpS0YeDfiO2Z9vJg_FoLPINXR4ErR_5H&google_hm=GlbuvGZH_gPswSUwS06cW7DF

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 03 May 2023 17:50:05 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGMoklQhXQ0evTxRWaf4NqQoudawB5lzDCMopuGlfPEtM-0oLY4bCVnnmx5dyQbmD-z_Adm8uQrvZO19hN5_B4y84-Ch6TSGRK6jBSG3LvfbmvCpLCGhz2GofpS0YeDfiO2Z9vJg_FoLPINXR4ErR_5H&google_hm=GlbuvGZH_gPswSUwS06cW7DF
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 6CEC
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENo2CLIodESrAMldx_tTrF8&google_cver=1&google_push=ATf1kGOF3gQ97Ip5TBe-zLOwwWdTAEHgxf128HFUjwHFZqLQjImNCLy-rbmLdkIBp_YSAh0GxyZqwF7sCb5...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOF3gQ97Ip5TBe-zLOwwWdTAEHgxf128HFUjwHFZqLQjImNCLy-rbmLdkIBp_YSAh0GxyZqwF7sCb5pJceBDrCOjUzsWPEmnqREXvZZzqVV_eBu9J4A...
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

7ms
7ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6CEC
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJEXOnldDB0sjTmWFIXr3ms&google_cver=1&google_push=ATf1kGM2HvijTHbji...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzI3OTM2NDczNzIzODkzNTgwMg%3D%3D&google_gid=CAESEJEXOnldDB0sjTmWFIXr3ms&google_cver=1&google_push=ATf1kGM2HvijTHbjiWp880ekLPEFMMcnP2...

170 B
188 B

20ms
19ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzI3OTM2NDczNzIzODkzNTgwMg%3D%3D&google_gid=CAESEJEXOnldDB0sjTmWFIXr3ms&google_cver=1&google_push=ATf1kGM2HvijTHbjiWp880ekLPEFMMcnP2u3IoQ9rFtiAqCo7xl1nIkkoOfM6ehtCxJl4us4Kp4FjY-emQ7vLYHJr6SDLCQA2JOjwR-p0TG6RqnrPttBH78xdH8EPhviku7hd6wcfitYrsneNxYgqx91AYYpxw

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 03 May 2023 17:50:05 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.9; 217.64.151.9; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1e682a73-2b64-41d1-8b78-0f8aa1da8c4d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzI3OTM2NDczNzIzODkzNTgwMg%3D%3D&google_gid=CAESEJEXOnldDB0sjTmWFIXr3ms&google_cver=1&google_push=ATf1kGM2HvijTHbjiWp880ekLPEFMMcnP2u3IoQ9rFtiAqCo7xl1nIkkoOfM6ehtCxJl4us4Kp4FjY-emQ7vLYHJr6SDLCQA2JOjwR-p0TG6RqnrPttBH78xdH8EPhviku7hd6wcfitYrsneNxYgqx91AYYpxw
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6CEC
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKWlkyLH-...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=cb2200bc-6d2a-4c03-8d9d-2a488ade318c&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

16ms
16ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=cb2200bc-6d2a-4c03-8d9d-2a488ade318c&%%GOOGLE_PUSH_PAIR%%

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=cb2200bc-6d2a-4c03-8d9d-2a488ade318c&%%GOOGLE_PUSH_PAIR%%
date: Wed, 03 May 2023 17:50:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6CEC 0
12 B 15ms
14ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J2-VB7cCuCpxxRSAFqS3hP9Vhb0DuzZNRolIvB_Qwdm1MOwmpfg8o56AzjlBEh9oz9lmPI2GUe

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16903489346352849191/ Frame CAD6 15 KB
2 KB 30ms
16ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=8tcsuNcgk9&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e728fe40da58cadf21a03d28ed7d43ccc98bc825c608596883052911b570476c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2271
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 17:50:05 GMT
expires: Thu, 02 May 2024 17:50:05 GMT
last-modified: Thu, 16 Feb 2023 16:01:06 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 592A 0
0 89ms
54ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSTaxDhuUMUYckaVvpmxTqsBtlsJCAxUdNHkPgNkSuojcRfdk3ipLuMsuF3XgQ9fkW_8Lud6hQAQQWi71Ama7HmsqnvHGvyIMy4MivETQ3U6OX7cnb9l2RMch3sn9MmBjgJWBEpXagNMIg_NPSJyy1swVAmjl6oE99HFe6Qob0osmgjhKbNZs4JBJWnCX_3YrM521jfd9alIKSpaRKo6IX3iu5csQXB6QKWA6MMHPFJbrtw_naO5Oiie6NFFQEKbyvs_6nR8afA-DCKzArZg2imJOGpc-5VBQdMrBGuvOjrc6UVn_Z8RZu9GKdU06ePHuFrym_GMqsxGFBcDNWz8exa1FeYlBuy13quQHR6lf_4QVy4rFg0RdtXYLa606zzFcQyGb5jSXvWg4B198KIlxPwgBrM4vEsegUXcS2yZlVUtFivmagmcFp_yUsRkwIS75cyjsUeBR7jzucoxuldSFamg1TRH9_l_OvL7TW2PA9vxsO3HijyOa-easR5Wt-r5tP3Yewr2QI-KOh8ey18GimG2SsOJKYVPX1kSq0T5U4jpo5_jeq7FU557qe-dOlPyXjcFLXgPR2qJ56Hv28iDWeLYGXCjkyFV1V7B6nSrB11Ovdm7K1fMbtJQf_chC_DwzOIF7Wejw4ntBR2AlkvOpYJp6a1l76bOxyHxvYukf_Tu1Xo4qZ7BRS_37iditXtwKAsQz6DPE-6g9tof6pVfj72SCd_tDGHWcpAn0hRQ6Vyv4yhqAcLL29wnDOulHnEaRwpIeSPoT77Qug6GTb6UbOYf3-XPvJre9LtuzBkyipCNWHkfG7fWKkWhC3cZBt-QP9QEznd2vSTZYw0yZyRIAfCtaHhOVbrQ1k0s0KxYSE2DfxURQgqnB5BhYhpDAyVM0SXRyxnMSp1sE2tf1-vbHH3r3IyrL3blaHawidX-q1deTf4trr0h5mpmApv_syG1ULXhPsX9Exx7C3VVZfNuagSacHlb40Ehq6Y6wZH7HfgSkyQDPM8XQB1eFSq7fifA0mmWBoeO7zD80zmWXFW6tRiBTnC0N181tohgSbWTxdNcSb2dNzLa7u1F1bbgIfN5wql0sqShaL_d-ZKu0Q8YRi9QjU49XvPjkbzFLkyr8aZWwXe15hCUAhLhDzb_5NaIpUMRKgDQCY9J5FgT-jkxLIg8aNozSgZuQblQ9S2dlfqcv8tM_ZZj11iMnfzHFbjN1dh06cw540nSyL3-NOyq6iocOoGs7S_bGKZcH2HM8uRdA4HI7YCwZTJFXQdAShvqakCbti-DfbrAFIP1CbtyvKNJUdBtWl&sai=AMfl-YQ0P4gYskAWUwMG7kqE4-RZBca27CYjKfveQtzGlnXyzn7cOzf2M80ZJwRWWMcmhHNnmuh7rY1Xl7Qqgr0WWCySk_1AP5hB8wng6MqKlnNORdX1CXHZPAqsxAwHkzzs8SaebV5LBkuVKT25uxTBXczZL-Pc1ON6XasbiXpqm2AO1zNXmlRvAogHLxAVSIvGP8sI8X0Vh-2sH1m55VJtsA9fzUpGOX-UYo3leSQRN6rjeW3w0JglgfYxmWpRhWE8ABAdRAA&sig=Cg0ArKJSzBMhtbNZ4IVkEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=79&cbvp=1&cstd=70&cisv=r20230501.47889&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 03 May 2023 17:50:05 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 03 May 2023 17:50:05 GMT

GET
H3 200 FHHDynUGsrfH4TjWcGmt-S1vebovfm5iFoLlE4fXdvI.js Show response
pagead2.googlesyndication.com/bg/ Frame 38E2 37 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FHHDynUGsrfH4TjWcGmt-S1vebovfm5iFoLlE4fXdvI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1471c3ca7506b2b7c7e138d67069adf92d6f79ba2f7e6e621682e51387d776f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 12:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14620
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 May 2024 12:09:05 GMT

GET
H3 200 1676550659977.css
s0.2mdn.net/sadbundle/16903489346352849191/ Frame CAD6 8 KB
2 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16903489346352849191/1676550659977.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=8tcsuNcgk9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4487a470b5b991aee82f852d6038c563fdf8e33f931870d00613828cca7aa619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=8tcsuNcgk9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 01 May 2023 10:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200651
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2258
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:01:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Apr 2024 10:05:54 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame CAD6 118 KB
40 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=8tcsuNcgk9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=8tcsuNcgk9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 23:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66529
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 23:21:16 GMT

GET
H3 200 1676550659977.js Show response
s0.2mdn.net/sadbundle/16903489346352849191/ Frame CAD6 20 KB
5 KB 12ms
11ms Script
application/x-javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16903489346352849191/1676550659977.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=8tcsuNcgk9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=8tcsuNcgk9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 345480
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5491
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:01:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Apr 2024 17:52:05 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/16903489346352849191/ Frame CAD6 3 KB
1 KB 6ms
6ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16903489346352849191/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16903489346352849191/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16903489346352849191/1676550659977.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:43:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 345992
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1359
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:01:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Apr 2024 17:43:33 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 592A 0
0 45ms
45ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSTaxDhuUMUYckaVvpmxTqsBtlsJCAxUdNHkPgNkSuojcRfdk3ipLuMsuF3XgQ9fkW_8Lud6hQAQQWi71Ama7HmsqnvHGvyIMy4MivETQ3U6OX7cnb9l2RMch3sn9MmBjgJWBEpXagNMIg_NPSJyy1swVAmjl6oE99HFe6Qob0osmgjhKbNZs4JBJWnCX_3YrM521jfd9alIKSpaRKo6IX3iu5csQXB6QKWA6MMHPFJbrtw_naO5Oiie6NFFQEKbyvs_6nR8afA-DCKzArZg2imJOGpc-5VBQdMrBGuvOjrc6UVn_Z8RZu9GKdU06ePHuFrym_GMqsxGFBcDNWz8exa1FeYlBuy13quQHR6lf_4QVy4rFg0RdtXYLa606zzFcQyGb5jSXvWg4B198KIlxPwgBrM4vEsegUXcS2yZlVUtFivmagmcFp_yUsRkwIS75cyjsUeBR7jzucoxuldSFamg1TRH9_l_OvL7TW2PA9vxsO3HijyOa-easR5Wt-r5tP3Yewr2QI-KOh8ey18GimG2SsOJKYVPX1kSq0T5U4jpo5_jeq7FU557qe-dOlPyXjcFLXgPR2qJ56Hv28iDWeLYGXCjkyFV1V7B6nSrB11Ovdm7K1fMbtJQf_chC_DwzOIF7Wejw4ntBR2AlkvOpYJp6a1l76bOxyHxvYukf_Tu1Xo4qZ7BRS_37iditXtwKAsQz6DPE-6g9tof6pVfj72SCd_tDGHWcpAn0hRQ6Vyv4yhqAcLL29wnDOulHnEaRwpIeSPoT77Qug6GTb6UbOYf3-XPvJre9LtuzBkyipCNWHkfG7fWKkWhC3cZBt-QP9QEznd2vSTZYw0yZyRIAfCtaHhOVbrQ1k0s0KxYSE2DfxURQgqnB5BhYhpDAyVM0SXRyxnMSp1sE2tf1-vbHH3r3IyrL3blaHawidX-q1deTf4trr0h5mpmApv_syG1ULXhPsX9Exx7C3VVZfNuagSacHlb40Ehq6Y6wZH7HfgSkyQDPM8XQB1eFSq7fifA0mmWBoeO7zD80zmWXFW6tRiBTnC0N181tohgSbWTxdNcSb2dNzLa7u1F1bbgIfN5wql0sqShaL_d-ZKu0Q8YRi9QjU49XvPjkbzFLkyr8aZWwXe15hCUAhLhDzb_5NaIpUMRKgDQCY9J5FgT-jkxLIg8aNozSgZuQblQ9S2dlfqcv8tM_ZZj11iMnfzHFbjN1dh06cw540nSyL3-NOyq6iocOoGs7S_bGKZcH2HM8uRdA4HI7YCwZTJFXQdAShvqakCbti-DfbrAFIP1CbtyvKNJUdBtWl&sai=AMfl-YQ0P4gYskAWUwMG7kqE4-RZBca27CYjKfveQtzGlnXyzn7cOzf2M80ZJwRWWMcmhHNnmuh7rY1Xl7Qqgr0WWCySk_1AP5hB8wng6MqKlnNORdX1CXHZPAqsxAwHkzzs8SaebV5LBkuVKT25uxTBXczZL-Pc1ON6XasbiXpqm2AO1zNXmlRvAogHLxAVSIvGP8sI8X0Vh-2sH1m55VJtsA9fzUpGOX-UYo3leSQRN6rjeW3w0JglgfYxmWpRhWE8ABAdRAA&sig=Cg0ArKJSzBMhtbNZ4IVkEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=172&vt=11&dtpt=93&dett=3&cstd=70&cisv=r20230501.47889&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 03 May 2023 17:50:05 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame CAD6 13 KB
6 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16903489346352849191/1676550659977.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 23:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 23:47:24 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CAD6 7 KB
5 KB 63ms
49ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1b24c0429100178d2de9f28c363995ca6c6e432cad1e46ed7ea9bd3778a45ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5599
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38E2 0
20 B 114ms
114ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDi7hzJ5SZI-uNL269u8PpqKqsAUAAAAAOAHgBAI&bg=!BQalBlLNAAYcDqajPA47ADkAdvg8Ws6Axt1FLtsRdKG1v6nzUjdV3xLfT2Q19V0EedFpHNaKa4hy1I3PoZlw6nGGufiNV4CtjJsCAAAAWVIAAAACaAEHmQMsUjqcYXonJ8pKHEwRD7XpC8F1zmwsu9ytnoxQB2dHHBHYUmBwVeFv2jXWtvgoXT86h1EE0DIkCuMOYdNCLkR3Oh13UTe8S8lawqLu1MQLTzfqJXaPbCsTNXdxCwGKaDyBgmRsd5sud9EvMRuNja5QSpqsWWERI6DpW0BV9Elc44G1c--e3yGbYrtm5woNr1lm88FYbROFOOOhqAifFZEy3gIEnaCbZXyi4CkMbtNGVWDhPhTgULzbgLWC3OwK9VMyDvbbfjU-7cVddB_EkyR2vOzOm9HEuGqz_5ctadykQn4PbD_FWcKaNNWDRuaWFey5bny3waoJEu-qZiV-bZSViW7Ug-rUanWKy3PiqspzJEbZS4o1mOQtWd4ABw58GbZOE5mUGO4NXKdEshFYuC2zQgNhUOC7-EkYLrlsC2zSAY37Gku9SDSSj1-xGU0qZEBg-U5s7RUGA8kLWYkJAaYC5m5_XTGTj-wpP9lw1DX_UfM_NbF_25Z69RZmzKpwkFiBDafSck78uTlkvAFpXqWIDma4pbFIFz5nnGKVf1hj7WKIrxd8ThPMypIAlo7V1veAG83BjI6U1OIO8aT7q0LHTGM2aBjUBDCc8Xg-X0j7DCTnRUwb-8DcIkFJdGPImQpru-I6yTVh_3YzF2TDT4X7k8RjKRvYVvaIJYmrKaNYM2Ad8bD1bZ5VJsIm8WFUYS1RtrtpScMKy4o55auyI9GiiVh6uSFF03jOB3T4v2EynfjPXUlWR1Z882nMfMu6_JhlmbCbvdCnyWfLWLidzXTGRb3XwHkJe35ecVFDltaBpgJbuPJPYxgkoskTj6XFUKABu5h4aNdlncfFXsjc1-X7GkfQ23e7bmP3W84IS90NdDiV9rndzj1QAHqldgHTroWFM-vIGXzEhN_j2JaO5ww9V9jgL5GQfYxKPgXwbBG4PZrN26xGkBc0SUm_AEXJB6q9S93gdvvIx8gwZGVXSbOtdA-Q6jf-3OxsSOQEI2TfQZePmbFDyy2vS9GoumpOTXUKP13hVfLW_2x-SXQALGm_c3rM8KHP065I2Xdc1RNH5uaV5eu65pS2iledj9w

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame CAD6 98 KB
98 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16903489346352849191/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16903489346352849191/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:36:49 GMT
x-content-type-options: nosniff
age: 796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 17:51:49 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame CAD6 57 KB
57 KB 10ms
10ms Font
font/woff 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16903489346352849191/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16903489346352849191/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:36:17 GMT
x-content-type-options: nosniff
age: 828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 17:51:17 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CAD6 17 KB
6 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 03 May 2023 17:50:05 GMT

GET
H3 200 FHHDynUGsrfH4TjWcGmt-S1vebovfm5iFoLlE4fXdvI.js Show response
pagead2.googlesyndication.com/bg/ Frame B5DC 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FHHDynUGsrfH4TjWcGmt-S1vebovfm5iFoLlE4fXdvI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1471c3ca7506b2b7c7e138d67069adf92d6f79ba2f7e6e621682e51387d776f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 12:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14620
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 May 2024 12:09:05 GMT

GET
H3 200 03032023-031219542-600_500_q_540x720_2208-homespot-3067c234b1-4281-42de-bb34-74dd037ff707.png
s0.2mdn.net/4528404/ Frame CAD6 201 KB
201 KB 9ms
8ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031219542-600_500_q_540x720_2208-homespot-3067c234b1-4281-42de-bb34-74dd037ff707.png

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d069c59a0c6560c826434ce5ae6084e3fbe9b00e4cfa15b8cd0b52fb5729e3a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=8tcsuNcgk9&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:21:26 GMT
x-content-type-options: nosniff
age: 23319
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206111
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:12:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 04 May 2023 11:21:26 GMT

GET
H3 200 03032023-031219571-600_500_homespot-router-weiss-wlane42aa675-71b9-4dcb-82a4-02763006e23c.png
s0.2mdn.net/4528404/ Frame CAD6 103 KB
103 KB 8ms
7ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031219571-600_500_homespot-router-weiss-wlane42aa675-71b9-4dcb-82a4-02763006e23c.png

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37c2275346a926539fe51e964a5825e79bdcff0b0f53f55c9681dab96e69be49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=8tcsuNcgk9&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:54:14 GMT
x-content-type-options: nosniff
age: 21351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105668
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:12:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 04 May 2023 11:54:14 GMT

GET
H3 200 03032023-031219542-600_500_q_540x720_2208-homespot-3067c234b1-4281-42de-bb34-74dd037ff707.png
s0.2mdn.net/4528404/ Frame CAD6 201 KB
201 KB 7ms
6ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031219542-600_500_q_540x720_2208-homespot-3067c234b1-4281-42de-bb34-74dd037ff707.png

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d069c59a0c6560c826434ce5ae6084e3fbe9b00e4cfa15b8cd0b52fb5729e3a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=8tcsuNcgk9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:21:26 GMT
x-content-type-options: nosniff
age: 23319
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206111
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:12:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 04 May 2023 11:21:26 GMT

POST
H2 204 genuuidpc Show response
fgp.philacct.com/ Frame 5B35 0
147 B 714ms
245ms XHR
text/plain 123.30.151.81
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://fgp.philacct.com/genuuidpc
Requested by: Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.81 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: Rapidoid /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://k8ccwwesx.store/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 03 May 2023 17:50:05 GMT
server: Rapidoid
content-length: 0
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS
content-type: text/plain; charset=utf-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 592A 42 B
64 B 112ms
112ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvmUQ2s3Ig0NgdrCuvxTuqddJLFTkMapfDPMlUpW3kFLFIHlUxTQMmN5vscobXyAl9rFHM50Py1h5XjRNoIGZ_0Kd-shLM5ICvCC1dIUWf8gTMv5oNwXTw6uQPwltH1hkuQGBG6jg&sai=AMfl-YTZvTUKyL1Cuu5MbbNuKfUnpgUBFFU2cHwVC8a0ATlRzTmvmn3DfNKdcjSnV309av1Soru6uyqZiBDBhHBdrigyFvit8TkxDtliEcTHD2EIof4yCovRIRlw5KEl&sig=Cg0ArKJSzAiwrwihbsBTEAE&cid=CAQSPABygQiDvoUtwut5JIDGSwGUN4FfJNpl-8zvpeKLBuMNV91jnyI99Q2MibykjbFeqR2Kt-d0JqTHKtrgpBgB&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230501&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3065671642&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683136204188&rpt=766&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tl
lg1.logging.admicro.vn/ 38 B
38 B 224ms
224ms Image
text/plain 123.30.151.88
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/tl?dt=1&ii=h1-20191209152433547,h1-178230503164713125,h1-178230503153139517,h1-20200420165025643,h1-20191211160557188,h1-20190403155610289,h1-20191231155841029&d=k8ccwwesx.store&p=%2Findexdavc.php&lsn=1683136201498&ce=1&lc=117&cr=1683136202&ui=7731362023644888841&dg=78550e439b1a87e578b51200a1bb5622&xtr=eyJ0eXBlIjoicGMifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.88 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: aws/v1/46R5540A1B /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:06 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/v1/46R5540A1B
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
content-length: 38
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 592A 0
20 B 108ms
107ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5797956996296&version=m202301230201&ct=76&x=1&cor=11445927840847071000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 03032023-031219571-600_500_homespot-router-weiss-wlane42aa675-71b9-4dcb-82a4-02763006e23c.png
s0.2mdn.net/4528404/ Frame CAD6 103 KB
103 KB 7ms
6ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031219571-600_500_homespot-router-weiss-wlane42aa675-71b9-4dcb-82a4-02763006e23c.png

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37c2275346a926539fe51e964a5825e79bdcff0b0f53f55c9681dab96e69be49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=8tcsuNcgk9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:54:14 GMT
x-content-type-options: nosniff
age: 21354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105668
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:12:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 04 May 2023 11:54:14 GMT

GET
H3 200 03082023-005400008-600_500_stern_jetzt-20-GB-extra99df2c33-380e-453a-a6e4-28b19ae3adc3.png
s0.2mdn.net/4528404/ Frame CAD6 25 KB
25 KB 8ms
8ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03082023-005400008-600_500_stern_jetzt-20-GB-extra99df2c33-380e-453a-a6e4-28b19ae3adc3.png

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c01134c8fb953c6e6f93a4692d6384c5f372c3eac2d9fd95a991bd37f1d8a46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=8tcsuNcgk9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:16:19 GMT
x-content-type-options: nosniff
age: 56029
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25833
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 08:54:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 04 May 2023 02:16:19 GMT

GET
H2 200 dc_oe=ChMIj8Tl_NrZ_gIVPZ39Bx0mkQpWEAAYACC6vfdKQhMI8bnB_NrZ_gIVLbfRBB0TYAXI;stragg=1;&timestamp=1683136208319;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 592A 42 B
401 B 100ms
43ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj8Tl_NrZ_gIVPZ39Bx0mkQpWEAAYACC6vfdKQhMI8bnB_NrZ_gIVLbfRBB0TYAXI;stragg=1;&timestamp=1683136208319;str=Show%20Slide%200;strtype=1

Requested by

Host: k8ccwwesx.store
URL: https://k8ccwwesx.store/indexdavc.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOKpJ0r9Gl0MRNbUuAzN2GU&google_cver=1&google_push=ATf1kGOvb2qrD997_KVnLUqHaBevFqod-VJevE1RxL6htApAL4YEoWTcdAHCyszA2nRyJkt-d9nGbb0ACfibilAo2wFqPMmxrQ

Verdicts & Comments Add Verdict or Comment

416 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.k8ccwwesx.store/	1970-01-20 21:08:16	Name: __uidac Value: 78550e439b1a87e578b51200a1bb5622
.logging.admicro.vn/	1970-01-20 21:08:16	Name: __create Value: 1683136202
.logging.admicro.vn/	1970-01-20 11:33:42	Name: uinfo Value: -1
.logging.admicro.vn/	1970-01-20 11:33:42	Name: __tb Value: 0
.logging.admicro.vn/	1970-01-20 11:32:16	Name: __OS Value: 10_Windows+10_+_+_14_113.0.5672.63__0
.logging.admicro.vn/	1970-01-20 21:08:16	Name: __uid Value: 7731362023644888841
.logging.admicro.vn/	1970-01-20 11:32:18	Name: linfo Value: 117_1683136202
.logging.admicro.vn/	1970-01-20 11:32:18	Name: __C Value: 117_1683136202
.amcdn.vn/	1970-01-20 21:08:16	Name: __create Value: 1683136202
.amcdn.vn/	1970-01-20 21:08:16	Name: __uid Value: 5383136202857653364
.lg.nanda.vn/	1970-01-20 21:08:16	Name: __uid Value: 7383136202995348990
.lg.nanda.vn/	1970-01-20 21:08:16	Name: __create Value: 1683136202
k8ccwwesx.store/	1970-01-20 21:08:16	Name: __RC Value: 117
k8ccwwesx.store/	1970-01-20 21:08:16	Name: __R Value: 0
k8ccwwesx.store/	1970-01-20 11:46:40	Name: __uif Value: __uid%3A7731362023644888841%7C__ui%3A-1%7C__create%3A1683136202
.k8ccwwesx.store/	1970-01-20 21:08:16	Name: _uidcms Value: 7731362023644888841
.k8ccwwesx.store/	1970-01-20 11:33:42	Name: _gid Value: GA1.2.274602505.1683136203
.k8ccwwesx.store/	1970-01-20 11:32:16	Name: _gat_GA1 Value: 1
.k8ccwwesx.store/	1970-01-20 11:32:16	Name: _gat_testChannel Value: 1
.k8ccwwesx.store/	1970-01-20 21:08:16	Name: __utma Value: 228882502.449717621.1683136203.1683136203.1683136203.1
.k8ccwwesx.store/	1969-12-31 23:59:59	Name: __utmc Value: 228882502
.k8ccwwesx.store/	1970-01-20 15:55:04	Name: __utmz Value: 228882502.1683136203.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.k8ccwwesx.store/	1970-01-20 11:32:16	Name: __utmt Value: 1
.k8ccwwesx.store/	1970-01-20 11:32:18	Name: __utmb Value: 228882502.1.10.1683136203
.k8ccwwesx.store/	1970-01-20 13:41:52	Name: _gcl_au Value: 1.1.683302837.1683136203
.k8ccwwesx.store/	1970-01-20 21:08:16	Name: _ga_SPFXF87NXW Value: GS1.1.1683136203.1.0.1683136203.0.0.0
.k8ccwwesx.store/	1970-01-20 21:08:16	Name: _ga Value: GA1.1.449717621.1683136203
.k8ccwwesx.store/	1970-01-20 13:41:52	Name: _fbp Value: fb.1.1683136203633.27036260
.k8ccwwesx.store/	1970-01-20 20:53:52	Name: __gads Value: ID=4f1399e1dd6401f9-2249b24eb8dd004a:T=1683136204:RT=1683136204:S=ALNI_MYXKYnQXGm7KDeVdimufzAvRUVnug
.k8ccwwesx.store/	1970-01-20 20:53:52	Name: __gpi Value: UID=00000bf51c913968:T=1683136204:RT=1683136204:S=ALNI_MYtXxHJuscG-Opj-Rv6yw9le87sJQ
.doubleclick.net/	1970-01-20 20:53:52	Name: IDE Value: AHWqTUkQ8XnQLs11L39TWf6w_768Pu1aonxELKTSfIKQh8WrAMmpY3-IoxqKJtz63-E
.adnxs.com/	1970-01-20 13:41:52	Name: uuid2 Value: 3279364737238935802
.casalemedia.com/	1970-01-20 20:17:52	Name: CMID Value: ZFKezGZV2BlYFJLo-UAf7QAA
.casalemedia.com/	1970-01-20 13:41:52	Name: CMPS Value: 1202
.casalemedia.com/	1970-01-20 13:41:52	Name: CMPRO Value: 1202
.adnxs.com/	1970-01-20 13:41:52	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%uuUZJ<!]tbPl1M>e)ZlrFUfJ+tGXxoPKeO::I1T(jMdNMGcWSQ'SDe[^Na`ajZa_S23If)y3KL9D3I?+8@BL?P
.doubleclick.net/	1970-01-20 11:32:19	Name: DSID Value: NO_DATA
.simpli.fi/	1970-01-20 20:19:18	Name: suid Value: 4D6F041C3663422B887DA9164EE94A59
.bidswitch.net/	1970-01-20 20:17:52	Name: tuuid Value: cb2200bc-6d2a-4c03-8d9d-2a488ade318c
.bidswitch.net/	1970-01-20 20:17:52	Name: c Value: 1683136204
.bidswitch.net/	1970-01-20 20:17:52	Name: tuuid_lu Value: 1683136204
.lijit.com/	1970-01-20 20:17:52	Name: ljt_reader Value: GlbuvGZH_gPswSUwS06cW7DF
.pubmatic.com/	1970-01-20 11:33:42	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 20:17:52	Name: KADUSERCOOKIE Value: A60D2B01-61C5-4061-A088-21DE43BE6F71
.sportradarserving.com/	1970-01-20 20:17:52	Name: zuuid Value: 722dc26b-525f-44d3-b660-e6cb27949596
.sportradarserving.com/	1970-01-20 20:17:52	Name: c Value: 1683136205
.sportradarserving.com/	1970-01-20 20:17:52	Name: zuuid_lu Value: 1683136205
.sportradarserving.com/	1970-01-20 20:17:52	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 20:17:52	Name: zuuid_k_lu Value: 1683136205
.yahoo.com/	1970-01-20 20:18:13	Name: A3 Value: d=AQABBM2eUmQCEEEKCtYYoHXwgycrtbz7YkcFEgEBAQHwU2RcZAAAAAAA_eMAAA&S=AQAAAh15jsByM_b1QJ2h6crrzqc
.mathtag.com/	1970-01-20 20:58:11	Name: uuid Value: 2b136452-9ecd-4d00-9df2-bc8e2532bebd
.mathtag.com/	1970-01-20 12:15:28	Name: mt_mop Value: 4:1683136205

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
ade.googlesyndication.com
adi.admicro.vn
adminplayer.sohatv.vn
adservice.google.com
adservice.google.de
ajax.googleapis.com
amcdn.vn
ap.lijit.com
cm.g.doubleclick.net
connect.facebook.net
deqik.com
dsum-sec.casalemedia.com
fgp.philacct.com
gamek.mediacdn.vn
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
k8ccwwesx.store
lg.nanda.vn
lg1.logging.admicro.vn
media1.admicro.vn
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
region1.google-analytics.com
rtb.openx.net
s.ad.smaato.net
s0.2mdn.net
secure.adnxs.com
static.amcdn.vn
static.contineljs.com
static.philacct.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
tpc.googlesyndication.com
um.simpli.fi
vccorp.mediacdn.vn
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
sync-tm.everesttech.net
103.229.205.243
123.30.151.76
123.30.151.81
123.30.151.88
123.30.242.10
142.250.181.226
142.250.186.130
142.250.186.162
185.64.190.78
185.80.39.216
2001:4860:4802:32::36
216.52.2.39
2405:f980::1:10
2405:f980::1:13
2600:9000:211e:e600:1b:5138:8a40:93a1
2606:4700:3034::6815:4df3
2606:4700:3034::ac43:d509
2a00:1450:4001:800::200e
2a00:1450:4001:806::2002
2a00:1450:4001:806::2006
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:827::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c09::9a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:d29:3602:a6ef:9034:ef93:4d3e
3.125.94.102
3.126.13.24
34.91.62.186
35.227.252.103
37.252.171.52
37.252.171.85
51.89.9.253
69.173.144.165
00d6272f8ba086bd63eed498e6a916b8d9eb0f51920af223b1596e0b72c9a4a3
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0535b2dd5b534b752aa5b1774246f26c5e20f5ff5952dca8a64e9b1af4763bd1
093e65b069d8ce60d6eed1d7d50ddff713536a3ca0d4351da7d27a3ec4b0cbca
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fb48768d4afbe2ae2b680b90443bf4e458c755622e2550bf3989e93ca3c3c1d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1471c3ca7506b2b7c7e138d67069adf92d6f79ba2f7e6e621682e51387d776f2
1562d52e7ec908dc77567979eefa514e785555a51fa6ecddd56f7edf67e909a9
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b1a858fb5e6db806cf5cf78b66c32be6eefe34cbba2ffe3bcdf856ab6d3eaf7
1c01134c8fb953c6e6f93a4692d6384c5f372c3eac2d9fd95a991bd37f1d8a46
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1fc5dd801f5c97faa3fe08cfc441f0f461da165ebf6e75a357b33fa6da021a05
218438d9064ed348e8c8dcf0e7e2af9773e570b2b6423126a111cc99fd955011
2202b803df7cd5c60ec348ad46d1abd54206e7e0af84ee13a5e68a2de7e7f18d
23bee9e982dbb98d07b9a900a405fc6d207839360315a6e45ea8093d1199535c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2753bc838fb99f221507e0867972e92a1ed359dda0af974d2a1c07f56dd28003
2815303d3b0b23269b57e4a5ff8494cbfc8ff0cc65e67180f250f1a6dfdabcac
2cffcfaacd57b1261f9528bf5cf177907f5dbfc64d5f39796a8bb329e8d1a430
2ec30c42bfeed0600dee842997ab59e84e0fbe03bd13921e573dde3cb18a7546
2f97afc77928330809390a97f7536e2f9a31b03ad0f6cf77ff95fcbe61ee4986
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32b0a64bd42803f6e8af33df31e7307a7951dbb07f21e2cd3d68b7fd48b2b07b
33c654bc9298696de6a89c1367f976c63c2648472ff6e7f1dc8447a7b096f466
36f72db671128b39b7c0a45e367ef4f85d5a8c59de756b8c3a8cf4d405c250ce
37c2275346a926539fe51e964a5825e79bdcff0b0f53f55c9681dab96e69be49
3de14af47e0c097866ade6f7c491a1ea4324b97f629dfc0afc9f22de35a9fc8b
4487a470b5b991aee82f852d6038c563fdf8e33f931870d00613828cca7aa619
452450fbb6564fa68de2a52c031936cc345f33c7f4ac0637a997fbb903607c91
4616d49eb72c505c0c7c4d4149da5461d221564483d9a269c3f61f0694874365
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
4a97d0436cb1463ada3aa57030a208f83ed40348eef3b96554663c1e3bcf806a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cebd28d5cd2175f2fe62d440e48f143eed9662cc73a97a030e14d71752714b8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51492c14a0556272b9fe301830cfcdddb14c1c498557f2d24b2e31e826be7512
519d60dc92bdc5c99ad8db226493d19c5aea03d981b378010fb397cf3f5c3841
534fb3bf760b3ec8d347f30f85b2de955d6a4052161b39e2a615dfcddaba3faa
558d480f52903f44c0656288c548423ae5ad63518779d9d4ba16d103690679ee
5593d6421d13970adb76b5de6b04e1cfb11ccc982792f715e68eb79b08de0bcc
5796dad7ea6e51f9ebcb34f34a0494c63afe5ebb32edf14e25987404e89640c8
5a825d7f32c342c0918c688208cfee5034c4bae82b19d3d895dd1136a6f47d8b
5b3b56c9c2982c038bd0ddbf68f4ac9891835e1907baa3acab03567716a131ae
5e434be5c7492450a0ba45737d3da4c666830c67bb7eef36ba165c07d189dac5
60131c41e4202c29147bab657da90f51429bc4cdb35c16bd807e491358912083
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65278bdabf96ce77a8ac2995147edcbf3608a5e1233e778e0863915a9331edb0
67551df7530ecb331c923d14ca78147919dd31d475dc7c1353aa182f2bd67409
69330f1082873ed22a1191812e88256e1db8eacb18c0bca7e84416b5d47a0bc7
6a2959b48940ae172de360c0635dac0f6f8e57201b148c4828c5e84385a9a04f
6e34e8696d51c15b5f0e261c0633ac2fb615ed51ac4795844e72b2a58fa12dee
6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17
7141471cf38c1e5f68499d03fc12899c1d4f91358d533881a7c5e8ddf10a5ad5
7310c44f614d2e5bf715e47504daf9ed198eacc46fb29894c51e1b84d3e1fa36
750adbcdb929dc3e8a56318ce17088877980d77119e2bb8b5cdaac33a7098aa0
77314b8e2383ace311d6db887e7318c8cbb3c905c93eac63f16f2bf0e14882dd
7cca0fafdd48c55624c9476a005fc469f112dc3c9e26fa2bc331e48b63867b3d
7d54acc2f3c80e30c691fb6260a4941f8e4e1c7ef295534e71a7dfc778404b08
7d5c876612e40f214f4a5583d90a50af75e95c38f2ba63141e92262a26f7a596
7dc3b671e27501f8496f119a4552243e4a29ce815e7349eb64c58cbd8a8905ca
80dda122ffbd6798f6854c78267fa4d2279a0c54846f1af93bb842c7320f2bfa
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835384d482f89227a54a2c6cbea18c2835aa4f2a724eaa094955a40bc9f15641
839a374643947431ca0114748399e7f3b1c645277e823f03a50bcd6e1c0c0baf
8455c1c2d1cfbcc4d91725ec2d6ff649c6479110951dac890fdf6bb9da74ba5f
84c07924a07fec756e2098f444738954e34123f1404b60414402d0f6e74c030b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852201c3b57de7b594b520c94ac6da686e3520cb54d756d248fa0b9bd337ad89
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
889d851a77181025a20b66ed1d301fc4efbaeacdaae8b8fc520a06c54696a0c1
8c6dc32d121be2319e6605e1f583ef12a9d76a9d0d68ab1a6dd76049e35d87a4
8cf51a28990267e6a6c75b633015f68016344a8104f0f525ba677ec9cf269dd2
8de73b8c9c9d8b3359c9e50a046f1cc12277e3fbbe4f19c8d47434b2fdccebe8
90acc1dcbd45e9a5eb9217b4fa15a601d207d1345ee97717769a5d2f05f7cea0
929db1de11fdd6ac33f066937926f55fb9d23aaf611daf00781612601d7c9ecb
93eb712aed2c12446379c5364ea343d329061fba7f9490e413d7d087348b5e31
94f86e4a909c28a57b9995bccf8689f1597affecd652f0a8fed7e49890d84bfc
96056e3107d5ec8350a5f06d2540d47ee7532d0f07aa5571871b1bc3cf82aa46
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ae65e1c6e07f08231c675c6b65cd138e6a5e1e09daad2c65d0180902ea1318f
9b034492bdf4019ff901d0666c46b9d484347af400eea27d4268f50fd0c4d31d
9b69708c866676e9c188a7727e93b0c10d9e4c37945f1a8490ed6a24d692f8bc
9e9efcb83c65b19c1e5beda26cfd017576e8ed57bd67876ca87f7634ffc8bf8e
9f7b103418c76d3c630fa9ac6128249bebab1e97454948c2fcfc22fc88f4ea3a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a263eac2ad4afa7f7c974e9676e0fb60bc735b450b57ce30f08bd37a575d5e5f
a3c0b5fae0616b2eb0d3447922bf7fb9c0508c6adec107accb4767bf9b5c894e
a3fbbc62acbc33a05f52d5c410dfff26fa7ae3907929329f64379421cdb20e34
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a56d383cffdd997135de848ffc9e93f1326a09d02a07a3f38f39b0e9895d1395
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
ad07124f6ae9a6764aec90d9900afddb2cc5b48ddfd4a890d02eb67b1e8e5077
ad4b54958e22dfa1d3c6b94b99d8390230d9074327687c297e4831315a0b6818
adc8730b8a390f108424de8be9eb0585e5d581c03e7811095aae89ebb3fb38a4
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b340a906d4fc4c35e931097f28954c76a1d8f618c2dbd599054cde7fef903ff8
b46b999110afeb35ec22b707e8402f3f6d96a62f1825955441601aa265544633
b9d5f3f6f18ec7d8d11e99e4d5296910252a92317fcc7526d6838dbee524792d
ba8a3a57bf2bc545a10f3cc5003d041f975b2d2217d14462e39ef6c7d10aba2a
c193e8e1f65a1507398d6abfb5304330c60ab9934e7e8b886b26288bdcaac240
c231fb1705859e85fe90c24a6ac19723b655c8e6c0ccd30fdea356e1d68a05aa
c5c438d3d0f71ca6e76f691457bc5570ebc6189bd9adf04a8ff9589523cda27f
c5ff2238b1b43b730e2150b349e38068dd51d8b4f5d31a64116ba81af53af0e3
c691b65e0019946387eaa3d7069e8818754bf1160349f7b997e6b71534f49d2c
c82b1b5855b42a5531c51f09010b584e330fddd17569b552cb78300843f98466
c8e1eebc02599c9896e78d721eb085cf848d4de35b795b0c704928230ac43d95
cf0cf3a4991aa017eea8141c9918da7f32a776fcf779f37cdd9505a3c50539d3
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
d069c59a0c6560c826434ce5ae6084e3fbe9b00e4cfa15b8cd0b52fb5729e3a1
d0eccd86bbd329e3138a4a81ee2f6737644b052e9e8090f3c5321ba8a635e5a2
d338459da55c6a88acde4cc52be9bed9e26bc8aadc9ff8cdc2e430f9f17dd14f
d370b9485701d3c481274102dbe868b667cee1ab4c61aee8abc07d3860ef9a3e
d4e538d27534fa3cf2a18a1b057420bd62e86d1b31078fd4c523dbef9e4eeb21
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d87cee1615afcf6042d954ecee3c0cab8b8a86e9a41d6a241d1a567a9827e164
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dc96c259aa15c0ecfbc0b14e954c210e5434dd9d1db192c4d222d1e22f2c0f5f
dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bc8d2946d9ac7e39fd45039d18f29cb88b5feb2608a81816d082894d63090c
e539941cb311e6e78f14367925ffad0a4375ede1609ea99697836b9112ec5f9c
e61fd45407ec94fcaf4f11a2a4cb98fc514a45a56d73be14ed0cbe8d896a4f4f
e728fe40da58cadf21a03d28ed7d43ccc98bc825c608596883052911b570476c
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8fab4708422172956dd7b3e03593b6158704e6c1a1cc8a5313e461c166afa5e
e9384d83692549a6d3d0799b3fb5f65d4fd49a0400ff27036e1ff0c072b81db9
eadd5798005b45f223f3b16fde87bbe0cdd43e7e42997825c148ae940d62f9ce
ece02d06227c1bfc5e4439ea3fa37bab51694a1a00056f315dc06769a666ac9d
ed5f84e46b2733178901bd0f32b1ef122b594cc42d86c0e91e3f7910394f803e
eed66b5d034df77901c6c3b413a5aa31d7be3a160f121159438e492aa67bd8e3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f7dec02e12ef802d0d33ce2182132222205bfcfa16db5d49240c2bf7e0e4b2
f11d127031b80973c04739bd58d1b1324144c222e14689b0a097caef7f584d61
f13dfb1c4185b555c42f610c21bdbfd60cd543d1b6e07850d5a741b5bb01d555
f1b24c0429100178d2de9f28c363995ca6c6e432cad1e46ed7ea9bd3778a45ae
f38e31ecde6f7ee87f73444f49e9a4a5262e4604b94a321750010e5f0b1bb9fc
f418e41e3ceb8b627a8a961ea24a7eaa52cbc7cb8bf0ddc997b75bc2035df64e
f6aa19fb8f4bee0ce6ef084579cea33c7b7c8bd2688a947aedb4bce0b42c21c5
fa696f5f1aa34c6b3b3bd4dd87edcd587ac891fc2c03a68fe9b82f975241ebb2
fa852ae558d81f45f70172edda0888aa0bc9d2a9b8dd0af065c5fdafd2b66404
fb62fff5455c97f66ddb233cfba61136f51bf98e4fbd9ec7c203a62ab1012417
fc850d8e6964c31758d6d1ea7db7de2c4d11db71ccc93f1813649e77727f6014
fd9f1c67d23ef3b8254a0085c3610d787f30b3bab9bfdffdeb6bf808321909c6

k8ccwwesx.store Open in urlscan Pro 2606:4700:3034::6815:4df3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

233 Requests

93 %HTTPS

55 %IPv6

36 Domains

50 Subdomains

32 IPs

9 Countries

4719 kBTransfer

9582 kBSize

52 Cookies

6 Outgoing links

Page URL History

Redirected requests

233 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

k8ccwwesx.store Open in urlscan Pro
2606:4700:3034::6815:4df3 Public Scan

Screenshot
Live screenshot

Full Image

233
Requests

93 %
HTTPS

55 %
IPv6

36
Domains

50
Subdomains

32
IPs

9
Countries

4719 kB
Transfer

9582 kB
Size

52
Cookies

233 HTTP transactions
2 data transactions