anonyviet.com Open in urlscan Pro
2606:4700:3030::ac43:8c4d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Submission: On March 08 via manual (March 8th 2023, 8:32:10 am UTC) from VN — Scanned from DE

Summary HTTP 231 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 57 IPs in 10 countries across 41 domains to perform 231 HTTP transactions. The main IP is 2606:4700:3030::ac43:8c4d, located in United States and belongs to CLOUDFLARENET, US. The main domain is anonyviet.com. The Cisco Umbrella rank of the primary domain is 735532.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 19th 2022. Valid for: a year.

This is the only time anonyviet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	2606:4700:303... 2606:4700:3030::ac43:8c4d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:806::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
8	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	167.172.175.225 167.172.175.225	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.139.35 52.222.139.35	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:e600:a:e047:752:b361	16509 (AMAZON-02) (AMAZON-02)
3 10	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
4	18.66.97.36 18.66.97.36	16509 (AMAZON-02) (AMAZON-02)
31	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	18.185.173.185 18.185.173.185	16509 (AMAZON-02) (AMAZON-02)
3 10	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	52.50.248.190 52.50.248.190	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
1	199.232.18.132 199.232.18.132	54113 (FASTLY) (FASTLY)
1	157.230.100.179 157.230.100.179	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	167.71.54.9 167.71.54.9	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	142.250.180.198 142.250.180.198	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::200e	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 19	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	3.64.167.250 3.64.167.250	16509 (AMAZON-02) (AMAZON-02)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 3	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
1 2	23.35.209.30 23.35.209.30	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5 5	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
1 2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	213.227.153.223 213.227.153.223	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
231	57

33 2606:4700:3030::ac43:8c4d (United States)

ASN13335 (CLOUDFLARENET, US)

anonyviet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.172.175.225 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.webpushr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-35.ams50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:e600:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:400d:80a::2004 (Ireland) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.97.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-36.fra56.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.173.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-173-185.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 76.223.111.18 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.248.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-248-190.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.132 (United States)

ASN54113 (FASTLY, US)

widgets.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.18.132 (Vienna, Austria)

ASN54113 (FASTLY, US)

zem.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.230.100.179 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

bot.webpushr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.71.54.9 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

analytics.webpushr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.180.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::200e (Ireland)

ASN15169 (GOOGLE, US)

marketingplatform.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.186.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.64.167.250 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-167-250.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.209.30 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-209-30.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.204.74.118 (Groningen, Netherlands) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.4.23 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.153.223 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

b1t-eudc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 140	483 KB
47	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 ad.doubleclick.net — Cisco Umbrella Rank: 171 cm.g.doubleclick.net — Cisco Umbrella Rank: 202	381 KB
33	anonyviet.com anonyviet.com — Cisco Umbrella Rank: 735532	1 MB
20	gstatic.com fonts.gstatic.com www.gstatic.com	258 KB
15	3lift.com 3 redirects ib.3lift.com — Cisco Umbrella Rank: 1325 tlx.3lift.com — Cisco Umbrella Rank: 498 eb2.3lift.com — Cisco Umbrella Rank: 338	71 KB
13	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2 marketingplatform.google.com — Cisco Umbrella Rank: 10070	2 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	318 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 306 fonts.googleapis.com — Cisco Umbrella Rank: 36	35 KB
5	adform.net 5 redirects c1.adform.net — Cisco Umbrella Rank: 590	3 KB
5	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2450 google-bidout-d.openx.net — Cisco Umbrella Rank: 2399 rtb.openx.net — Cisco Umbrella Rank: 1367	1 KB
4	webpushr.com cdn.webpushr.com — Cisco Umbrella Rank: 27675 bot.webpushr.com — Cisco Umbrella Rank: 49226 analytics.webpushr.com — Cisco Umbrella Rank: 37978	18 KB
3	simpli.fi 3 redirects um.simpli.fi — Cisco Umbrella Rank: 730	2 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431	3 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 378 mug.criteo.com — Cisco Umbrella Rank: 2719	7 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8947 www.google.de — Cisco Umbrella Rank: 6149	1 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2425 www.google-analytics.com — Cisco Umbrella Rank: 30	20 KB
2	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 105	2 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1218	457 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 741 s.tribalfusion.com — Cisco Umbrella Rank: 1813	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 277	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 755 r.turn.com — Cisco Umbrella Rank: 3104	869 B
2	zemanta.com widgets.zemanta.com — Cisco Umbrella Rank: 14950 b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 18816	5 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1183 bcp.crwdcntrl.net — Cisco Umbrella Rank: 858	10 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 912 id5-sync.com — Cisco Umbrella Rank: 404	17 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	88 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 13023	5 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 195	23 KB
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1084	213 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 296	265 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1865	173 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 459	864 B
1	outbrainimg.com zem.outbrainimg.com — Cisco Umbrella Rank: 2756	21 KB
1	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1404	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2734	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 339	900 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 625	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2643	8 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	605 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 927	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	68 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 788	20 KB
231	41

	Domain	Requested by
33	anonyviet.com	anonyviet.com static.cloudflareinsights.com
31	tpc.googlesyndication.com	31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com
20	pagead2.googlesyndication.com	anonyviet.com pagead2.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
19	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net anonyviet.com
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net anonyviet.com
12	fonts.gstatic.com	fonts.googleapis.com
10	eb2.3lift.com	3 redirects 31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com ib.3lift.com
10	www.google.com	3 redirects anonyviet.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	www.gstatic.com	googleads.g.doubleclick.net
8	securepubads.g.doubleclick.net	anonyviet.com www.googletagservices.com securepubads.g.doubleclick.net
7	www.googletagservices.com	anonyviet.com 31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com googleads.g.doubleclick.net
5	c1.adform.net	5 redirects
5	fonts.googleapis.com	anonyviet.com googleads.g.doubleclick.net
4	ib.3lift.com	31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com ib.3lift.com
3	um.simpli.fi	3 redirects
3	ssum-sec.casalemedia.com	3 redirects
2	www.facebook.com	1 redirects connect.facebook.net
2	sync.teads.tv	1 redirects anonyviet.com
2	rtb.openx.net	googleads.g.doubleclick.net
2	x.bidswitch.net	2 redirects
2	analytics.webpushr.com	cdn.webpushr.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects anonyviet.com
2	connect.facebook.net	anonyviet.com connect.facebook.net
2	31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	www.google-analytics.com	anonyviet.com www.google-analytics.com
2	images.dmca.com	anonyviet.com
2	cdnjs.cloudflare.com	anonyviet.com
1	b1t-eudc1.zemanta.com
1	odr.mookie1.com	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	s.tribalfusion.com	anonyviet.com
1	a.tribalfusion.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	sync.mathtag.com	1 redirects
1	r.turn.com	anonyviet.com
1	ad.turn.com	1 redirects
1	marketingplatform.google.com	anonyviet.com
1	ad.doubleclick.net	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	bot.webpushr.com	cdn.webpushr.com
1	zem.outbrainimg.com	31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com
1	widgets.outbrain.com	31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com
1	mug.criteo.com	anonyviet.com
1	widgets.zemanta.com	ib.3lift.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	tlx.3lift.com	31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com
1	www.google.de	anonyviet.com
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.webpushr.com	anonyviet.com
1	region1.google-analytics.com	www.googletagmanager.com
1	static.cloudflareinsights.com	anonyviet.com
1	www.googletagmanager.com	anonyviet.com
1	ajax.googleapis.com	anonyviet.com
1	maxcdn.bootstrapcdn.com	anonyviet.com
231	65

This site contains links to these domains. Also see Links.

Domain
paypal.me
tinproxy.com
www.watched.com
www.dmca.com
shbet8.org
youtube.com
iwinclublink.app
gameiwin.net
iwinapk.com
www.tdtc.info
www.w88top.info
win456vip.club
iwin8888.club
ku11net.com
taiku.info
tinwin.club
f8bet0.co
new8869.com
twitter.com
www.webpushr.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-19` - `2023-05-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
images.dmca.com R3	`2023-01-13` - `2023-04-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.webpushr.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-13` - `2023-05-17`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-15`	2 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-01-29` - `2023-04-29`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-02-23` - `2023-06-11`	4 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.zemanta.com R3	`2023-01-18` - `2023-04-18`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.outbrainimg.com R3	`2023-02-01` - `2023-05-02`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-02-12` - `2023-05-13`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Frame ID: 7595BA84CB2D6DE28B01EDD870DE3812
Requests: 91 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20190131/zrt_lookup.html
Frame ID: 7F60B2EE1FCDB51F9FD742D395717E4C
Requests: 1 HTTP requests in this frame

Frame: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F70234BC7A6C59A5518CC9D138410030
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&adk=1812271804&adf=3025194257&lmt=1678264312&plat=3%3A16%2C4%3A16%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264312474&bpp=6&bdt=1471&idt=366&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5256364240302&frm=20&pv=2&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=459
Frame ID: 4D7545DFF738440863306F3C075CE8C9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=280&slotname=2284993155&adk=1104571469&adf=203526347&pi=t.ma~as.2284993155&w=1200&fwrn=4&fwrnh=100&lmt=1678264312&rafmt=1&format=1200x280&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264312519&bpp=12&bdt=1516&idt=445&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xBob3s5L08&p=https%3A//anonyviet.com&dtd=455
Frame ID: 528CD775AF41228A2DB3D6D20ED07C83
Requests: 17 HTTP requests in this frame

Frame: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7F1688AE52489F355EEE1370CA9F8BB3
Requests: 19 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=anonyviet.com
Frame ID: F6DFB254147156D279DFB7838089E629
Requests: 2 HTTP requests in this frame

Frame: https://widgets.zemanta.com/1661433531/widget-336x280.js
Frame ID: A266D21084227FA430F4A114C4EB573F
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=280&adk=2035709028&adf=3546131230&pi=t.aa~a.248467665~rp.4&daaos=1678233736636&w=1170&fwrn=4&fwrnh=100&lmt=1678264313&rafmt=1&to=qs&pwprc=2659037108&format=1170x280&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264313604&bpp=1&bdt=2602&idt=-M&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D397f6e8d981f9038%3AT%3D1678264312%3AS%3DALNI_MaA6C1OhneARynHevk8dsz_G_tXHw&gpic=UID%3D00000bc2674e4a1b%3AT%3D1678264312%3ART%3D1678264312%3AS%3DALNI_MZ_l5NvB854Y-sEqH0pJ6_yacKt8g&prev_fmts=0x0%2C1200x280&nras=2&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3064&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=1qcpQGCMgP&p=https%3A//anonyviet.com&dtd=26
Frame ID: DB98B75A18F8A33D6147B8DBA3CD3D66
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=280&adk=2603416086&adf=3803891251&pi=t.aa~a.280637418~rp.1&daaos=1678233736636&w=1170&fwrn=4&fwrnh=100&lmt=1678264313&rafmt=1&to=qs&pwprc=2659037108&format=1170x280&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264313604&bpp=1&bdt=2602&idt=-M&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D397f6e8d981f9038%3AT%3D1678264312%3AS%3DALNI_MaA6C1OhneARynHevk8dsz_G_tXHw&gpic=UID%3D00000bc2674e4a1b%3AT%3D1678264312%3ART%3D1678264312%3AS%3DALNI_MZ_l5NvB854Y-sEqH0pJ6_yacKt8g&prev_fmts=0x0%2C1200x280%2C1170x280&nras=3&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=oMQSHgWpbo&p=https%3A//anonyviet.com&dtd=42
Frame ID: DCF7996E5456DD5075514376B5A92ADC
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=100&adk=1234404052&adf=1442665407&pi=t.aa~a.3548350786~rp.4&daaos=1678233736636&w=360&fwrn=4&fwrnh=100&lmt=1678264313&rafmt=1&to=qs&pwprc=2659037108&format=360x100&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264313604&bpp=1&bdt=2602&idt=1&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D397f6e8d981f9038%3AT%3D1678264312%3AS%3DALNI_MaA6C1OhneARynHevk8dsz_G_tXHw&gpic=UID%3D00000bc2674e4a1b%3AT%3D1678264312%3ART%3D1678264312%3AS%3DALNI_MZ_l5NvB854Y-sEqH0pJ6_yacKt8g&prev_fmts=0x0%2C1200x280%2C1170x280%2C1170x280&nras=4&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=2904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=bCsHgdAj51&p=https%3A//anonyviet.com&dtd=48
Frame ID: E76F9EA03119A81BBB1CE204A1D99404
Requests: 10 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 8C7FFD2E4B07820C3F4CF1C309A6EDE2
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=25705
Frame ID: 5B49EFD398DB042BC79BE1BA262EEA21
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Frame ID: AC76F31F543DA51C5656A0E21AC1AE19
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1F88677B52B561D773707DC07D3C6D26
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 395AE8CEA6A9B474A08662F5775BEFF4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 097CABA6D16FC2463DAA6138AAB984D1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Frame ID: FFF0333ECD53E794213D0F8C68899DC8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Frame ID: 6E16AF3F1673907E59995972CE287A23
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6B1110C6B7591AA49A62A6C7FD96DA09
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BE543A7F92B584B8DA40E08FDCC694F3
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3CBE4C8484EC964E019CB1B4E80D16A4
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 71224990745712E06CE9648099B2AFDD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7080FF6577DA90CCCCF944D30539BEA7
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Frame ID: FFA633C2A632B8061AFD72759F68B80B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Frame ID: 8599C6DE823392CF2E3A6ED36648575E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df20102da83028cc%2526domain%253Danonyviet.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fanonyviet.com%25252Ff3312f342190218%2526relation%253Dparent.parent%26container_width%3D1580%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fanonyvietdotcom%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width
Frame ID: F4F647FE329D7D9D11F0A29322394CC2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 118AE9D32AEAB5E562DCDFF44AAB8B4F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 90B0270CEC4207D8BBEFF86FF65A5BA5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Đang lấy thông tin dữ liệu - AnonyViet

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

231
Requests

92 %
HTTPS

52 %
IPv6

41
Domains

65
Subdomains

57
IPs

10
Countries

2956 kB
Transfer

7786 kB
Size

27
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: http://paypal.me/anonyvietdotcom
Title: Donate – Mời AnonyViet ly Cafe ☕

Search URL Search Domain Scan URL

URL: https://tinproxy.com/

Search URL Search Domain Scan URL

URL: https://www.watched.com/download
Title: 👉Truy cập trang đích👈

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=01fbf39a-d7d1-4318-bc17-316e0b338240&refurl=https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Search URL Search Domain Scan URL

URL: https://shbet8.org/
Title: https://shbet8.org

Search URL Search Domain Scan URL

URL: https://youtube.com/
Title: Youtube

Search URL Search Domain Scan URL

URL: https://iwinclublink.app/
Title: iwinclublink.app

Search URL Search Domain Scan URL

URL: https://gameiwin.net/
Title: tải game iwin

Search URL Search Domain Scan URL

URL: https://iwinapk.com/
Title: tải iwin apk

Search URL Search Domain Scan URL

URL: https://www.tdtc.info/
Title: tải tdtc

Search URL Search Domain Scan URL

URL: https://www.w88top.info/
Title: w88 top

Search URL Search Domain Scan URL

URL: https://win456vip.club/
Title: tải win456

Search URL Search Domain Scan URL

URL: https://iwin8888.club/
Title: iwin888

Search URL Search Domain Scan URL

URL: https://ku11net.com/
Title: ku11net.com

Search URL Search Domain Scan URL

URL: https://taiku.info/
Title: ku fun

Search URL Search Domain Scan URL

URL: https://tinwin.club/
Title: twin

Search URL Search Domain Scan URL

URL: https://f8bet0.co/
Title: F8BET

Search URL Search Domain Scan URL

URL: https://new8869.com/
Title: https://new8869.com

Search URL Search Domain Scan URL

URL: https://twitter.com/

Search URL Search Domain Scan URL

URL: https://www.webpushr.com/
Title: Webpushr

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87

https://oajs.openx.net/esp?url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&rid=esp&cc=1

Request Chain 98

https://gum.criteo.com/sid/json?origin=publishertagids&domain=anonyviet.com&sn=ChromeSyncframe&so=0&topUrl=anonyviet.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ujCDFHxFeTI2YmxkVkk1OEE3Sk92YVlZbElPV3RNc2REZ2tuc0RNaVFsaVVKNDNXdy9STXo4dEUwVDM4V2VhUFA5Q1k3azZ3SCtTTnk0aEhRUnloS3dQNHVHY2gveDc4cFhnZkZ0VG1jb3dncGZSMFh3cWR5ZG9DODZOaCtaRmlTOXVpN1hncVZVWm1FTi9qT0ZpMkY3OHNIQWl3Q1hneXUvUk82TzRQM1l4dy9nRGpiMmFjRU16M1hYUTRPbTJUV0RVdzI2WlRwalV0SFdndUlCM0Rac0ZEWVFRa2d5a1BhaGpGa2t5OTF3MVFLZXQ1MW1xUFFZeC9NRE4vOE84QS9SOXRWampHTitrTUVGNlFEU0V2cCsyVG1xd203aXk5VnpwMVhKL01tQ1FlVjZhUT18&cppv=2

Request Chain 128

https://ad.doubleclick.net/ HTTP 301
https://marketingplatform.google.com/about/enterprise/

Request Chain 129

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 130

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGNjAalSmUT9JC9DozU5eAc&google_cver=1&google_push=Aa02lx_dUQ25gLvr1GV-sfhQtP5eZun7X4UXwCTli2Eypa2ZOeM4pky4Jq64cRiL-IL0lkiYFBskOXFsAW8-yLDTCK97AE6jDtVM_mA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY2MTQ3MTcxMjg4NDE4NjEyMw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELFGy8KEjwfigtaFPrcAIM0&google_cver=1

Request Chain 131

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESED7CSyEZgTtvHmp3NFNcHi8&google_cver=1&google_push=Aa02lx_LT91AtF8bDcQ9lhdPhuTJgydKRpB0McIzbCuite40hZSuNc2JHBkTZGfYpCPQT2dheujTVcb61i2HWYpvQtlolmYxBsMs4Y0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_LT91AtF8bDcQ9lhdPhuTJgydKRpB0McIzbCuite40hZSuNc2JHBkTZGfYpCPQT2dheujTVcb61i2HWYpvQtlolmYxBsMs4Y0

Request Chain 133

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFcMoFTKcryUXeXRoXhHk8E&google_cver=1&google_push=Aa02lx_KWvTx15GHfZJGJUjb4i_zblg5ImCzKrcS-LSYa-h7gsJztnlmYgA_OepOw1vAs1-tLCS3h5Mypnxqr4kOTzdLNoCEiFw-dgA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFcMoFTKcryUXeXRoXhHk8E&google_cver=1&google_push=Aa02lx_KWvTx15GHfZJGJUjb4i_zblg5ImCzKrcS-LSYa-h7gsJztnlmYgA_OepOw1vAs1-tLCS3h5Mypnxqr4kOTzdLNoCEiFw-dgA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_KWvTx15GHfZJGJUjb4i_zblg5ImCzKrcS-LSYa-h7gsJztnlmYgA_OepOw1vAs1-tLCS3h5Mypnxqr4kOTzdLNoCEiFw-dgA&google_hm=WP2m8tMjS_K74LveDkoACw==

Request Chain 135

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ0ZlBvzHtUnM_80qTh1SWQ&google_cver=1&google_push=Aa02lx9EbU1Erm04FvkZAo8ateZhpxRr9UqZOJlQJBRTKdR4_ReqvZnN6XA9SrtGoBn1mof8O8UHfzZQPguvFzp40i0qnLnRl4PtzT0 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJ0ZlBvzHtUnM_80qTh1SWQ&google_push=Aa02lx9EbU1Erm04FvkZAo8ateZhpxRr9UqZOJlQJBRTKdR4_ReqvZnN6XA9SrtGoBn1mof8O8UHfzZQPguvFzp40i0qnLnRl4PtzT0&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ0ZlBvzHtUnM_80qTh1SWQ&google_hm=ZAhH-gykg93pfqobQWUk8QAACLQAAAAB&google_nid=index&google_push=Aa02lx9EbU1Erm04FvkZAo8ateZhpxRr9UqZOJlQJBRTKdR4_ReqvZnN6XA9SrtGoBn1mof8O8UHfzZQPguvFzp40i0qnLnRl4PtzT0

Request Chain 136

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJyQoFGcyuX-RHhEw9C1pag&google_cver=1&google_push=Aa02lx-ACUl7T95QCWedjw6SxWC2u26agzfOcffNoSBmJT_7uXzHRKGhmbctjgMGw8Nm6vwuYpB4GtXfLRz5AqZRsNRf9Ij9iCEy118 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx-ACUl7T95QCWedjw6SxWC2u26agzfOcffNoSBmJT_7uXzHRKGhmbctjgMGw8Nm6vwuYpB4GtXfLRz5AqZRsNRf9Ij9iCEy118&google_gid=CAESEJyQoFGcyuX-RHhEw9C1pag HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIxODgyMjYwMDE0NDYwNTMyNTk4NQ%3D%3D&google_push=Aa02lx-ACUl7T95QCWedjw6SxWC2u26agzfOcffNoSBmJT_7uXzHRKGhmbctjgMGw8Nm6vwuYpB4GtXfLRz5AqZRsNRf9Ij9iCEy118

Request Chain 154

https://a.tribalfusion.com/i.match?p=b6&u=CAESEICmKx9AS4IARugdgsF97BQ&google_cver=1&google_push=Aa02lx8ZWo1NvJwh_JVAsE9B3tu-0z69dxEMWnkvusYu0fjqxJcYmj2v22Ra2IrxkyD_LxZspAfLWVmLwOz3oP_Ndu5zYFzCjAkL0g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx8ZWo1NvJwh_JVAsE9B3tu-0z69dxEMWnkvusYu0fjqxJcYmj2v22Ra2IrxkyD_LxZspAfLWVmLwOz3oP_Ndu5zYFzCjAkL0g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEICmKx9AS4IARugdgsF97BQ&google_cver=1&google_push=Aa02lx8ZWo1NvJwh_JVAsE9B3tu-0z69dxEMWnkvusYu0fjqxJcYmj2v22Ra2IrxkyD_LxZspAfLWVmLwOz3oP_Ndu5zYFzCjAkL0g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx8ZWo1NvJwh_JVAsE9B3tu-0z69dxEMWnkvusYu0fjqxJcYmj2v22Ra2IrxkyD_LxZspAfLWVmLwOz3oP_Ndu5zYFzCjAkL0g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 158

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGPi-2iRpE-rYgkzoR6glQE&google_cver=1&google_push=Aa02lx_nC6ZfmooAnT_8_8J33lRdz0WaQs4GeLaMtZM4Hpck2F-YOoRTB6t9cnD0CEHClJRiTjMnfHVjPp-V2byjLqSZuc8BCpqstN8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGPi-2iRpE-rYgkzoR6glQE&google_hm=ZAhH-gykg93pfqobQWUk8QAACLQAAAAB&google_nid=index&google_push=Aa02lx_nC6ZfmooAnT_8_8J33lRdz0WaQs4GeLaMtZM4Hpck2F-YOoRTB6t9cnD0CEHClJRiTjMnfHVjPp-V2byjLqSZuc8BCpqstN8

Request Chain 159

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESECJVts72y99HqY1MDU9VkcY&google_cver=1&google_push=Aa02lx_0BBEu5yXYl3tWoSCVWVVdJgmpM_Duaqv3skO0tCO9vVnlmkEz54njLqvIIieEsEVLDohqjTT2y3PmY5uytAhpwy4r5Tx8I5Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIxODgyMjYwMDE0NDYwNTMyNTk4NQ%3D%3D&google_push=Aa02lx_0BBEu5yXYl3tWoSCVWVVdJgmpM_Duaqv3skO0tCO9vVnlmkEz54njLqvIIieEsEVLDohqjTT2y3PmY5uytAhpwy4r5Tx8I5Q

Request Chain 160

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENPInH-gHnWhEvirG2W74o4&google_cver=1&google_push=Aa02lx8FA12oGeU_0f7GnMDLmFO0P4iWPA1gDsUp1t7pJ6D6jWf5dc-OhORRkhyaA1Ix650bqZf808QcdhYoAU-xO69eT_YauqI7Bx33 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx8FA12oGeU_0f7GnMDLmFO0P4iWPA1gDsUp1t7pJ6D6jWf5dc-OhORRkhyaA1Ix650bqZf808QcdhYoAU-xO69eT_YauqI7Bx33 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 201

https://um.simpli.fi/gp_match?google_gid=CAESEKLutu7DVT5jDx5EhaDU1v8&google_cver=1&google_push=Aa02lx9-2_CfUP4M-wuRaU5_0-LJ5kqfB1lx_7TV9mXvX6zvIlCCwq2vsQuJgcaqmcJhEdlHoxmcA5MmfHCFJIdTogGilcNlVerwLRk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3025F302B15B46FEB9D9D45FEF3B4F82&google_push=Aa02lx9-2_CfUP4M-wuRaU5_0-LJ5kqfB1lx_7TV9mXvX6zvIlCCwq2vsQuJgcaqmcJhEdlHoxmcA5MmfHCFJIdTogGilcNlVerwLRk

Request Chain 202

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMXf76RyMQhgFqZab1GuJnw&google_cver=1&google_push=Aa02lx8mJ9vJlX7oxNE-5pNk1arg2v-6u0ZvCQCUbRSefAnSs7X_d_lnA0qLSRdF-aX8eCsw1fjecOKrNhYZItCtaZKCnv8DSicy-lo HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMXf76RyMQhgFqZab1GuJnw&google_cver=1&google_push=Aa02lx8mJ9vJlX7oxNE-5pNk1arg2v-6u0ZvCQCUbRSefAnSs7X_d_lnA0qLSRdF-aX8eCsw1fjecOKrNhYZItCtaZKCnv8DSicy-lo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk3MDU1NDM3MTQ5MTM2ODUx&google_push=Aa02lx8mJ9vJlX7oxNE-5pNk1arg2v-6u0ZvCQCUbRSefAnSs7X_d_lnA0qLSRdF-aX8eCsw1fjecOKrNhYZItCtaZKCnv8DSicy-lo

Request Chain 204

https://um.simpli.fi/gp_match?google_gid=CAESEKLutu7DVT5jDx5EhaDU1v8&google_cver=1&google_push=Aa02lx-SnbHeqI4Kq4XTF7jfamC98tKgnSVcX8f5qtoWBWkhHN5jG0NtfFYxDrlQ86xABtHf_cHD-eoIQ82-HV-cJg5zWR1WpbgV7SY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=918BBDDC1D0843BFA444EB3BF2D62EC8&google_push=Aa02lx-SnbHeqI4Kq4XTF7jfamC98tKgnSVcX8f5qtoWBWkhHN5jG0NtfFYxDrlQ86xABtHf_cHD-eoIQ82-HV-cJg5zWR1WpbgV7SY

Request Chain 205

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMXf76RyMQhgFqZab1GuJnw&google_cver=1&google_push=Aa02lx9clmKIesB4Zjlrm3CvWdnYOpKytRqIMCI1S0e8ZlPCK4Vob-LFalF2dDNbHsD7lpNyBu-VDSl4Ufki3JPsff2tFtQkfwg4pg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMXf76RyMQhgFqZab1GuJnw&google_cver=1&google_push=Aa02lx9clmKIesB4Zjlrm3CvWdnYOpKytRqIMCI1S0e8ZlPCK4Vob-LFalF2dDNbHsD7lpNyBu-VDSl4Ufki3JPsff2tFtQkfwg4pg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI3NTEzMjcwODk5OTU2MzQwMw&google_push=Aa02lx9clmKIesB4Zjlrm3CvWdnYOpKytRqIMCI1S0e8ZlPCK4Vob-LFalF2dDNbHsD7lpNyBu-VDSl4Ufki3JPsff2tFtQkfwg4pg

Request Chain 207

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 214

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 215

https://um.simpli.fi/gp_match?google_gid=CAESEKLutu7DVT5jDx5EhaDU1v8&google_cver=1&google_push=Aa02lx9C66iFS_xUaKdKshfXARP4xsRWAM4L9VNxM7wMA5frmP75sZVXBrwVeo-5NtQ7SxpEG_J5dMRpqpxNhf308PN_MzZIqrvUamA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=918BBDDC1D0843BFA444EB3BF2D62EC8&google_push=Aa02lx9C66iFS_xUaKdKshfXARP4xsRWAM4L9VNxM7wMA5frmP75sZVXBrwVeo-5NtQ7SxpEG_J5dMRpqpxNhf308PN_MzZIqrvUamA

Request Chain 216

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMXf76RyMQhgFqZab1GuJnw&google_cver=1&google_push=Aa02lx_R7v8DASMH7Phbeacya2PkgGimwGQuJpXstQAd_oP1Gexj9YxCmanzVylo0Qqtu2JMuGfLRrgicndhqRH0rWc599MVDUWhgQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzc5MTU0NjQ5MTA0OTI4ODY0Ng&google_push=Aa02lx_R7v8DASMH7Phbeacya2PkgGimwGQuJpXstQAd_oP1Gexj9YxCmanzVylo0Qqtu2JMuGfLRrgicndhqRH0rWc599MVDUWhgQ

Request Chain 221

https://www.facebook.com/v2.8/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df20102da83028cc%26domain%3Danonyviet.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fanonyviet.com%252Ff3312f342190218%26relation%3Dparent.parent&container_width=1580&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fanonyvietdotcom%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width= HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df20102da83028cc%2526domain%253Danonyviet.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fanonyviet.com%25252Ff3312f342190218%2526relation%253Dparent.parent%26container_width%3D1580%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fanonyvietdotcom%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width

231 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
anonyviet.com/tieptucdentrangmoi/ 162 KB
38 KB 1572ms
1384ms Document
text/html 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3fe40ef9a202db16183076b4fc07b5b5ae7ecd5830814f7db93b0031be4828d

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7a49b95f2b4130c0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 08 Mar 2023 08:31:50 GMT
hostvn-cache: BYPASS
link: <https://anonyviet.com/wp-json/>; rel="https://api.w.org/" <https://anonyviet.com/wp-json/wp/v2/pages/16743>; rel="alternate"; type="application/json" <https://anonyviet.com/?p=16743>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kEnAl%2BWH%2BIwimf91R0StPcPC2bCrEgfLU7FsMr4Of8Prw0BZ8o%2F0oahQzz70FaeyI%2FM5GoFNQiMtn2UbKseBir88FKu47W3XwFyunDG8zt9wpKO0zwME84lHwZ2fPqXXp9Il0RgpeCKb5II7"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
vary: Accept-Encoding
x-content-type-options: "nosniff" always
x-proxy-cache: BYPASS
x-xss-protection: "1; mode=block" always

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.4.0/css/ 119 KB
20 KB 83ms
36ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/css/bootstrap.min.css

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f429f4e2829515fb4ff9b67d875c2d023f08610e15a049ac0976715dd02182a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 5363338
cdn-cachedat: 11/02/2021 18:14:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 32a59edb542812a95fcff70fcc606a80
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7a49b968382e694f-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 131ms
35ms Script
text/javascript 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 06:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Mar 2024 06:54:10 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.0/ 11 KB
4 KB 72ms
26ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.0/jquery-migrate.min.js

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96e6c17750959ad07d14787e73509692be230928accc68fb6e1cd63e9360c350

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 12069374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3595
last-modified: Tue, 05 May 2020 02:01:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0c902-2b33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5ezrRj4oVjrLLvmc%2B6DYWa6ngz5M0hozjMFCFGRsK7znfEoSw0%2BFsw5URRGiWxgCuFqnoePnQbxj4QDWi%2FcUgI%2BvQHS9sd9aPiWcOLstoAQ4T3diIyjc6tvp6cGnxgp5qSFHrOcEKcPhb7wEgmByIHp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a49b9683cf99b94-FRA
expires: Mon, 26 Feb 2024 08:31:51 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.0/js/ 79 KB
19 KB 73ms
27ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.0/js/bootstrap.bundle.min.js

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1055150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19084
last-modified: Tue, 12 May 2020 17:56:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ebae359-13cbc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFHyZquOWtTyprzC2kALpYWS4KMrjRQFSl9mWLQbg%2BmOXIlkKxEMMibP%2BRWLvMETC1s7ahkTTbq9unZF0cYxIdYevcQbtTrc6A%2FUng4l9YhpSCIy6CujknoNU25SAXKqZ63s2rDtNSfQjlO7jMB0UPAS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a49b9683cfa9b94-FRA
expires: Mon, 26 Feb 2024 08:31:51 GMT

GET
H2 200 style.min.css
anonyviet.com/wp-includes/css/dist/block-library/ 93 KB
13 KB 492ms
487ms Stylesheet
text/css 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-includes/css/dist/block-library/style.min.css?ver=f59f6a0f1ead8365d33c898d3b7dee43

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:51 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Nov 2022 01:42:10 GMT
server: cloudflare
etag: W/"63743ff2-172a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08qseMdDbxkLOBftNrNKwOo4IRtaKR23WbJ00OKfveg5qm46I%2BGPyRCltabxCHjA4j%2Bj6yP46DWIwSnKwQPVttVLEqq8Mol8Jf7nEz7liPD5qh9JCHs2VNF3HGh61za93TW3KPYYrD6H13sX"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7a49b967efc530c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 classic-themes.min.css
anonyviet.com/wp-includes/css/ 217 B
482 B 385ms
380ms Stylesheet
text/css 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:51 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 02 Nov 2022 05:22:24 GMT
server: cloudflare
etag: W/"6361fe90-d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smD6neHIBpZEOcqaM%2BYA1AzSyXeeZzVG%2FxJVp7txdRvCzVAF22w6AXmpV0WGmaPPOtK0Ul%2BTdaJ3NESHpAA7qEXlblBAirN0F%2Ffpfud0nS9kdwjIlo69%2FvIuwMTI%2FnBeRswWXGk%2FRUFNhc1C"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7a49b967efc730c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 styles.css
anonyviet.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 823ms
818ms Stylesheet
text/css 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.4

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:51 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 19 Feb 2023 07:19:06 GMT
server: cloudflare
etag: W/"63f1cd6a-b2b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gH9p8XQdUIRQaAFj9uw9bdGNycUORTkMlMdPqQTEDkmfXxtDvuILVJXu6Xvu6%2BoEwt%2F%2FkVIXc9auT7h%2B6HUiNjNjTT1S64y8ZW0li%2BlzNTtuNg8zgE5VNpQiyoMqbGGE3s0GAjLhlliBFBJ0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7a49b967efca30c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 kk-star-ratings.min.css
anonyviet.com/wp-content/plugins/kk-star-ratings/src/core/public/css/ 2 KB
882 B 869ms
865ms Stylesheet
text/css 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.4.2

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cd6396792d7bfdd898dcb9f2ee195387179b30fb4cc2cdc0c57575fab655230

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:51 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Dec 2022 01:14:51 GMT
server: cloudflare
etag: W/"639fbb0b-8d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQ%2BSE1w7W0vGpRsHGeZdkV8FoaIq1%2BuQNtlMI5fEItdJ4K2DAMnGfv0bSk4cKgjFJXTOM%2BNksJREaCn8kadmUzgFzn%2Fzqe0r8BT%2BBHR6t1I3FlY05TzxHWVMedbWeUnypVqcVHd2ZyV7Oq2U"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7a49b967ffcd30c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 font-awesome.min.css
anonyviet.com/wp-content/plugins/rescue-shortcodes/includes/fonts/ 30 KB
7 KB 453ms
449ms Stylesheet
text/css 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-content/plugins/rescue-shortcodes/includes/fonts/font-awesome.min.css?ver=4.7

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:51 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 19 Apr 2019 02:26:18 GMT
server: cloudflare
etag: W/"5cb931ca-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HEK%2FdeWb%2BPYHKZGEHelwQm0x8VHG1SQPjLBZPRv%2BLloJzficouTT3RbrWQMi3%2FY0tA0uFTUP%2F0D07JvYYy%2B1B6U%2BSHheRtlJse%2BWF7bIlQuPJnbRTAp0HobdyGLgSAf8a1Das65ZGxe1cXw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7a49b967ffd030c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 rescue_shortcodes_styles.css
anonyviet.com/wp-content/plugins/rescue-shortcodes/includes/css/ 15 KB
3 KB 345ms
342ms Stylesheet
text/css 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-content/plugins/rescue-shortcodes/includes/css/rescue_shortcodes_styles.css?ver=f59f6a0f1ead8365d33c898d3b7dee43

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548bbadf154ec47e52b1050b83e2899a75b4902e178a90bb38e8d621a9e22a06

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:51 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 19 Apr 2019 02:26:18 GMT
server: cloudflare
etag: W/"5cb931ca-3d0b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkjgPXzu1xHcmwOh1G3nXN8T0qi%2FxPF%2Bm%2F%2B2qRu%2FHpft9FLuDTCnA9ocGg0ty3aoFKBo31gKqPpqEor36ghPXNeh0pw8PDfM9DpZUBXqp98ek0wn%2B91q7%2BPbuXmNiH4FrvNmTKLQ66yHKGw2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7a49b967ffd230c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 js_composer.min.css
anonyviet.com/wp-content/plugins/js_composer/assets/css/ 452 KB
45 KB 599ms
596ms Stylesheet
text/css 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.10.0

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a2d500d4ac0bba5317698b68c383179098a0ad47879f56de7318ceb37fba68e

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:51 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Nov 2022 09:35:49 GMT
server: cloudflare
etag: W/"6374aef5-70ee5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tcqqtlzjct1Eo%2B%2FNa5SpcHt09JOeRFeXlgTbdPwMfGpN5E8wN08r%2B4rvPbN0iUypVRs6uXkXUCufjx95FBX4vFx98OfppI1s7%2FmOfoQkjqbIz7RUx7oHNC7sJukG4f87xr8CI6zl2kB0iNe"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7a49b967ffd430c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 149ms
56ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2C700%2C500%2Cregular&display=swap&ver=1.3.0

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Mar 2023 08:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 08:28:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Mar 2023 08:31:51 GMT

GET
H2 200 enlighterjs.min.css
anonyviet.com/wp-content/plugins/enlighter/cache/ 78 KB
10 KB 980ms
977ms Stylesheet
text/css 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-content/plugins/enlighter/cache/enlighterjs.min.css?ver=yqmw0baqAA4fsOi

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2db9f73aadc19fc7a482d18f2ad3626268a76237e4d64f07d46214ca3fed20d6

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:51 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 20 Jan 2023 23:36:24 GMT
server: cloudflare
etag: W/"63cb2578-1388a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QMnsvAkR54jS0PRzNkECj3HRQ77YY7R0GSurLQ8Gs1gdt8dno8v%2F9yMFUUs3JHyh4pr3VbIWp8Yia5IOO9lXUftDwbEjmACoGI1PpN6yTh%2BhBOfZvZPcnl8dFQdaDdRQd4pFtjyDiOsLJoq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7a49b967ffd730c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 frontend.min.css
anonyviet.com/wp-content/themes/jnews/assets/dist/ 588 KB
95 KB 1166ms
1163ms Stylesheet
text/css 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=11.0.1

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

feb53de7103cfe17c2e2a4468dfd1c7c54250b52f433f033b16f1dc89e4d5de5

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:52 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 28 Feb 2023 09:01:44 GMT
server: cloudflare
etag: W/"63fdc2f8-9309a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aV12SvmQkmI5XQVejzPDJuemzvupqPSLPRmvfOtukcm%2F9O1%2BBztwydyXA3N6%2FcVrz7RH72d0l%2FlW1CC0Fs3w7cEWRBZtyxFMzOC8%2Fy%2Boxud1zAMe5Po0x33wyPXlNiBNxexfkkXBdmSidO8Y"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7a49b967ffd830c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 js-composer-frontend.css
anonyviet.com/wp-content/themes/jnews/assets/css/ 3 KB
599 B 400ms
397ms Stylesheet
text/css 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-content/themes/jnews/assets/css/js-composer-frontend.css?ver=11.0.1

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c468f25c66a9aeaa637ca5244f64ec7f967734b2dc2aa92b667cf5316155e81

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:51 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Dec 2022 04:50:16 GMT
server: cloudflare
etag: W/"639fed88-bb7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqAnmF%2BnpJ8PJ4FY8tWIprQ2s0X%2BIpZIfkA0xWO%2BIwTiSBATpgmbWu%2FyCBB3wEtm4Q3nFz9eUvfE8MtS6tUODE0ccHQDu5uhQ3sZrwplZ8ojBDn7sX7G1IRNircC6KDYe8Cbi7Uz%2FK8IFu5w"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7a49b967ffd930c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 style.css
anonyviet.com/wp-content/themes/jnews/ 427 B
584 B 393ms
390ms Stylesheet
text/css 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-content/themes/jnews/style.css?ver=11.0.1

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2ac0c300cb6d56d95595853c2ade73359dcc18dacb24782c539213934ff7b1c

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:51 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 27 Feb 2023 10:29:32 GMT
server: cloudflare
etag: W/"63fc860c-1ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DmtrCVazfHg3Up6AIgNcZKcH1HvqnntOIhIy02e15ij62LbuV52qVoV0%2FPXJZJNCnXTmRP5Drhbqan%2Fb%2F86MvZ0PEuiHq39nZ2rdOKdnqptOmCvmtb5%2BdpiFixAzNRNbVG2NQ5sE0lO2L5hA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7a49b968082c30c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 darkmode.css
anonyviet.com/wp-content/themes/jnews/assets/css/ 46 KB
8 KB 467ms
465ms Stylesheet
text/css 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-content/themes/jnews/assets/css/darkmode.css?ver=11.0.1

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fadf99638094a841349a5bc82be83289b9b7c795838626f5ab8462763bad224

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:51 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Dec 2022 04:50:16 GMT
server: cloudflare
etag: W/"639fed88-b6ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ii0PpJxyYKt3z%2B9JzPvxQm9pJNZYMLbzT3i7198GgayMnP1qR4cL9OqAZgyCSlKm3AcZ%2BmvwUuf%2BYrbgFjoLJD8TZfLqjV0qX4OCKyTfFhKkCj7PYdaW0%2BgN35pL1K3qkyWSrvQV%2FZu5Seva"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7a49b968082f30c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 jquery.min.js Show response
anonyviet.com/wp-includes/js/jquery/ 88 KB
32 KB 961ms
959ms Script
application/javascript 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:51 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 02 Nov 2022 05:22:24 GMT
server: cloudflare
etag: W/"6361fe90-15e54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dab4cUp0EJR%2FEMsaNKDOu%2BftwkSzgMgq6dxbWescg8uuGD8UI6QEiuxDvS4cyerpcmdk6qNeARHpAn7hNJUUEC1lBLpfRzpTRxA%2BWT4CXaUSz1%2B4cfyB5obV0xlPRRYKJuE0G0YM0mXG%2BRGQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7a49b968083630c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 jquery-migrate.min.js Show response
anonyviet.com/wp-includes/js/jquery/ 11 KB
5 KB 395ms
393ms Script
application/javascript 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:51 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Dec 2020 02:32:40 GMT
server: cloudflare
etag: W/"5fd03748-2bd8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1Wg7NdNB%2FQ%2FWicNE6rponTkYRRrA2HtivPCt%2BewbiPAh%2Bb5Mz4kAF1rsEIckaEX7%2BhqIgpwtM05RU0KZ%2B%2BT4nGebx%2B4USCHaqjkDwDgu0n6AxBzTcS80sByxWBpZy9WU3BQC1yXs1jXolq4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7a49b968083830c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
48 KB 192ms
84ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2642640466336649

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5d2ea2d47c3b3f850beb6f9461fb4827e512f91ba5efb19715f350979a39cc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Origin: https://anonyviet.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48646
x-xss-protection: 0
server: cafe
etag: 12293136332086510875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 08:31:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 183 KB
68 KB 84ms
34ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3BC4SCE7WS

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af209aa7494525be2b331227ec57fbe731749a484662424fb28072badbf4b61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68972
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Mar 2023 08:31:51 GMT

GET
H2 404 chuyen-huong.css
anonyviet.com/wp-content/themes/jnews/css/ 0
0 924ms
922ms Stylesheet
text/html 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-content/themes/jnews/css/chuyen-huong.css

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:51 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8hJUS676F5I7UeGdQGIsNUxfXh5cJaRxzeItnS5o5%2FLkX7Reb2h19TW4k7ClctTNheKrtwWoQNpMeaxr9KeK%2F3s0zA5b0fvQnj4VCnx9az0bhOzORnkWdT6MYWGTbd136ZZz7d2%2BuL2pxRu"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7a49b968083130c0-FRA
x-xss-protection: "1; mode=block" always

GET
H2 200 logo272x90.png
anonyviet.com/wp-content/uploads/2018/09/ 6 KB
7 KB 392ms
390ms Image
image/png 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anonyviet.com/wp-content/uploads/2018/09/logo272x90.png

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bacbbc585275032e9c612473e00d2072bb1815f8b45717dfcfc6487e6d1b5482

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:51 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 6496
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 13 Oct 2018 09:58:06 GMT
server: cloudflare
etag: "5bc1c1ae-1960"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZtxjDN7Z%2Bke1LKUMvznBrqHfGL4voBijuWWQNK15Zyr%2BWMYrfYg6lVnPnn7DLEKKK%2FL0Hsro1pEyAFZWSbIW1POI9JydpMfz9nv%2Br2fQg7FHEB5StKUedGMXgDaZFjeEMiYv53gp1mGsvFS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
cf-ray: 7a49b9691aed30c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 jeg-empty.png
anonyviet.com/wp-content/themes/jnews/assets/img/ 70 B
637 B 802ms
799ms Image
image/png 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anonyviet.com/wp-content/themes/jnews/assets/img/jeg-empty.png

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:51 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 70
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 15 Jul 2021 06:54:10 GMT
server: cloudflare
etag: "60efdb92-46"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4xfjFRs3kjcs3sWDT7KRZqgDpJbUq%2BU5nf2slmUugPOTzJRpRkZHp%2BYaEiHzZxL97WbkadZzEjdS5aCM8SSw56JvneaeNNDLN0tX2dsVxkMgHrnSrPoPjWHQLKW1Tx5UZzfeCEx20wcj03E"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
cf-ray: 7a49b9691aef30c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 logo-anv.png
anonyviet.com/wp-content/uploads/2018/10/ 16 KB
16 KB 383ms
380ms Image
image/png 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anonyviet.com/wp-content/uploads/2018/10/logo-anv.png

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28c926f1275b729eedf81bb869082a2715898ae82a25fd4da8e8ba2104d7e63f

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:51 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 16344
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 13 Oct 2018 18:25:08 GMT
server: cloudflare
etag: "5bc23884-3fd8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAe5dplAiP5%2B4lE4H%2Bqez05XTGf0WZHaENBU2OuzMvbp7mTQ14GLznGqqvhaP4m2aZXDdKL4s4WVJpr24KffHki%2B8eTq8TmzrXkMv6sfJDgOvSJ5XXpeQlHUFbPeNfLtUxqB6essbWNfPDwy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
cf-ray: 7a49b9691af130c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 co-viet-nam.png
anonyviet.com/wp-content/uploads/2021/10/ 824 B
1 KB 1249ms
1247ms Image
image/png 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anonyviet.com/wp-content/uploads/2021/10/co-viet-nam.png

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45f768f0645b03e75c61604c9d8cd684b9ad27a59fea01c8e6d5183c003925b8

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:52 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 824
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Oct 2021 01:32:14 GMT
server: cloudflare
etag: "6167889e-338"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHsRwurVuLCH%2FP%2FF%2F7s2stxgsql3%2F5fSVAwASx7CAwg9MS7n2g%2FAQSFS8oj9lw1HclDjmvTBpUYWfr6rBujCS7MbupWizAu64nAuWsipFfY4vcyEISmCSKEUZwlw2MEVfprLEs%2BATS0v%2Bitb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
cf-ray: 7a49b9691af230c0-FRA
expires: Thu, 07 Mar 2024 08:31:52 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 96ms
30ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8b6332c7602c339807b3e262c29b0acb00fc308ef2f6d9636ba5ab41a380540

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27156
x-xss-protection: 0
server: sffe
etag: "1504 / 59 of 1000 / last-modified: 1678230427"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Mar 2023 08:31:51 GMT

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
5 KB 85ms
26ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=01fbf39a-d7d1-4318-bc17-316e0b338240
Requested by: Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:51 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: Microsoft-IIS/10.0
etag: "0abbdbd420cc1:0"
x-powered-by: ASP.NET
x-hw: 1678264311.cds328.fr8.hn,1678264311.cds241.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/_dmca_premi_badge_4.png>; rel="canonical"
content-length: 4535

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
672 B 86ms
24ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:51 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: Microsoft-IIS/10.0
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1678264311.cds328.fr8.hn,1678264311.cds057.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 395

GET
H2 200 index.js Show response
anonyviet.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 913ms
909ms Script
application/javascript 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.4

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:52 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 19 Feb 2023 07:19:06 GMT
server: cloudflare
etag: W/"63f1cd6a-2945"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9VjFil51ZgnkQGBn%2BYxRsn9OJZCihNatGBy3axIJRmmOASFUB5GL06So3b%2BqIJeSvEkexJje%2F%2F%2FNySnJzXubYmIV5xSez4GmjuCpkIcFx6UYK1lyGp4P6Tq3qNumNrut8TMQS0THkTpKNTU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7a49b9691adf30c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 index.js Show response
anonyviet.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 907ms
903ms Script
application/javascript 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.4

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bac631dfefdb96cf5526520c21e9ef3f585bba973970a7e62b10c945741105c

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:52 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 19 Feb 2023 07:19:06 GMT
server: cloudflare
etag: W/"63f1cd6a-3294"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYnoBtokzJaqshvVDc9wjAKGARfSHXd2jeqKjqDq6Ss9ZpIommtFrLsfqQTAhD8YacwvUv707HRJ7Hl471EeQ9P2ORfYcaz17%2FqSQp896XkqTKnIdbAbvVihC5cvi%2F%2F8J8YDjaIe8n2i1tiI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7a49b9691ae030c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 kk-star-ratings.min.js Show response
anonyviet.com/wp-content/plugins/kk-star-ratings/src/core/public/js/ 1 KB
1010 B 362ms
358ms Script
application/javascript 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-content/plugins/kk-star-ratings/src/core/public/js/kk-star-ratings.min.js?ver=5.4.2

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acdebf935ded5cb063dcca7c46be5bbc503af5e76e295f6d0b7093c4514ed256

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:51 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Dec 2022 01:14:51 GMT
server: cloudflare
etag: W/"639fbb0b-54f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WFqFhYHKfSOkp7DkjrVdBCR6bg2yXKL3T3VzxhZOYXmg2z%2FLRl565btQzqqdquPWcJDxYUp5cLACH514qRwHG15KjiS698Q4A980qBv2yAQi%2BcdEMFoSd%2FyW8f%2Ba8DZdH8sVHTkgIA3PZcj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7a49b9691ae230c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 comment-reply.min.js Show response
anonyviet.com/wp-includes/js/ 3 KB
2 KB 857ms
853ms Script
application/javascript 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-includes/js/comment-reply.min.js?ver=f59f6a0f1ead8365d33c898d3b7dee43

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:52 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 25 May 2022 01:02:10 GMT
server: cloudflare
etag: W/"628d8012-ba5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JbEI%2FZItYPoqWrKBdlpMlsksQPTAKUUET9zYKLQ92sO4zUHJ%2FJo5HG65Zq%2BQF%2Fpqj8HqDMH6BaBsxzgdFTm544FgeAINEUicwqQx%2BVfW82XtfpfCP5qnAfScZyQ6trg6hitbD9sznl8yHxHw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7a49b9691ae530c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 hoverIntent.min.js Show response
anonyviet.com/wp-includes/js/ 1 KB
1 KB 960ms
957ms Script
application/javascript 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:52 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 25 May 2022 01:02:10 GMT
server: cloudflare
etag: W/"628d8012-5db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSE48LVQmxC9EL9rg99y3PENOjZWuMpsevbCzMCxoC8zXxCG56owKrJQM8h868oDUU9C6U6IHAooGU8NfZhNjH7E6lEoxodoeSzWv1fE6R%2FsT41sUiMCbb86pzMPaTIdQDzjP%2FCXK9ZzfLxz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7a49b9691ae630c0-FRA
expires: Thu, 07 Mar 2024 08:31:52 GMT

GET
H2 200 imagesloaded.min.js Show response
anonyviet.com/wp-includes/js/ 5 KB
2 KB 347ms
344ms Script
application/javascript 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:51 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 12 Aug 2020 02:55:31 GMT
server: cloudflare
etag: W/"5f335a23-15fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4pfaJmvERAQmo1PonbceMP1XcG%2FH7LO4OfLo5p0HLFHdtBHUe3xwliI09S%2Fb7OfSBKN0a1ofIUKEV8GY6%2F6gVQdGaTpB6OgJAO2VOdOWfBNKw4TxtDBtafBWbAm%2BxAMI2Ug3CxkiY%2Bj6LhBC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7a49b9691ae830c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 frontend.min.js Show response
anonyviet.com/wp-content/themes/jnews/assets/dist/ 298 KB
87 KB 555ms
552ms Script
application/javascript 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-content/themes/jnews/assets/dist/frontend.min.js?ver=11.0.1

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48b2d240737cceb970b7b3ef8b86aef31f321c9d51f0af1fa1f4c68544e5d498

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:51 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 28 Feb 2023 09:01:40 GMT
server: cloudflare
etag: W/"63fdc2f4-4a9ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlEDYchxC9hk4wW7z%2FJ%2FadI%2FP4XeTdeeaiXjGCB7Nt9SB%2BF3Dqc%2BL1RDOy2HtzMudss4zJm4c1cB4%2BVM76LRkuVePWod7dqhiyDxtPhRB9L8qsBmwtOVDGZJr38nV44R2AHgDsdcU1LqGt6k"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7a49b9691aea30c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 enlighterjs.min.js Show response
anonyviet.com/wp-content/plugins/enlighter/cache/ 62 KB
18 KB 951ms
948ms Script
application/javascript 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-content/plugins/enlighter/cache/enlighterjs.min.js?ver=yqmw0baqAA4fsOi

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2d31599822dae1353d655633c6dbd9454ef2138d172798f4a91119eedd6d89d

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:52 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 20 Jan 2023 23:36:24 GMT
server: cloudflare
etag: W/"63cb2578-f756"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jU4cqgHLg6YoyIB50Dm1295CUVW%2BTifxfhWNBuPU%2BlnnF%2Fbblq7TS3ZylFL%2BRVA%2BDahfk6KJd12WI3bOLGN%2FjXUFoeV4Ci%2FWDv5JiRADoN0M3w3cWY2DCeIogUzCYtC9ydL1dN%2BeM4KhXhZH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7a49b9691aeb30c0-FRA
expires: Thu, 07 Mar 2024 08:31:51 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 203ms
113ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

664e73c5179ee5b5bd9bc25d38f940db171a99015670d017a8049898c4086382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27156
x-xss-protection: 0
server: sffe
etag: "1504 / 148 of 1000 / last-modified: 1678230526"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Mar 2023 08:31:51 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 100ms
56ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Origin: https://anonyviet.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:51 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7a49b9695d6e8fd1-FRA

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 125ms
34ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2C700%2C500%2Cregular&display=swap&ver=1.3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://anonyviet.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 13:13:56 GMT
x-content-type-options: nosniff
age: 501476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 13:13:56 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 168ms
79ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2C700%2C500%2Cregular&display=swap&ver=1.3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://anonyviet.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 12:43:54 GMT
x-content-type-options: nosniff
age: 503278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 12:43:54 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 360 KB
119 KB 162ms
91ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2642640466336649&plah=anonyviet.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2642640466336649

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ff621ac7fa5d46c69366b0e695c90c06ac8c01cc280a99dd64515aa33e433b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121462
x-xss-protection: 0
server: cafe
etag: 15585597627735240235
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 08:31:52 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230302/r20190131/ Frame 7F60 10 KB
5 KB 72ms
21ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230302/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2642640466336649

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 18:37:02 GMT
etag: 2378337311435320485
expires: Tue, 21 Mar 2023 18:37:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fontawesome-webfont.woff2
anonyviet.com/wp-content/themes/jnews/assets/dist/font/ 75 KB
76 KB 389ms
389ms Font
font/woff2 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-content/themes/jnews/assets/dist/font/fontawesome-webfont.woff2

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=11.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Referer: https://anonyviet.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=11.0.1
Origin: https://anonyviet.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:52 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 77160
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 28 Feb 2023 09:01:44 GMT
server: cloudflare
etag: "63fdc2f8-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BN6SUo48NXbuhepK%2B%2Bw9wvxkUrKdmb3J3BWfrrdGWlt%2FhJN3TKj1ciN%2BVZhXSr02BcrXk7zycXh3%2BNFWcg7T9N4IsHdKYMqC6a19dYyQ3R0z28tW0G6c%2F3gA86ajAcMr2sT%2BZZChYoFN%2FYQH"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7a49b9712fe430c0-FRA
expires: Thu, 07 Mar 2024 08:31:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 130ms
86ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2C700%2C500%2Cregular&display=swap&ver=1.3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://anonyviet.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 12:23:05 GMT
x-content-type-options: nosniff
age: 504527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 12:23:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 111ms
69ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2C700%2C500%2Cregular&display=swap&ver=1.3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://anonyviet.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:31:32 GMT
x-content-type-options: nosniff
age: 478820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11824
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 19:31:32 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 76ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3BC4SCE7WS&gtm=45je3360&_p=750522802&cid=2112452769.1678264313&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678264312&sct=1&seg=0&dl=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&dt=%C4%90ang%20l%E1%BA%A5y%20th%C3%B4ng%20tin%20d%E1%BB%AF%20li%E1%BB%87u%20-%20AnonyViet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3BC4SCE7WS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://anonyviet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 59ms
42ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2C700%2C500%2Cregular&display=swap&ver=1.3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://anonyviet.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:57:30 GMT
x-content-type-options: nosniff
age: 574462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:57:30 GMT

GET
H2 200 pubads_impl_2023030201.js Show response
securepubads.g.doubleclick.net/gpt/ 385 KB
130 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f840763a07b5312fc63528256e33b2b0c49ba19d3ff5a2167d3496236f0afc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 07 Mar 2023 18:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49601
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133088
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 09:36:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 06 Mar 2024 18:45:11 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 685 B
344 B 139ms
67ms XHR
application/json 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=anonyviet.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1919eaa9a8c784fd55dd273fe1d5f1be8e5286b2f23ed5773bffea4fab74b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 319
x-xss-protection: 0
expires: Wed, 08 Mar 2023 08:31:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 5 KB
6 KB 34ms
33ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2C700%2C500%2Cregular&display=swap&ver=1.3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://anonyviet.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:45:33 GMT
x-content-type-options: nosniff
age: 24379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5548
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 01:45:33 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 5 KB
6 KB 34ms
33ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2C700%2C500%2Cregular&display=swap&ver=1.3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://anonyviet.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:57:49 GMT
x-content-type-options: nosniff
age: 23643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5560
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 01:57:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 08:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1022
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 08 Mar 2023 10:14:50 GMT

GET
H2 200 jegicon.woff
anonyviet.com/wp-content/themes/jnews/assets/dist/font/ 7 KB
7 KB 367ms
367ms Font
font/woff 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-content/themes/jnews/assets/dist/font/jegicon.woff

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=11.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Referer: https://anonyviet.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=11.0.1
Origin: https://anonyviet.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:53 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 7144
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 28 Feb 2023 09:01:44 GMT
server: cloudflare
etag: "63fdc2f8-1be8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSMAh8DQCBLCgPjhuWhCk9DZJu9HKG44u99TYTBGSs%2FPa1sWfeJuSy%2FUleNCMSvTs9fPyNFEP7e48NvNXm8wCn6m2ertexkBLGgbaWlumx5hmjTVlr%2F8xz2yaNXVqvecisoXOOS9264H7Chn"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7a49b972693130c0-FRA
expires: Thu, 07 Mar 2024 08:31:52 GMT

GET
H2 200 app.min.js Show response
cdn.webpushr.com/ 41 KB
12 KB 182ms
48ms Script
application/javascript 167.172.175.225
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.webpushr.com/app.min.js
Requested by: Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.172.175.225 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 8a5d0e9eb548299980ec962ed34068013e54c3ccc4b4b29190ec8068c0fc9601

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:52 GMT
content-encoding: gzip
last-modified: Mon, 27 Feb 2023 19:18:29 GMT
server: nginx/1.16.1
etag: W/"63fd0205-a29f"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
x-gg-cache-status: HIT, HIT
cache-control: max-age=86400
expires: Thu, 09 Mar 2023 08:31:52 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 90ms
28ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=anonyviet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 161ms
57ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=anonyviet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 320ms
320ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4165028374417609&correlator=632581372187295&output=ldjh&gdfp_req=1&vrg=2023030201&ptt=17&impl=fif&iu_parts=21622890900%3A22527870362%2CVN_anonyviet.com_pc_article_below_728x90%2C300x250%2C336x280&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3&prev_iu_szs=728x90%7C300x250%7C336x280&ifi=3&adks=1555566212&didk=823184411&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1678264312777&lmt=1678264312&dlt=1678264311003&idt=1653&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&frm=20&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf6e4bba0b899b524b548bf23c41019c1aa61cf3fed996bebc1049eaf5cec405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 211995
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12735
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 314490
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://anonyviet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
577 B 83ms
83ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4165028374417609&correlator=632581372187295&output=ldjh&gdfp_req=1&vrg=2023030201&ptt=17&impl=fif&iu_parts=21622890900%2CVN_anonyviet.com_pc_article_below_728x90%2C300x250%2C336x280&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3&prev_iu_szs=728x90%7C300x250%7C336x280&ifi=4&adks=2199755079&didk=1257029545&sfv=1-0-40&eri=2&sc=1&cookie_enabled=1&abxe=1&dt=1678264312788&lmt=1678264312&dlt=1678264311003&idt=1653&adxs=436&adys=1020&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&frm=20&vis=1&psz=1580x0&msz=1580x0&fws=0&ohw=0&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eeee178c2c744742504a107a69ac6850f3bdd38b6e91785d45ffaa88b5260e22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 547
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://anonyviet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
850 B 521ms
521ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4165028374417609&correlator=632581372187295&output=ldjh&gdfp_req=1&vrg=2023030201&ptt=17&impl=fif&iu_parts=21622890900%3A22527870362%2CVN_anonyviet.com_mb_allsite_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&adks=1380747159&didk=3168696000&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1678264312793&lmt=1678264312&dlt=1678264311003&idt=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea3f3023104b5f4fff7c92e90cdcc12c9369f6a9984d34b36b67e82b93852ba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 820
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://anonyviet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F702 6 KB
3 KB 151ms
28ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 08:31:52 GMT
expires: Thu, 07 Mar 2024 08:31:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2023030201.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
13 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023030201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61f65ffb477798fa5c43f612569ca418f3768d11bcf083c48684d50c0e3983d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506096
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13779
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 09:36:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 01 Mar 2024 11:56:56 GMT

GET
H2 200 tinproxy.com_.gif
anonyviet.com/wp-content/uploads/2022/11/ 584 KB
585 KB 399ms
399ms Image
image/gif 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anonyviet.com/wp-content/uploads/2022/11/tinproxy.com_.gif

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b9d993214b34e5c5f6c6f5d273bf1d600d21f37cd8fa3d2c4cc19ef0af96044

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-proxy-cache: BYPASS
date: Wed, 08 Mar 2023 08:31:53 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 598369
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 19 Nov 2022 16:00:33 GMT
server: cloudflare
etag: "6378fda1-92161"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2B3xZnfn8Mwz4HaMUbdN2KKWGrYOlMzMwVF%2FU90Q%2FKMEKikhmCG1EcnkJB%2B61nOPucKGCfbVrYXq0rG4DSYYRg70SI3qdH1JX7I1KyzTfc83AQrDVGmsfjaA0jaEfO%2FCpgpJIYeIs%2Bdfayra"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
cf-ray: 7a49b9732a0f30c0-FRA
expires: Thu, 07 Mar 2024 08:31:53 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
605 B 89ms
29ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=anonyviet.com&callback=_gfp_s_&client=ca-pub-2642640466336649

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2642640466336649&plah=anonyviet.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc57fa080ddff449bf9688de3151827a8b98d67669b23798e31520befe4e7332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4D75 195 KB
48 KB 522ms
520ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&adk=1812271804&adf=3025194257&lmt=1678264312&plat=3%3A16%2C4%3A16%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264312474&bpp=6&bdt=1471&idt=366&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5256364240302&frm=20&pv=2&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=459

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c3a243888bcab4081eed3ced9d82ac05f778de88d1b8a7b698011f55772f47e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 48813
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 08:31:53 GMT
expires: Wed, 08 Mar 2023 08:31:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 528C 110 KB
38 KB 1020ms
1018ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=280&slotname=2284993155&adk=1104571469&adf=203526347&pi=t.ma~as.2284993155&w=1200&fwrn=4&fwrnh=100&lmt=1678264312&rafmt=1&format=1200x280&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264312519&bpp=12&bdt=1516&idt=445&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xBob3s5L08&p=https%3A//anonyviet.com&dtd=455

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1037b86726d75746e484fc71deba07e385af13ebc9fc0d87806e6b68271e2c30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38860
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 08:31:53 GMT
expires: Wed, 08 Mar 2023 08:31:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/vi/ 3 KB
2 KB 63ms
20ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi/sdk.js

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/wp-content/themes/jnews/assets/dist/frontend.min.js?ver=11.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cae70f7f613213bdc11271cda588e057abc99c8d7b45c33699631707a771ee71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 08:31:53 GMT
content-md5: HOssjqt3PMPuRK30ELfz7g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: Bot45X7Dnr5BfUgBSosGWON/nvdGh0BYgS2iJ577QglXkEmBHHdIUSVjqzIMLBuEnR7qxXa3618KddGFZBmL8Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 14b8ea364dbf4c56c58f3bd724148e37
cross-origin-opener-policy: same-origin-allow-popups
etag: "6a592f776004dc8a9873a988086701d9"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 08 Mar 2023 08:35:35 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
207 B 27ms
26ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=750522802&t=pageview&_s=1&dl=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&ul=en-us&de=UTF-8&dt=%C4%90ang%20l%E1%BA%A5y%20th%C3%B4ng%20tin%20d%E1%BB%AF%20li%E1%BB%87u%20-%20AnonyViet&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=253126669&gjid=1569505164&cid=2112452769.1678264313&tid=UA-85369778-1&_gid=480850209.1678264313&_r=1&_slc=1&z=1919686646

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://anonyviet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 84ms
27ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-85369778-1&cid=2112452769.1678264313&jid=253126669&gjid=1569505164&_gid=480850209.1678264313&_u=IADAAEAAAAAAACAAI~&z=1834029439

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Mar 2023 08:31:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://anonyviet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 43ms
20ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ea1b34bef4c7b55a93892f6e5ee49325

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d978f321eccbc1abc8ecb97e525855c6950f8feda06ec0ad6d7d7b0e03933d4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Origin: https://anonyviet.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 08:31:53 GMT
content-md5: JpltSQSoXbPKFlAke6YW9g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87099
x-fb-rlafr: 0
x-fb-debug: BaLAN3yFgVUChZ9MaeJJUCO5D2RE3A7/wHPeB3H61+3e4Ne+p/O2QcFwlTxHNAv4XzWIiB3sHQQ1I1ZtLZjZFg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 10a43cee54349fcf7d1c25e87e25f91a
cross-origin-opener-policy: same-origin-allow-popups
etag: "b55ec4527cd1f628a393add0adafbb5e"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Thu, 07 Mar 2024 08:15:36 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 79ms
21ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 14:52:45 GMT
content-encoding: gzip
age: 1877948
x-guploader-uploadid: ADPycdsRdNetRtDsJgQiW3jYUzNf--RNUpFn-nwKEqicmnAPK9Kxkrw33U8-Nf4bE3OVkYOkM3hRKPoN1ickSNTXQUfbEEpP_Dou
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 14 Feb 2024 14:52:45 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 157ms
49ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 09 Mar 2023 08:31:53 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
900 B 63ms
20ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 08 Mar 2023 08:31:53 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 666
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 437
x-served-by: cache-fra-eddf8230042-FRA, cache-hhn-etou8220049-HHN
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 91ms
37ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b1546ae8f493de03b1ca99f9f955a20785679be18625354b363f2f8311f421b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 Feb 2023 11:21:55 GMT
server: cloudflare
x-amz-request-id: 72SJ98BPH5NRBYNS
age: 2572
etag: W/"b988c8d91b8a22dcd50f129d3a9d67f1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7a49b97568b63674-FRA
x-amz-id-2: sAdRQ23IcjMGFRCw1s7cZgLVr5ssar/2oaucXbzSysShilKIgGbMkRfz2MS2nLoou7fM1VcEZhk=

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 32 KB
10 KB 97ms
28ms Script
text/javascript 52.222.139.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-35.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ea737ac05e8ee5e490220d97b820834c18cd7c6f1da7d85007a51a5c64425df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 07:28:29 GMT
content-encoding: gzip
via: 1.1 c8398cf797b03d1d2d2deda33fe571f0.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:08:05 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 3805
x-amz-server-side-encryption: AES256
etag: W/"87ee016ad429d1c83712b8d81ccb3c59"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: _OyASVu_rPet1u3ChvRnu15fYTr0f5V6Da-ajCK71PO3jvN-_wmrmQ==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 78ms
21ms Script
text/javascript 2600:9000:2250:e600:a:e047:752:b361
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:e600:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 04:08:44 GMT
Via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 15790
ETag: "aded621b17723f487b3c9d0e43cf2f94"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: 6ZHHOp2tnyiDiSXUVixZNjmVPhrtpKNAzESjGzOGJTL3aph89QKRNw==

GET
H2 200 container.html Show response
31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7F16 6 KB
3 KB 31ms
30ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 08:31:52 GMT
expires: Thu, 07 Mar 2024 08:31:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 161ms
71ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-85369778-1&cid=2112452769.1678264313&jid=253126669&_u=IADAAEAAAAAAACAAI~&z=586441764

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 80ms
31ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-85369778-1&cid=2112452769.1678264313&jid=253126669&_u=IADAAEAAAAAAACAAI~&z=586441764

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7F16 0
0 76ms
74ms Fetch
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C33Gd-EcIZNmmNJHn3gOwkIyoA-6StZNcv6KFx-QFwI23ARABIABglfrwgYwHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBMcCT9C09LjyMky-qReLGeYu0bPwfWKw0S21IQs3jnyf0Z4Sl8cLHz3OogkgTywaSGVLvl34e7b1hrj8Cy5JNGIQs8Mw_B8ttnkXm9Jn8GdtGVHXI4CC1lrc8H2CrICB_FS1hvpJSZtO1T8Q2oAOx4oktC9HM_uiRJhXavTCv7fkrUlceEyQMGhxn3c4GIt-hv_CSL7_FEi4T4Xvmef_Jk20uOPF4dpjXh1Iz2NGAxDXaIHs-6xBRaEhRoCMAidayliCh6Np5HoQWoZWxcaVH8r95tPnDcd4yfa4Rv_3S67K7VzeaSaE4GvatiBfo4nIkwKtr9gZ-X7MByWCklq-OxwxkYeeZpGtJJU4I3fLsokSIfxYrULl2H2RcDfdv3sYJcRyV4zVzVy947GWoeoxIoE683Ff-7AZMTjFP9fHeecqmq2TC8Gb662f4AQBgAaBq7KvxOGOzRGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0xODcwNzYzNzk0MzY4ODMzgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTkwNTgyOTE4NTQ0NDM4ODEYttdp&sigh=aZIG4iXsTSY&uach_m=[UACH]&cid=CAQSTADUE5ymMOCAz650zHjI-seq0juMpjwe9A86rKb9gwKG6DB6vR1DFqGPIltTfK3zLFdyYfsrPPppKZrxpTxbedebr6yMw25fHKZX_M0YAQ
Requested by: Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 ttj Show response
ib.3lift.com/ Frame 7F16 13 KB
5 KB 105ms
24ms Script
application/javascript 18.66.97.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_desktop_300x250&tid=210
Requested by: Host: 31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com
URL: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-36.fra56.r.cloudfront.net
Software: /
Resource Hash: f7d8448242cefe7f9f68008d73cd8a07bcc79d419d7127f21caf1f5a2f99496a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:25:35 GMT
content-encoding: gzip
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 378
etag: "6dc0a6844a994fd3db24988a582130b9cfd2d929"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
content-length: 4515
x-amz-cf-id: BEIP0B447AnkiXqkD9rJNlWJLakLj1MF0u85KzGjgwZDl5YzKVPCsg==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 7F16 3 KB
1 KB 94ms
31ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js

Requested by

Host: 31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com
URL: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 07:29:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 07:29:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 7F16 20 KB
9 KB 90ms
26ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com
URL: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 19:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 19:39:02 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7F16 24 KB
7 KB 92ms
28ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com
URL: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 00:05:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 548770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 01 Mar 2024 00:05:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F16 158 KB
49 KB 85ms
82ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com
URL: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 08:31:53 GMT

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame 7F16 37 B
184 B 112ms
37ms Image
image/gif 18.185.173.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=ZAhH-AANE1kKd7ORAAMIMKgsCCIIdE-oS-bcOg&ts=1678264312&aid=42972975451547897721560&ec=2460_90892_65815469&n=Gs4EaHR0cDovL2IxLWV1ZGMxLnplbWFudGEuY29tL2JpZGRlci93aW4vdHJpcGxlbGlmdF9kaXNwbGF5L2FkYTI3OWE0LWJkOGItMTFlZC04YzBlLTk5NmUzYWJiMDczNy8wLjAxMy9KSVI3WUJBWTVQUzRPS1BKVk5XQVBDNU5XR09XS0Q1SVlGQzU2S002TVhLRjNTTjVYRzJNTVFJTkFYT09GUllJNUhWMlBFU0hLM041SEhTRjZNWEpTN0RMSlpNQUhWTFNLVE9LTUVRNUpCUFU2SUJRUVBVR1hDQ1NDSU9QWEkzUlFGTEpBMjZKV09CWTNEUFQ3RUtaWUtKMzNSVzVGR09EUkFFWUJDVlZWNEdDU05UNzVKMk4yVldFRTMyNzZVSDJOVUpKU0pXTklGNUcyQVJYTkM3Rk9ZNFhFRFhPWlFTMksyTzVDWk1INjY1RU1TSjVTWldSWTNGRzdYUzZMUVpUUkZIU0lSNUZaNTZRNkkyRkZIUklNT1FUSURZQUI3NDRYUVpKTEFNWjJNSFZYQkQzVjc1Uzc2V0U2TkxMUkdRWkRYWUJTN1NWQ1BKMjI0VkJJSENHNVdRN0FQRFdMVkNHSE9VTE41TlZORFVDRkJWSFNSRFQyUUlHWEFDNkU3SElPVUQ1U0hUQUJEVzJGWVFMVlVJMzVVNFlCU1ZVM1FJSzNaQVYyUjVWQlBFMkxGSE9VRzdOQkE0RFlLU1pJSVI0RlpVUFMzVVJSQkFLQjJUTDY3VExISE9KUFNFRFRQM1pNSEdLRUVJLz%2FyAr4BCAASFzQyOTcyOTc1NDUxNTQ3ODk3NzIxNTYwGAAgASicEzCMxgVAAUgAUABgCmgAcKSzIpABAJgBAKgBALgBCsABCsgBDfAB0gH4AQ2AAgqRAgAAAAAAAPA%2FmQLhehSuR%2BHKP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4Ar8xgAPQAogDmAKQAwCYAwCgAwC4A5UByAMA0gMINjU4MTU0NjngA8HY0ATpAwAAAAAAAAAA8AMN%2BQMAAAAAAAAAAPgCBYgDAJIDBGRiYTiYAwCgA%2FfeFqgDAA%3D%3D
Requested by: Host: 31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com
URL: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.173.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-173-185.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 08 Mar 2023 08:31:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame 7F16 37 B
140 B 79ms
24ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=10&peid=0&aid=42972975451547897721560
Requested by: Host: 31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com
URL: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&rid=esp&cc=1

85 B
203 B

132ms
131ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&rid=esp&cc=1
Requested by: Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 05c4c5e3b032ecb2b1c572f3bceb7295500482280315dd77c33df7a27e78d460

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:53 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-BQON1nxxSZEYeX6IddOuFbeTTFs"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://anonyviet.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 08 Mar 2023 08:31:53 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://anonyviet.com
location: /esp?url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
322 B 84ms
23ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://anonyviet.com
date: Wed, 08 Mar 2023 08:31:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 149ms
46ms XHR
application/json 52.50.248.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.248.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-248-190.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: e162d0bd095b76aa5b05015ff5f9b919cb988d44395d20fb80ae21dd61e9bf4b

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:53 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://anonyviet.com
cache-control: no-cache
x-server: 10.45.9.225
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/5d571584365a04625cc242f24ed251df7ff38c7a/dist/ Frame 7F16 177 KB
57 KB 25ms
25ms Script
text/javascript 18.66.97.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/5d571584365a04625cc242f24ed251df7ff38c7a/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_desktop_300x250&tid=210
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-36.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6bbe94a691a7444bc65779ac2f9cecbdac43a35fafc7db164187412c818b2c79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:44:43 GMT
content-encoding: gzip
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
last-modified: Wed, 22 Feb 2023 20:44:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 1165631
etag: "a7250ac00966ef8ecf277f302d2fdaa2"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 57541
x-amz-cf-id: y1lIgcvIIRx0pJQpDCBCoUXo31r9AR4p0FYp1N4lww-lkeJ84cCXZQ==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F6DF 15 KB
6 KB 89ms
31ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=anonyviet.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 08:31:52 GMT
server: Kestrel
server-processing-duration-in-ticks: 902714
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 r
eb2.3lift.com/ Frame 7F16 37 B
139 B 25ms
25ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=adasia_allpublishers_desktop_300x250&aid=42972975451547897721560&rev=5d57158&pr=can%27t%2520access%2520top%2520document&bc=0.013&bmid=2460&biid=6335&sid=90892&brid=563620&adid=65815469&crid=9710657&ts=1678264312&bcud=13&ss=5&caid=0&unid=0&domain=31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com&ref=https%253A%252F%252Fanonyviet.com%252Ftieptucdentrangmoi%252F%253Furl%253Dhttps%25253A%25252F%25252Fwww.watched.com%25252Fdownload&rr=creative&fid=10&rb=0&g=0&tmplid=210&cb=37878
Requested by: Host: 31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com
URL: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 7F16 3 KB
3 KB 22ms
22ms Image
image/png 18.66.97.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: 31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com
URL: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-36.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 01:57:17 GMT
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 110205
etag: "ddf020e069f1706b72b7698b28fede09"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
content-length: 3125
x-amz-cf-id: RI8SCumlPm90nr7mv9UfA_z7_oMRLKpzecPbe-iqJcBX4QsC0WfcwQ==

GET
H2 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 7F16 3 KB
4 KB 24ms
23ms Image
image/png 18.66.97.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: 31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com
URL: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-36.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 05:37:13 GMT
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 184203
etag: "7ceab27af00fa466072a3c3360041755"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
content-length: 3518
x-amz-cf-id: 6FXWjbU2qEK7yQle1iiD0FpxgY5Um6P7DAe9w7eGU01FbIu2v5S-Iw==

GET
H2 200 ctar
eb2.3lift.com/ Frame 7F16 37 B
139 B 24ms
24ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ctar?inv_code=adasia_allpublishers_desktop_300x250&aid=42972975451547897721560&rev=5d57158&cta_render_method=1&cta_render_text=&cb=87074
Requested by: Host: 31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com
URL: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 widget-336x280.js Show response
widgets.zemanta.com/1661433531/ Frame A266 12 KB
5 KB 95ms
20ms Script
application/javascript 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.zemanta.com/1661433531/widget-336x280.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/5d571584365a04625cc242f24ed251df7ff38c7a/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d278a77dc164d9eb3deb489db56077f6c912e96d7d8a70e3f6e689c8e23adb21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: w6DrIHte1rC6nzlC25n6rLmSdg5qlk7Z
content-encoding: gzip
via: 1.1 varnish
date: Wed, 08 Mar 2023 08:31:53 GMT
x-amz-request-id: 97CNBJXHQ97PHQG1
age: 837
x-cache: HIT
content-length: 4562
x-amz-id-2: 4jA/MOm1B9fmn2TORLHW+tl9SwbH6386ovpOYWn/0+lg1sHtOGMYN2coW2hi700SFX//qy2WpcQT/eCiRlNt3g==
x-served-by: cache-hhn-etou8220046-HHN
last-modified: Thu, 25 Aug 2022 13:20:33 GMT
server: AmazonS3
x-timer: S1678264313.453503,VS0,VE0
etag: "4d39256783df9da9bf906e827d31b23b"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-cache-hits: 30

GET
H2 200 aop
eb2.3lift.com/ Frame 7F16 37 B
139 B 24ms
24ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=adasia_allpublishers_desktop_300x250&aid=42972975451547897721560&rev=5d57158&pr=can%27t%2520access%2520top%2520document&bc=0.013&bmid=2460&biid=6335&sid=90892&brid=563620&adid=65815469&crid=9710657&ts=1678264312&bcud=13&ss=5&caid=0&unid=0&domain=31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com&ref=https%253A%252F%252Fanonyviet.com%252Ftieptucdentrangmoi%252F%253Furl%253Dhttps%25253A%25252F%25252Fwww.watched.com%25252Fdownload&rr=creative&fid=10&rb=0&g=0&tmplid=210&cb=64511
Requested by: Host: 31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com
URL: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

200

sid Show response
mug.criteo.com/ Frame F6DF
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=anonyviet.com&sn=ChromeSyncframe&so=0&topUrl=anonyviet.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=ujCDFHxFeTI2YmxkVkk1OEE3Sk92YVlZbElPV3RNc2REZ2tuc0RNaVFsaVVKNDNXdy9STXo4dEUwVDM4V2VhUFA5Q1k3azZ3SCtTTnk0aEhRUnloS3dQNHVHY2gveDc4cFhnZkZ0VG1jb3dncGZSMFh3cWR5ZG9DODZOaC...

422 B
652 B

595ms
199ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ujCDFHxFeTI2YmxkVkk1OEE3Sk92YVlZbElPV3RNc2REZ2tuc0RNaVFsaVVKNDNXdy9STXo4dEUwVDM4V2VhUFA5Q1k3azZ3SCtTTnk0aEhRUnloS3dQNHVHY2gveDc4cFhnZkZ0VG1jb3dncGZSMFh3cWR5ZG9DODZOaCtaRmlTOXVpN1hncVZVWm1FTi9qT0ZpMkY3OHNIQWl3Q1hneXUvUk82TzRQM1l4dy9nRGpiMmFjRU16M1hYUTRPbTJUV0RVdzI2WlRwalV0SFdndUlCM0Rac0ZEWVFRa2d5a1BhaGpGa2t5OTF3MVFLZXQ1MW1xUFFZeC9NRE4vOE84QS9SOXRWampHTitrTUVGNlFEU0V2cCsyVG1xd203aXk5VnpwMVhKL01tQ1FlVjZhUT18&cppv=2

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

81b08e1a4df373f382931550b1700ff5820a741fb9741b9fefb6fa9df3c6b30e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:53 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1455655
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ujCDFHxFeTI2YmxkVkk1OEE3Sk92YVlZbElPV3RNc2REZ2tuc0RNaVFsaVVKNDNXdy9STXo4dEUwVDM4V2VhUFA5Q1k3azZ3SCtTTnk0aEhRUnloS3dQNHVHY2gveDc4cFhnZkZ0VG1jb3dncGZSMFh3cWR5ZG9DODZOaCtaRmlTOXVpN1hncVZVWm1FTi9qT0ZpMkY3OHNIQWl3Q1hneXUvUk82TzRQM1l4dy9nRGpiMmFjRU16M1hYUTRPbTJUV0RVdzI2WlRwalV0SFdndUlCM0Rac0ZEWVFRa2d5a1BhaGpGa2t5OTF3MVFLZXQ1MW1xUFFZeC9NRE4vOE84QS9SOXRWampHTitrTUVGNlFEU0V2cCsyVG1xd203aXk5VnpwMVhKL01tQ1FlVjZhUT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 892307
content-length: 0
expires: 0

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame A266 990 B
1 KB 67ms
19ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: 31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com
URL: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Fri, 07 Apr 2023 08:31:53 GMT
date: Wed, 08 Mar 2023 08:31:53 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 beb55a35b361d9c668644096eed9aab4b8.jpg
zem.outbrainimg.com/p/srv/sha/49/34/10/ Frame A266 21 KB
21 KB 131ms
42ms Image
image/jpeg 199.232.18.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/49/34/10/beb55a35b361d9c668644096eed9aab4b8.jpg?w=334&h=217&fit=crop&crop=center&fm=jpg

Requested by

Host: 31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com
URL: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

3fb15fb7492e5ad3fdd512293b3284f9a3fbfebdfad1f253e2891a288d6ba7d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:53 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 79562
x-cache: HIT, MISS, HIT
x-imgix-id: f1ed41ed5c3659f5c0acbca3e74d918accabe2b7
cross-origin-resource-policy: cross-origin
content-length: 21055
x-served-by: cache-sjc10023-SJC, cache-vie6371-VIE, cache-vie6344-VIE
x-imgix-render-farm: 01.9544
last-modified: Tue, 07 Mar 2023 10:25:51 GMT
server: imgix
x-timer: S1678264314.571708,VS0,VE12
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

POST
H/1.1 200
OK get_info Show response
bot.webpushr.com/prompt/ 17 KB
5 KB 103ms
21ms Fetch
text/html 157.230.100.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bot.webpushr.com/prompt/get_info
Requested by: Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.230.100.179 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5706d2c26d70d4732ce11818b66d9e07b524b3151c115e9834c17275891ef7fe

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

server_name: lookup4
Date: Wed, 08 Mar 2023 08:31:53 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
X-Fastcgi-Cache: EXPIRED
Access-Control-Allow-Origin: https://anonyviet.com
Access-Control-Allow-Credentials: true
proxy_server_name: fr1_lookup_proxy
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Proxy-Cache: HIT

POST
H/1.1 200
OK session Show response
analytics.webpushr.com/impression/ 0
536 B 75ms
20ms Fetch
text/html 167.71.54.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webpushr.com/impression/session
Requested by: Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.71.54.9 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 08 Mar 2023 08:31:53 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://anonyviet.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 150 KB
51 KB 104ms
104ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40a7601282c7b3e6b5b0f0413199a813f9e9333e7e8791363ddea982747ed856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52051
x-xss-protection: 0
server: cafe
etag: 3865020904658851607
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 08:31:53 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 30ms
28ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=anonyviet.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 59ms
58ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=anonyviet.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DB98 111 KB
37 KB 562ms
562ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=280&adk=2035709028&adf=3546131230&pi=t.aa~a.248467665~rp.4&daaos=1678233736636&w=1170&fwrn=4&fwrnh=100&lmt=1678264313&rafmt=1&to=qs&pwprc=2659037108&format=1170x280&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264313604&bpp=1&bdt=2602&idt=-M&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D397f6e8d981f9038%3AT%3D1678264312%3AS%3DALNI_MaA6C1OhneARynHevk8dsz_G_tXHw&gpic=UID%3D00000bc2674e4a1b%3AT%3D1678264312%3ART%3D1678264312%3AS%3DALNI_MZ_l5NvB854Y-sEqH0pJ6_yacKt8g&prev_fmts=0x0%2C1200x280&nras=2&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3064&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=1qcpQGCMgP&p=https%3A//anonyviet.com&dtd=26

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49bb365f5d56fc4d77739e2f67e5b6e78f75077adabe86a4ee4fa844e9720721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 37527
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 08:31:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DCF7 90 KB
27 KB 732ms
731ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=280&adk=2603416086&adf=3803891251&pi=t.aa~a.280637418~rp.1&daaos=1678233736636&w=1170&fwrn=4&fwrnh=100&lmt=1678264313&rafmt=1&to=qs&pwprc=2659037108&format=1170x280&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264313604&bpp=1&bdt=2602&idt=-M&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D397f6e8d981f9038%3AT%3D1678264312%3AS%3DALNI_MaA6C1OhneARynHevk8dsz_G_tXHw&gpic=UID%3D00000bc2674e4a1b%3AT%3D1678264312%3ART%3D1678264312%3AS%3DALNI_MZ_l5NvB854Y-sEqH0pJ6_yacKt8g&prev_fmts=0x0%2C1200x280%2C1170x280&nras=3&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=oMQSHgWpbo&p=https%3A//anonyviet.com&dtd=42

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f516ad758b25f4d1c6c8bf43604339460415462fda70479de7ca2e56f654079c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 27689
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 08:31:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E76F 85 KB
33 KB 620ms
620ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=100&adk=1234404052&adf=1442665407&pi=t.aa~a.3548350786~rp.4&daaos=1678233736636&w=360&fwrn=4&fwrnh=100&lmt=1678264313&rafmt=1&to=qs&pwprc=2659037108&format=360x100&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264313604&bpp=1&bdt=2602&idt=1&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D397f6e8d981f9038%3AT%3D1678264312%3AS%3DALNI_MaA6C1OhneARynHevk8dsz_G_tXHw&gpic=UID%3D00000bc2674e4a1b%3AT%3D1678264312%3ART%3D1678264312%3AS%3DALNI_MZ_l5NvB854Y-sEqH0pJ6_yacKt8g&prev_fmts=0x0%2C1200x280%2C1170x280%2C1170x280&nras=4&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=2904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=bCsHgdAj51&p=https%3A//anonyviet.com&dtd=48

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f73b32958219302340ffe65b86a891c0d5b6554a28382e3b4a3ab2f7cb9b184e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 33493
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 08:31:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 8C7F 0
176 B 107ms
30ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 08 Mar 2023 08:31:53 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 5B49 37 B
139 B 25ms
24ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=25705
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/5d571584365a04625cc242f24ed251df7ff38c7a/dist/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Wed, 08 Mar 2023 08:31:53 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/ Frame AC76 10 KB
4 KB 20ms
19ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 37268
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 22:10:45 GMT
etag: 2378337311435320485
expires: Tue, 21 Mar 2023 22:10:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK prompt Show response
analytics.webpushr.com/impression/ 0
536 B 20ms
20ms Fetch
text/html 167.71.54.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webpushr.com/impression/prompt
Requested by: Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.71.54.9 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 08 Mar 2023 08:31:53 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://anonyviet.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 89d7ca8249da9b1fce758df22cf4efd3.js Show response
www.gstatic.com/mysidia/ Frame AC76 10 KB
5 KB 122ms
34ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/89d7ca8249da9b1fce758df22cf4efd3.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2500cea629c6bbfc4ab85693f21ac707f0a92d02f32781a2bea98f7065e4fbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 09:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4405
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 09:02:20 GMT

GET
H2 200 67aaecca7d4c17753e791d23613bc19c.js Show response
www.gstatic.com/mysidia/ Frame AC76 11 KB
5 KB 123ms
35ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/67aaecca7d4c17753e791d23613bc19c.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85adddf8b04a947f000872c064145ddd13125e63a024e720664bf184a7144ce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 09:43:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4817
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 20:31:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 09:43:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AC76 8 KB
991 B 59ms
57ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Mar 2023 08:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 08:21:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Mar 2023 08:31:53 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame AC76 2 KB
846 B 29ms
26ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:43:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49717
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 18:43:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame AC76 22 KB
9 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 15:18:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 15:18:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame AC76 3 KB
1 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 07:29:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 07:29:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame AC76 20 KB
8 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 19:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 19:39:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AC76 0
0 57ms
55ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQnJeEcwckSxsMo6pUoymGzz0YdHAsPWcTeyAX3XUFjTJ_2SOeybco3D9OPz6E43QlSdvosSVzSREQH5BVWXdx6myGZZg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC76 158 KB
48 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 08:31:53 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame AC76 34 KB
14 KB 125ms
39ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 05:22:23 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 105ms
105ms Fetch
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48041
x-xss-protection: 0
server: cafe
etag: 8950102480559306395
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 08:31:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AC76 0
0 65ms
65ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CS0hZ-EcIZOKYPJrU6gTUr4jACuHF-M5u8aWLirkIwpWA_-EgEAEg3J73UmCV-vCBjAegAcixqc0DyAEBqAMByAPLBKoE8gFP0DCF8lE8kQPErgTXSyuuywt2SlyKA67o0BiegLpRNxYYlSOV2kK0j2susfK2cZCHGj1zeZ0TUlfwQ8QXCCUVxe6ZzkbmUGNUj1DBeDIaUK7vNF3swiUiBNRh9sggl-_xEUqWcV5ovKs8L936nMdPp3nrpv24f5UFUg_esIg5W1rOAvNwy8q0ODiLp87j3dAY4zSzL170daTMUzOGXX3LAXUKj86Z4ZBHhP7GgCLXnV7Vzuka3kkSGALSbKMTzYole2BrEM4LXZ30d2V2uWl6Wnz2kT1j8keFhv0mprvPQcQ-GGsz7pvu4rgOs4c-23XykcAEz_uxgvQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB-Tq4jWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDmvRzSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUFtAVAYAXAbIXHAoaCAASFHB1Yi0yNjQyNjQwNDY2MzM2NjQ5GAA&sigh=MNupotvW0gQ&uach_m=[UACH]&cid=CAQSKQDUE5ym0gpHxIuDtQ-9mKRX_ilhrBGmHiVtQaQFTvTWMS0hrT0WVvjtGAE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 08 Mar 2023 08:31:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1F88 143 B
166 B 20ms
19ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 08:22:10 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 395A 1 KB
643 B 35ms
34ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42455
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 20:44:18 GMT
etag: 48472445140208031
expires: Wed, 08 Mar 2023 20:44:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AC76 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28b48599f70697062736ea3a1ba1615648de56246ed31a5de2af29885ccd88d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

HEAD
H2

200

/
marketingplatform.google.com/about/enterprise/
Redirect Chain

https://ad.doubleclick.net/
https://marketingplatform.google.com/about/enterprise/

0
0

218ms
88ms

Fetch
text/html

2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marketingplatform.google.com/about/enterprise/
Requested by: Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Protocol: H2
Server: 2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Redirect headers

date: Wed, 08 Mar 2023 08:18:28 GMT
x-content-type-options: nosniff
server: sffe
age: 806
content-type: text/html; charset=UTF-8
location: https://marketingplatform.google.com/about/enterprise/
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0
expires: Wed, 08 Mar 2023 08:48:28 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1F88
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

27ms
27ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 08:31:54 GMT
expires: Wed, 08 Mar 2023 08:31:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 08:31:53 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 395A
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGNjAalSmUT9JC9DozU5eAc&google_cver=1&google_push=Aa02lx_dUQ25gLvr1GV-sfhQtP5eZun7X4UXwCTli2Eypa2ZOeM4pky4Jq64cRiL-IL0lkiYFBskOXFsAW8-yLDTCK97AE6jDtVM_mA
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY2MTQ3MTcxMjg4NDE4NjEyMw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELFGy8KEjwfigtaFPrcAIM0&google_cver=1

43 B
398 B

48ms
27ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELFGy8KEjwfigtaFPrcAIM0&google_cver=1
Requested by: Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 08 Mar 2023 08:31:53 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELFGy8KEjwfigtaFPrcAIM0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 395A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESED7CSyEZgTtvHmp3NFNcHi8&google_cver=1&google_push=Aa02lx_LT91AtF8bDcQ9lhdPhuTJgydKRpB0McIzbCuite40hZSuNc2JHBkTZGfYpCPQT2dheujTVcb61i2HWYpv...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_LT91AtF8bDcQ9lhdPhuTJgydKRpB0McIzbCuite40hZSuNc2JHBkTZGfYpCPQT2dheujTVcb61i2HWYpvQtlolmYxBsMs4Y0

170 B
232 B

32ms
31ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_LT91AtF8bDcQ9lhdPhuTJgydKRpB0McIzbCuite40hZSuNc2JHBkTZGfYpCPQT2dheujTVcb61i2HWYpvQtlolmYxBsMs4Y0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 08 Mar 2023 08:31:54 GMT
Server: MT3 569 46451a0 master cdg-pixel-x29 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_LT91AtF8bDcQ9lhdPhuTJgydKRpB0McIzbCuite40hZSuNc2JHBkTZGfYpCPQT2dheujTVcb61i2HWYpvQtlolmYxBsMs4Y0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 08 Mar 2023 08:31:53 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 395A 0
173 B 112ms
29ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEKx5J-HrksfJvriMIVY6ncM&google_cver=1&google_push=Aa02lx-T8ETW-YLg_TMp_h7-W_rkPfw7Ykuz8Mw2_glvdZrKJp2sR6RAwBjwD8dIk0aEXlNAnntOZwSrCOVnyA52LKFkFlb43SmlDfI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:54 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 395A
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFcMoFTKcryUXeXRoXhHk8E&google_cver=1&google_push=Aa02lx_KWvTx15GHfZJGJUjb4i_zblg5ImCzKrcS-LSYa-h7gsJztnlmYgA_OepOw1vAs1-tLCS3h5Mypnxqr4kOTzdL...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFcMoFTKcryUXeXRoXhHk8E&google_cver=1&google_push=Aa02lx_KWvTx15GHfZJGJUjb4i_zblg5ImCzKrcS-LSYa-h7gsJztnlmYgA_OepOw1vAs1-tLCS3h5Mypnxqr4...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_KWvTx15GHfZJGJUjb4i_zblg5ImCzKrcS-LSYa-h7gsJztnlmYgA_OepOw1vAs1-tLCS3h5Mypnxqr4kOTzdLNoCEiFw-dgA&google_hm=WP2m8tMjS_K74LveDkoA...

170 B
188 B

35ms
34ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_KWvTx15GHfZJGJUjb4i_zblg5ImCzKrcS-LSYa-h7gsJztnlmYgA_OepOw1vAs1-tLCS3h5Mypnxqr4kOTzdLNoCEiFw-dgA&google_hm=WP2m8tMjS_K74LveDkoACw==

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_KWvTx15GHfZJGJUjb4i_zblg5ImCzKrcS-LSYa-h7gsJztnlmYgA_OepOw1vAs1-tLCS3h5Mypnxqr4kOTzdLNoCEiFw-dgA&google_hm=WP2m8tMjS_K74LveDkoACw==
date: Wed, 08 Mar 2023 08:31:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 395A 43 B
351 B 84ms
29ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEEN78MKecdWEKDcEU1V0Hy8&google_cver=1&google_push=Aa02lx9pkfXfz6OkBLYl3Zznwl7JmuwT4gyJdEuUgKfrP2IN19WCkBihrtD5L_9h338O-uPPXUI5_79iVtaoWplfLozV1BAlP-Z5ZEM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:53 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: sau5739g5aac8ja4epvphaiua6hv8dtv

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 395A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ0ZlBvzHtUnM_80qTh1SWQ&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJ0ZlBvzHtUnM_80qTh1SWQ&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ0ZlBvzHtUnM_80qTh1SWQ&google_hm=ZAhH-gykg93pfqobQWUk8QAACLQAAAAB&google_nid=index&google_push=Aa02lx9EbU1Erm04FvkZAo8ateZhpxRr9UqZO...

170 B
188 B

34ms
32ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ0ZlBvzHtUnM_80qTh1SWQ&google_hm=ZAhH-gykg93pfqobQWUk8QAACLQAAAAB&google_nid=index&google_push=Aa02lx9EbU1Erm04FvkZAo8ateZhpxRr9UqZOJlQJBRTKdR4_ReqvZnN6XA9SrtGoBn1mof8O8UHfzZQPguvFzp40i0qnLnRl4PtzT0

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 08:31:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ0ZlBvzHtUnM_80qTh1SWQ&google_hm=ZAhH-gykg93pfqobQWUk8QAACLQAAAAB&google_nid=index&google_push=Aa02lx9EbU1Erm04FvkZAo8ateZhpxRr9UqZOJlQJBRTKdR4_ReqvZnN6XA9SrtGoBn1mof8O8UHfzZQPguvFzp40i0qnLnRl4PtzT0
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 395A
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJyQoFGcyuX-RHhEw9C1pag&google_cver=1&google_push=Aa02lx-ACUl7T95QCWedjw6SxWC2u26agzfOcffNoSBmJT_7uXzHRKGhmbctjgMGw8Nm6vwuYpB4GtXfLRz5AqZRsNRf9Ij9iC...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx-ACUl7T95QCWedjw6SxWC2u26agzfOcffNoSBmJT_7uXzHRKGhmbctjgMGw8Nm6vwuYpB4GtXfLRz5AqZRsNRf9Ij9iCE...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIxODgyMjYwMDE0NDYwNTMyNTk4NQ%3D%3D&google_push=Aa02lx-ACUl7T95QCWedjw6SxWC2u26agzfOcffNoSBmJT_7uXzHRKGh...

170 B
329 B

52ms
33ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIxODgyMjYwMDE0NDYwNTMyNTk4NQ%3D%3D&google_push=Aa02lx-ACUl7T95QCWedjw6SxWC2u26agzfOcffNoSBmJT_7uXzHRKGhmbctjgMGw8Nm6vwuYpB4GtXfLRz5AqZRsNRf9Ij9iCEy118

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIxODgyMjYwMDE0NDYwNTMyNTk4NQ%3D%3D&google_push=Aa02lx-ACUl7T95QCWedjw6SxWC2u26agzfOcffNoSBmJT_7uXzHRKGhmbctjgMGw8Nm6vwuYpB4GtXfLRz5AqZRsNRf9Ij9iCEy118
date: Wed, 08 Mar 2023 08:31:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 395A 0
139 B 109ms
30ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IcKOfzF0tsT8KnkTeWKD4GN2AzFFG7qIbo-8HtGaEGIhSd6lMHy7ZUOZmcN1KMI2XTqax5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 css
fonts.googleapis.com/ Frame 528C 6 KB
672 B 57ms
57ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=280&slotname=2284993155&adk=1104571469&adf=203526347&pi=t.ma~as.2284993155&w=1200&fwrn=4&fwrnh=100&lmt=1678264312&rafmt=1&format=1200x280&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264312519&bpp=12&bdt=1516&idt=445&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xBob3s5L08&p=https%3A//anonyviet.com&dtd=455

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Mar 2023 08:31:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 08:21:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Mar 2023 08:31:54 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 528C 2 KB
765 B 21ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:43:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49718
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 18:43:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame 528C 22 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 15:18:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 15:18:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 528C 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 07:29:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 07:29:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 528C 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 19:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46372
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 19:39:02 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 528C 0
0 57ms
55ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQTx7v9qkzENB4zhho5K0vD3XRNsq0CxnpuGXMDMxKCfGQDIdOj6SwIsCBMXYtwgOueKlRIAF6GBx0drz-ZyzHLBtouMw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=280&slotname=2284993155&adk=1104571469&adf=203526347&pi=t.ma~as.2284993155&w=1200&fwrn=4&fwrnh=100&lmt=1678264312&rafmt=1&format=1200x280&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264312519&bpp=12&bdt=1516&idt=445&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xBob3s5L08&p=https%3A//anonyviet.com&dtd=455
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 528C 158 KB
48 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 08:31:54 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 528C 34 KB
14 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 05:22:23 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6528039975527766319/ Frame 528C 9 KB
9 KB 21ms
20ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6528039975527766319/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51b9a80bb5b987880dbde1d15bc552bb7ef1881b7d6a25b18bda20341b12e2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 08:03:56 GMT
x-content-type-options: nosniff
age: 174478
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9591
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 15:56:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 08:03:56 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/841684701835869913/ Frame 528C 2 KB
2 KB 26ms
26ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/841684701835869913/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1490aad284b9af37c925810fe6cad4bf2b972ffbf906462c0e391d3218bd1224

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 08:04:45 GMT
x-content-type-options: nosniff
age: 174429
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2231
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 11:20:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 08:04:45 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 097C 1 KB
643 B 34ms
34ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42456
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 20:44:18 GMT
etag: 48472445140208031
expires: Wed, 08 Mar 2023 20:44:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 528C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc83418b8007928f670603b01c80c22f60f7b282e1a415cde65c5f9d7d264aab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame FFF0 36 KB
14 KB 35ms
34ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 20:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 20:43:58 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 528C 15 KB
15 KB 35ms
34ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 13:40:31 GMT
x-content-type-options: nosniff
age: 499883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 13:40:31 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 528C 15 KB
16 KB 37ms
36ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 12:23:05 GMT
x-content-type-options: nosniff
age: 504529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 12:23:05 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 528C 15 KB
15 KB 47ms
46ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 13:13:56 GMT
x-content-type-options: nosniff
age: 501478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 13:13:56 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 097C
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEICmKx9AS4IARugdgsF97BQ&google_cver=1&google_push=Aa02lx8ZWo1NvJwh_JVAsE9B3tu-0z69dxEMWnkvusYu0fjqxJcYmj2v22Ra2IrxkyD_LxZspAfLWVmLwOz3oP_Ndu5zYFzCjAkL0...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEICmKx9AS4IARugdgsF97BQ&google_cver=1&google_push=Aa02lx8ZWo1NvJwh_JVAsE9B3tu-0z69dxEMWnkvusYu0fjqxJcYmj2v22Ra2IrxkyD_LxZspAfLWVmLwOz3oP_Ndu5zYFzCjAk...

43 B
420 B

189ms
175ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEICmKx9AS4IARugdgsF97BQ&google_cver=1&google_push=Aa02lx8ZWo1NvJwh_JVAsE9B3tu-0z69dxEMWnkvusYu0fjqxJcYmj2v22Ra2IrxkyD_LxZspAfLWVmLwOz3oP_Ndu5zYFzCjAkL0g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx8ZWo1NvJwh_JVAsE9B3tu-0z69dxEMWnkvusYu0fjqxJcYmj2v22Ra2IrxkyD_LxZspAfLWVmLwOz3oP_Ndu5zYFzCjAkL0g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:54 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a49b97d8fd090ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:54 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1065
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEICmKx9AS4IARugdgsF97BQ&google_cver=1&google_push=Aa02lx8ZWo1NvJwh_JVAsE9B3tu-0z69dxEMWnkvusYu0fjqxJcYmj2v22Ra2IrxkyD_LxZspAfLWVmLwOz3oP_Ndu5zYFzCjAkL0g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx8ZWo1NvJwh_JVAsE9B3tu-0z69dxEMWnkvusYu0fjqxJcYmj2v22Ra2IrxkyD_LxZspAfLWVmLwOz3oP_Ndu5zYFzCjAkL0g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a49b97c2e9290ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 097C 70 B
265 B 174ms
48ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEF_k-9Nwe2GtDNEsCIRWxEE&google_cver=1&google_push=Aa02lx-YG3Sms-YF-6iH6ecQb-Q9TYR2qHVZScs87dRBwZA-NBCjBTx3rquj_ykZhelSCoYCKc6aXpHHZKgscyWnlhEmhxOcFxd7UC8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=280&slotname=2284993155&adk=1104571469&adf=203526347&pi=t.ma~as.2284993155&w=1200&fwrn=4&fwrnh=100&lmt=1678264312&rafmt=1&format=1200x280&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264312519&bpp=12&bdt=1516&idt=445&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xBob3s5L08&p=https%3A//anonyviet.com&dtd=455
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 08 Mar 2023 08:31:54 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 097C 42 B
213 B 98ms
30ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEMTE08AkGSE4SPHW2W98QG0&google_push=Aa02lx_4VfNdTzghwupqkRmAqOGHLYgOIo1yfZKj6kdbtgbZt0lC2OzluQGos_Rvkl5WRWqp2M4pbVDu8dL_MsUpHW_hI88E1GtUD1I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=280&slotname=2284993155&adk=1104571469&adf=203526347&pi=t.ma~as.2284993155&w=1200&fwrn=4&fwrnh=100&lmt=1678264312&rafmt=1&format=1200x280&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264312519&bpp=12&bdt=1516&idt=445&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xBob3s5L08&p=https%3A//anonyviet.com&dtd=455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:54 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 dds
rtb.openx.net/sync/ Frame 097C 43 B
135 B 32ms
28ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEHfddDpwCrry4hzwX86YyHc&google_cver=1&google_push=Aa02lx8Hi13OLtybIX62s9yl8n5sOcNSAWpsK-lE9f43Y5PIpz3oGuaRQHV3lxvr3d8OY8xxFJPWkL8MdZkbJnZAc_8Mw1BD8Z3h3VE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=280&slotname=2284993155&adk=1104571469&adf=203526347&pi=t.ma~as.2284993155&w=1200&fwrn=4&fwrnh=100&lmt=1678264312&rafmt=1&format=1200x280&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264312519&bpp=12&bdt=1516&idt=445&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xBob3s5L08&p=https%3A//anonyviet.com&dtd=455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:53 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 9dr8g8josi7kvq6j78vc7t4jk2k4aino

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 097C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGPi-2iRpE-rYgkzoR6glQE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGPi-2iRpE-rYgkzoR6glQE&google_hm=ZAhH-gykg93pfqobQWUk8QAACLQAAAAB&google_nid=index&google_push=Aa02lx_nC6ZfmooAnT_8_8J33lRdz0WaQs4Ge...

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGPi-2iRpE-rYgkzoR6glQE&google_hm=ZAhH-gykg93pfqobQWUk8QAACLQAAAAB&google_nid=index&google_push=Aa02lx_nC6ZfmooAnT_8_8J33lRdz0WaQs4GeLaMtZM4Hpck2F-YOoRTB6t9cnD0CEHClJRiTjMnfHVjPp-V2byjLqSZuc8BCpqstN8

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 08:31:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGPi-2iRpE-rYgkzoR6glQE&google_hm=ZAhH-gykg93pfqobQWUk8QAACLQAAAAB&google_nid=index&google_push=Aa02lx_nC6ZfmooAnT_8_8J33lRdz0WaQs4GeLaMtZM4Hpck2F-YOoRTB6t9cnD0CEHClJRiTjMnfHVjPp-V2byjLqSZuc8BCpqstN8
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 097C
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESECJVts72y99HqY1MDU9VkcY&google_cver=1&google_push=Aa02lx_0BBEu5yXYl3tWoSCVWVVdJgmpM_Duaqv3skO0tCO9vVnlmkEz54njLqvIIieEsEVLDohqjTT2y3PmY5uytAhpwy4r5T...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIxODgyMjYwMDE0NDYwNTMyNTk4NQ%3D%3D&google_push=Aa02lx_0BBEu5yXYl3tWoSCVWVVdJgmpM_Duaqv3skO0tCO9vVnlmkEz...

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIxODgyMjYwMDE0NDYwNTMyNTk4NQ%3D%3D&google_push=Aa02lx_0BBEu5yXYl3tWoSCVWVVdJgmpM_Duaqv3skO0tCO9vVnlmkEz54njLqvIIieEsEVLDohqjTT2y3PmY5uytAhpwy4r5Tx8I5Q

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIxODgyMjYwMDE0NDYwNTMyNTk4NQ%3D%3D&google_push=Aa02lx_0BBEu5yXYl3tWoSCVWVVdJgmpM_Duaqv3skO0tCO9vVnlmkEz54njLqvIIieEsEVLDohqjTT2y3PmY5uytAhpwy4r5Tx8I5Q
date: Wed, 08 Mar 2023 08:31:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

report
sync.teads.tv/um/ Frame 097C
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENPInH-gHnWhEvirG2W74o4&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx8FA12oGeU_0f7GnMDLmFO0P4iWPA1gDsUp1t7pJ6D6jWf5dc-OhORRkhyaA1Ix650bqZf808QcdhYoAU-xO69eT_YauqI7Bx33
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

73ms
73ms

Image
image/gif

23.35.209.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Protocol: H2
Server: 23.35.209.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-209-30.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Wed, 08 Mar 2023 08:31:54 GMT
pragma: no-cache
date: Wed, 08 Mar 2023 08:31:54 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 097C 0
12 B 33ms
30ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L0c6Qo1PLUJxNXSnRUueBmwTzq5W6yR4WsTu8rLZ0zTXupf8H-9tbu_BAvuMqR4iO1pThH6Q

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 css
fonts.googleapis.com/ Frame DB98 8 KB
895 B 58ms
57ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=280&adk=2035709028&adf=3546131230&pi=t.aa~a.248467665~rp.4&daaos=1678233736636&w=1170&fwrn=4&fwrnh=100&lmt=1678264313&rafmt=1&to=qs&pwprc=2659037108&format=1170x280&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264313604&bpp=1&bdt=2602&idt=-M&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D397f6e8d981f9038%3AT%3D1678264312%3AS%3DALNI_MaA6C1OhneARynHevk8dsz_G_tXHw&gpic=UID%3D00000bc2674e4a1b%3AT%3D1678264312%3ART%3D1678264312%3AS%3DALNI_MZ_l5NvB854Y-sEqH0pJ6_yacKt8g&prev_fmts=0x0%2C1200x280&nras=2&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3064&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=1qcpQGCMgP&p=https%3A//anonyviet.com&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Mar 2023 08:31:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 08:25:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Mar 2023 08:31:54 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame DB98 2 KB
765 B 21ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:43:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49718
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 18:43:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame DB98 22 KB
9 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 15:18:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 15:18:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame DB98 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 07:29:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 07:29:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame DB98 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 19:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46372
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 19:39:02 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DB98 0
0 56ms
55ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRUX_SKJ77lEPbB7Byt6j_vfR4BPkonPvI4FOFOYfCjfkrcF65g1tnZ-9Uep8ZV3p-TLZ_d5eB5zj03dVRRikvLeYRX2g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=280&adk=2035709028&adf=3546131230&pi=t.aa~a.248467665~rp.4&daaos=1678233736636&w=1170&fwrn=4&fwrnh=100&lmt=1678264313&rafmt=1&to=qs&pwprc=2659037108&format=1170x280&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264313604&bpp=1&bdt=2602&idt=-M&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D397f6e8d981f9038%3AT%3D1678264312%3AS%3DALNI_MaA6C1OhneARynHevk8dsz_G_tXHw&gpic=UID%3D00000bc2674e4a1b%3AT%3D1678264312%3ART%3D1678264312%3AS%3DALNI_MZ_l5NvB854Y-sEqH0pJ6_yacKt8g&prev_fmts=0x0%2C1200x280&nras=2&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3064&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=1qcpQGCMgP&p=https%3A//anonyviet.com&dtd=26
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DB98 158 KB
48 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 08:31:54 GMT

GET
H3 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame DB98 34 KB
14 KB 37ms
37ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 05:22:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 528C 0
18 B 67ms
67ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnnZ5-UcIZLjJAemB7gTFiI74A-HF-M5u_M-e66oLp7DTxKcPEAEg3J73UmCV-vCBjAegAcixqc0DyAEJqAMByAPLBKoE9QFP0AZGklXSGM4KWbbnpdp-XM7C5XWhB-hrnSYtdnDnRx1No9ouaotjXzpycNx0X8rC0T0X48N6VdUPw-ndfngKxvHFVDUEyqU6voewGPKQAwXsj9v8o5qzbYR7d0trKaeX_iXtD-qf5imxXeW4FVW51SXVvzxPCx3HkWuA6rZw4si30KV7Aw0j1DE2kPohiX2mbsxpsvMNc2DtZGfREvr2XTCsH7OxausJQlGMSW0g-jaiF7RxJz15IDIkrFSoeypA1N05sZKi8MUq4dGI-_qxCKO7mRErAqysZOnMWfdCwIBQMu3tBG9iu7Nt9drWDp2DiUqSEcAEnt3huOoBkgUECAQYAZIFBAgFGASgBi6AB-Tq4jWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBRDg-IoC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMMiBQM0BUBgBcBshccChoIABIUcHViLTI2NDI2NDA0NjYzMzY2NDkYAA&sigh=q9F_KaxKkV8&uach_m=[UACH]&cid=CAQSKQDUE5ymXwb5M4IghQiij7ZJQjMkTLiDSnU8WxbY-WPkHgeeKl1BVkR4GAE&template_id=484&cbvp=2&vis=1

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=280&slotname=2284993155&adk=1104571469&adf=203526347&pi=t.ma~as.2284993155&w=1200&fwrn=4&fwrnh=100&lmt=1678264312&rafmt=1&format=1200x280&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264312519&bpp=12&bdt=1516&idt=445&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xBob3s5L08&p=https%3A//anonyviet.com&dtd=455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 08 Mar 2023 08:31:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 10087602203703844500
tpc.googlesyndication.com/daca_images/simgad/ Frame E76F 11 KB
11 KB 21ms
21ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10087602203703844500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=100&adk=1234404052&adf=1442665407&pi=t.aa~a.3548350786~rp.4&daaos=1678233736636&w=360&fwrn=4&fwrnh=100&lmt=1678264313&rafmt=1&to=qs&pwprc=2659037108&format=360x100&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264313604&bpp=1&bdt=2602&idt=1&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D397f6e8d981f9038%3AT%3D1678264312%3AS%3DALNI_MaA6C1OhneARynHevk8dsz_G_tXHw&gpic=UID%3D00000bc2674e4a1b%3AT%3D1678264312%3ART%3D1678264312%3AS%3DALNI_MZ_l5NvB854Y-sEqH0pJ6_yacKt8g&prev_fmts=0x0%2C1200x280%2C1170x280%2C1170x280&nras=4&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=2904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=bCsHgdAj51&p=https%3A//anonyviet.com&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a3dfb85adaef242c85d85c13609b23807ad8c0c96d12044edccefceffaa763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 21:43:17 GMT
x-content-type-options: nosniff
age: 470917
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11414
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 00:49:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Mar 2024 21:43:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame E76F 22 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 15:18:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 15:18:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame E76F 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 07:29:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 07:29:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame E76F 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 19:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46372
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 19:39:02 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E76F 0
0 57ms
55ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRlbr8w_wWNezYHVqiUfPt06mREnkM1wHAps2glxVgoSCFddkNGO5eITwCyXZDxppnattxaOHck1u9e_zGB0z_mPEoMJw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=100&adk=1234404052&adf=1442665407&pi=t.aa~a.3548350786~rp.4&daaos=1678233736636&w=360&fwrn=4&fwrnh=100&lmt=1678264313&rafmt=1&to=qs&pwprc=2659037108&format=360x100&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264313604&bpp=1&bdt=2602&idt=1&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D397f6e8d981f9038%3AT%3D1678264312%3AS%3DALNI_MaA6C1OhneARynHevk8dsz_G_tXHw&gpic=UID%3D00000bc2674e4a1b%3AT%3D1678264312%3ART%3D1678264312%3AS%3DALNI_MZ_l5NvB854Y-sEqH0pJ6_yacKt8g&prev_fmts=0x0%2C1200x280%2C1170x280%2C1170x280&nras=4&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=2904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=bCsHgdAj51&p=https%3A//anonyviet.com&dtd=48
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E76F 158 KB
48 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 08:31:54 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame E76F 33 KB
13 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48a3803c66697398863063eaad8263078145e5d97110d0b777a7347640a5afc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 19:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45861
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13717
x-xss-protection: 0
server: cafe
etag: 17409078185802295553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 19:47:33 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DB98 0
0 63ms
63ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cx4o1-UcIZJSaKY7o6gS7ypzoAsCI8K5v-YeYm48Q_ZrmuJYdEAEg3J73UmCV-vCBjAegAfGaoNAByAEJqAMByAPLBKoE9QFP0KDmCc_G9k5bhP-WBmHL_BDhDqv-bmJYJsE3tLBFdWsBAOL800epN6jTfK9cUPMMd02gQYv5bywE5LCP2wghid_WpUOaOW0naqaInGOW5FKDG9pkBTi_p_85yEJIy2yfzxxsaPjlyHGYpei2e4_TPQSCFQXvmGeOVcMAdRBG8rLJaLPmOUUttI2okSjBJNfpEbLeOw19ZC5ukYCyUhXTq6ZnlvblKBlTZrM8JFkhMp56EORqvNAno6k-z1P3vaahpvBYMJtbbV6CvvcPLuFDbgGzF7JwbP-tuBDd1jVQkyY70fMKpuGt1-gyeoq3QKqGYmrayMAEk6La65MEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_fk368CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQn64L0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMjY0MjY0MDQ2NjMzNjY0ORgA&sigh=NfpCuPgweJE&uach_m=[UACH]&cid=CAQSOwDUE5ymM1XcAAFZs4SCyyORq7VioU8tkQMo0WeYtI_-oW1n0_sFEbYl8iPkIOmHJ25Ezq0Y7zUcGTGQGAE&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=280&adk=2035709028&adf=3546131230&pi=t.aa~a.248467665~rp.4&daaos=1678233736636&w=1170&fwrn=4&fwrnh=100&lmt=1678264313&rafmt=1&to=qs&pwprc=2659037108&format=1170x280&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264313604&bpp=1&bdt=2602&idt=-M&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D397f6e8d981f9038%3AT%3D1678264312%3AS%3DALNI_MaA6C1OhneARynHevk8dsz_G_tXHw&gpic=UID%3D00000bc2674e4a1b%3AT%3D1678264312%3ART%3D1678264312%3AS%3DALNI_MZ_l5NvB854Y-sEqH0pJ6_yacKt8g&prev_fmts=0x0%2C1200x280&nras=2&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3064&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=1qcpQGCMgP&p=https%3A//anonyviet.com&dtd=26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 08 Mar 2023 08:31:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame 6E16 36 KB
14 KB 35ms
34ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 20:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 20:43:58 GMT

GET
H3 200 5515803385170397584
tpc.googlesyndication.com/simgad/ Frame DB98 14 KB
14 KB 21ms
20ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5515803385170397584

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

709665667acf84fa3fc279f9227b349f6786127f13cf15ceb7fdae7bc47db38e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:24:58 GMT
x-content-type-options: nosniff
age: 508016
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14762
x-xss-protection: 0
last-modified: Mon, 12 Apr 2021 22:36:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Mar 2024 11:24:58 GMT

GET
DATA 200
OK truncated
/ Frame DB98 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame DB98 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00526e46a0cd4e0849012e53b5a9a2d003af41042d22f7cd4d6e2aaeb38577fd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E76F 0
0 65ms
63ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTEmH-UcIZL3GKpmr7gTt85iQBMCI8K5v-ZaYm48QwrORmJ8jEAEg3J73UmCV-vCBjAegAfGaoNAByAECqAMByAPJBKoE9AFP0CuSw2gai8CIlfH3zGbNkFejhkHOh164EorQelIcIozMrIrKJJVIsG5hOMUQeUKfvFxs8mrOqI_0H1IVMHUc_PEwFLfwgzsm_kxgNybxdRiDHYxcLmuPv39M9G-bb-eLJIu5PWwLQc4vJyWwTohngh5ml06HMvmkNizrg5j-KU-y5m9L-rb-cDxynyPCYNsOdmMM0XyeYQEusb4Ma5ci40EOD3fEVFsR6S4IJC2qrYQXe56pbUYcbvh8wCl4yfopJjTj4wHrr2nlKCTEKTsUYbB71Xyj2Wz4aVCA_TrfPLiH_LUiImQ0MVNBbbGHZKpsyzXswASTotrrkwSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH9-TfrwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDN2AXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0yNjQyNjQwNDY2MzM2NjQ5GAA&sigh=ntL3IwNwlUs&uach_m=[UACH]&cid=CAQSOwDUE5ymI-Fb-VtQ26C64HSVdQrzR722D41z8JhWtxZ-20XlEoCGMlqyvCp6y3uvtdnerIiZmvgs8fyUGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=100&adk=1234404052&adf=1442665407&pi=t.aa~a.3548350786~rp.4&daaos=1678233736636&w=360&fwrn=4&fwrnh=100&lmt=1678264313&rafmt=1&to=qs&pwprc=2659037108&format=360x100&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264313604&bpp=1&bdt=2602&idt=1&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D397f6e8d981f9038%3AT%3D1678264312%3AS%3DALNI_MaA6C1OhneARynHevk8dsz_G_tXHw&gpic=UID%3D00000bc2674e4a1b%3AT%3D1678264312%3ART%3D1678264312%3AS%3DALNI_MZ_l5NvB854Y-sEqH0pJ6_yacKt8g&prev_fmts=0x0%2C1200x280%2C1170x280%2C1170x280&nras=4&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=2904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=bCsHgdAj51&p=https%3A//anonyviet.com&dtd=48
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 08 Mar 2023 08:31:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 200 admin-ajax.php Show response
anonyviet.com/wp-admin/ 7 B
615 B 1501ms
1501ms XHR
text/html 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/wp-admin/admin-ajax.php

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block" always

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded;

Response headers

date: Wed, 08 Mar 2023 08:31:55 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://anonyviet.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LpNdI2eVP9D1KV7BSEaVi%2BjnORjEfdKprb7PAGAkpEmSMK9vm98J21Y4Mje7I11Y14wVXMdmHDu8P9pzMdhDkjLmrHYn0QHs7x4BGuiegQ9h%2BxWcS4e%2Fq%2FZCE1N8%2BIImRw9SfNJN8WqGLo9g"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 7a49b97cad5e30c0-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6B11 143 B
166 B 24ms
19ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=100&adk=1234404052&adf=1442665407&pi=t.aa~a.3548350786~rp.4&daaos=1678233736636&w=360&fwrn=4&fwrnh=100&lmt=1678264313&rafmt=1&to=qs&pwprc=2659037108&format=360x100&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264313604&bpp=1&bdt=2602&idt=1&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D397f6e8d981f9038%3AT%3D1678264312%3AS%3DALNI_MaA6C1OhneARynHevk8dsz_G_tXHw&gpic=UID%3D00000bc2674e4a1b%3AT%3D1678264312%3ART%3D1678264312%3AS%3DALNI_MZ_l5NvB854Y-sEqH0pJ6_yacKt8g&prev_fmts=0x0%2C1200x280%2C1170x280%2C1170x280&nras=4&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=2904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=bCsHgdAj51&p=https%3A//anonyviet.com&dtd=48
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 584
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 08:22:10 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BE54 1 KB
643 B 37ms
34ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42456
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 20:44:18 GMT
etag: 48472445140208031
expires: Wed, 08 Mar 2023 20:44:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3CBE 1 KB
643 B 37ms
34ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42456
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 20:44:18 GMT
etag: 48472445140208031
expires: Wed, 08 Mar 2023 20:44:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DB98 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 423ac0d177cdc8239da4ec1baa26a380f4b43141f749f2a75a6d079bc3ef27a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E76F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95caf0d928e9ac5f611390c8827d0e93c095116cf90cca254c6eeac3058c2a03

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 89d7ca8249da9b1fce758df22cf4efd3.js Show response
www.gstatic.com/mysidia/ Frame DCF7 10 KB
4 KB 33ms
33ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/89d7ca8249da9b1fce758df22cf4efd3.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=280&adk=2603416086&adf=3803891251&pi=t.aa~a.280637418~rp.1&daaos=1678233736636&w=1170&fwrn=4&fwrnh=100&lmt=1678264313&rafmt=1&to=qs&pwprc=2659037108&format=1170x280&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264313604&bpp=1&bdt=2602&idt=-M&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D397f6e8d981f9038%3AT%3D1678264312%3AS%3DALNI_MaA6C1OhneARynHevk8dsz_G_tXHw&gpic=UID%3D00000bc2674e4a1b%3AT%3D1678264312%3ART%3D1678264312%3AS%3DALNI_MZ_l5NvB854Y-sEqH0pJ6_yacKt8g&prev_fmts=0x0%2C1200x280%2C1170x280&nras=3&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=oMQSHgWpbo&p=https%3A//anonyviet.com&dtd=42

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2500cea629c6bbfc4ab85693f21ac707f0a92d02f32781a2bea98f7065e4fbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 09:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4405
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 09:02:20 GMT

GET
H3 200 67aaecca7d4c17753e791d23613bc19c.js Show response
www.gstatic.com/mysidia/ Frame DCF7 11 KB
5 KB 34ms
34ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/67aaecca7d4c17753e791d23613bc19c.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85adddf8b04a947f000872c064145ddd13125e63a024e720664bf184a7144ce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 09:43:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4817
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 20:31:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 09:43:17 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DCF7 8 KB
895 B 58ms
58ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Mar 2023 08:31:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 08:26:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Mar 2023 08:31:54 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame DCF7 2 KB
765 B 21ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:43:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49718
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 18:43:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame DCF7 22 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 15:18:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 15:18:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame DCF7 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 07:29:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 07:29:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame DCF7 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 19:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46372
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 19:39:02 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DCF7 0
0 58ms
57ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ7yvVc8oH9HoRi9rifSdsTOzAmubuOSdnSy0b5lMtr28Sr-jGt3mk6qE1GLnoTSK_ZpyIldS4WZTncACXaUUU6elhZBg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=280&adk=2603416086&adf=3803891251&pi=t.aa~a.280637418~rp.1&daaos=1678233736636&w=1170&fwrn=4&fwrnh=100&lmt=1678264313&rafmt=1&to=qs&pwprc=2659037108&format=1170x280&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264313604&bpp=1&bdt=2602&idt=-M&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D397f6e8d981f9038%3AT%3D1678264312%3AS%3DALNI_MaA6C1OhneARynHevk8dsz_G_tXHw&gpic=UID%3D00000bc2674e4a1b%3AT%3D1678264312%3ART%3D1678264312%3AS%3DALNI_MZ_l5NvB854Y-sEqH0pJ6_yacKt8g&prev_fmts=0x0%2C1200x280%2C1170x280&nras=3&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=oMQSHgWpbo&p=https%3A//anonyviet.com&dtd=42
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DCF7 158 KB
48 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 08:31:54 GMT

GET
H3 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame DCF7 34 KB
14 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 05:22:23 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame DB98 28 KB
28 KB 34ms
33ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:20:09 GMT
x-content-type-options: nosniff
age: 576705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:20:09 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BE54
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKLutu7DVT5jDx5EhaDU1v8&google_cver=1&google_push=Aa02lx9-2_CfUP4M-wuRaU5_0-LJ5kqfB1lx_7TV9mXvX6zvIlCCwq2vsQuJgcaqmcJhEdlHoxmcA5MmfHCFJIdTogGilcNlVerwLRk
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3025F302B15B46FEB9D9D45FEF3B4F82&google_push=Aa02lx9-2_CfUP4M-wuRaU5_0-LJ5kqfB1lx_7TV9mXvX6zvIlCCwq2vsQuJgcaqmcJhEdlHoxmcA5MmfHCFJId...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3025F302B15B46FEB9D9D45FEF3B4F82&google_push=Aa02lx9-2_CfUP4M-wuRaU5_0-LJ5kqfB1lx_7TV9mXvX6zvIlCCwq2vsQuJgcaqmcJhEdlHoxmcA5MmfHCFJIdTogGilcNlVerwLRk

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 08 Mar 2023 08:31:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3025F302B15B46FEB9D9D45FEF3B4F82&google_push=Aa02lx9-2_CfUP4M-wuRaU5_0-LJ5kqfB1lx_7TV9mXvX6zvIlCCwq2vsQuJgcaqmcJhEdlHoxmcA5MmfHCFJIdTogGilcNlVerwLRk
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 07 Mar 2023 08:31:54 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BE54
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMXf76RyMQhgFqZab1GuJnw&google_cver=1&google_push=Aa02lx8mJ9vJlX7oxNE-5pNk1arg2v-6u0ZvCQCUbRSefAnSs7X_d_lnA0qLSRdF-aX8eCsw1fjecOKr...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMXf76RyMQhgFqZab1GuJnw&google_cver=1&google_push=Aa02lx8mJ9vJlX7oxNE-5pNk1arg2v-6u0ZvCQCUbRSefAnSs7X_d_lnA0qLSRdF-aX8eCsw1fj...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk3MDU1NDM3MTQ5MTM2ODUx&google_push=Aa02lx8mJ9vJlX7oxNE-5pNk1arg2v-6u0ZvCQCUbRSefAnSs7X_d_lnA0qLSRdF-aX8eCsw1fjecOKr...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk3MDU1NDM3MTQ5MTM2ODUx&google_push=Aa02lx8mJ9vJlX7oxNE-5pNk1arg2v-6u0ZvCQCUbRSefAnSs7X_d_lnA0qLSRdF-aX8eCsw1fjecOKrNhYZItCtaZKCnv8DSicy-lo

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk3MDU1NDM3MTQ5MTM2ODUx&google_push=Aa02lx8mJ9vJlX7oxNE-5pNk1arg2v-6u0ZvCQCUbRSefAnSs7X_d_lnA0qLSRdF-aX8eCsw1fjecOKrNhYZItCtaZKCnv8DSicy-lo
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BE54 0
12 B 31ms
30ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2d4afE_oNxT2hrMpwVsL27xWV9bc-OdADCHg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3CBE
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKLutu7DVT5jDx5EhaDU1v8&google_cver=1&google_push=Aa02lx-SnbHeqI4Kq4XTF7jfamC98tKgnSVcX8f5qtoWBWkhHN5jG0NtfFYxDrlQ86xABtHf_cHD-eoIQ82-HV-cJg5zWR1WpbgV7SY
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=918BBDDC1D0843BFA444EB3BF2D62EC8&google_push=Aa02lx-SnbHeqI4Kq4XTF7jfamC98tKgnSVcX8f5qtoWBWkhHN5jG0NtfFYxDrlQ86xABtHf_cHD-eoIQ82-HV-...

170 B
188 B

39ms
39ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=918BBDDC1D0843BFA444EB3BF2D62EC8&google_push=Aa02lx-SnbHeqI4Kq4XTF7jfamC98tKgnSVcX8f5qtoWBWkhHN5jG0NtfFYxDrlQ86xABtHf_cHD-eoIQ82-HV-cJg5zWR1WpbgV7SY

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 08 Mar 2023 08:31:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=918BBDDC1D0843BFA444EB3BF2D62EC8&google_push=Aa02lx-SnbHeqI4Kq4XTF7jfamC98tKgnSVcX8f5qtoWBWkhHN5jG0NtfFYxDrlQ86xABtHf_cHD-eoIQ82-HV-cJg5zWR1WpbgV7SY
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 07 Mar 2023 08:31:54 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3CBE
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMXf76RyMQhgFqZab1GuJnw&google_cver=1&google_push=Aa02lx9clmKIesB4Zjlrm3CvWdnYOpKytRqIMCI1S0e8ZlPCK4Vob-LFalF2dDNbHsD7lpNyBu-VDSl4...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMXf76RyMQhgFqZab1GuJnw&google_cver=1&google_push=Aa02lx9clmKIesB4Zjlrm3CvWdnYOpKytRqIMCI1S0e8ZlPCK4Vob-LFalF2dDNbHsD7lpNyBu-...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI3NTEzMjcwODk5OTU2MzQwMw&google_push=Aa02lx9clmKIesB4Zjlrm3CvWdnYOpKytRqIMCI1S0e8ZlPCK4Vob-LFalF2dDNbHsD7lpNyBu-VDS...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI3NTEzMjcwODk5OTU2MzQwMw&google_push=Aa02lx9clmKIesB4Zjlrm3CvWdnYOpKytRqIMCI1S0e8ZlPCK4Vob-LFalF2dDNbHsD7lpNyBu-VDSl4Ufki3JPsff2tFtQkfwg4pg

Requested by

Host: anonyviet.com
URL: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI3NTEzMjcwODk5OTU2MzQwMw&google_push=Aa02lx9clmKIesB4Zjlrm3CvWdnYOpKytRqIMCI1S0e8ZlPCK4Vob-LFalF2dDNbHsD7lpNyBu-VDSl4Ufki3JPsff2tFtQkfwg4pg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3CBE 0
12 B 30ms
30ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JsW-QjRZ6CBzmlFIuaKFLXI6QkEqAPBchGtoQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6B11
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

31ms
31ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 08:31:54 GMT
expires: Wed, 08 Mar 2023 08:31:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 08:31:54 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/1705650209257677185/ Frame DCF7 1 KB
1 KB 20ms
20ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1705650209257677185/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f98c35f7aa96d2853c689cf6547aa9bfc700cab9693a30c98ba9f275dd61ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 20:26:08 GMT
x-content-type-options: nosniff
age: 561946
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1226
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 16:30:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Feb 2024 20:26:08 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DCF7 0
0 63ms
63ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cf6Jv-UcIZJ-fKtPD6wThgKeYBMCI8K5v-YeYm48Q_ZrmuJYdEAEg3J73UmCV-vCBjAegAfGaoNAByAEBqAMBqgT1AU_QXybkq6HCUo8OkhTDqkQJ9BF_4NEZa05b-CnEfKnN_fb1PV-hUPFhXawAZMyAcUrD1DJxXEHxJ9MshyhlVXJ3ZBQ37Uh2iO54hEg5Ho1FXtlgA5ZL2t78uxrhlugqG_2Y2YuL9uGjY1MHUHDIE5TAPTlr6i7C__VN0CmqKH1XRLLvBZatqfdRuUycQoi-nGtfGnlnZX7E63SzE_iXINv7aTR4UsypvHWBCtfi8vPgn9BRY4nR6FS7XAXg83rm18QBy7W2H8orlTUXpUgDloptp0PfwsPz5gkcBLbTrSN2naYC67brxhOCir-n5Ta0nRwlB1xqwASTotrrkwSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH9-TfrwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDn3wnSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0yNjQyNjQwNDY2MzM2NjQ5GAA&sigh=ZUiOIkw_xZI&uach_m=[UACH]&cid=CAQSOwDUE5ymrhYggFC6-sIu4eVs4rRKyzAPW9KcoY8hSiX68kPL4FlGqc3He0JSvn_UeemDJAYxxb7LOJbnGAE&template_id=5001

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=280&adk=2603416086&adf=3803891251&pi=t.aa~a.280637418~rp.1&daaos=1678233736636&w=1170&fwrn=4&fwrnh=100&lmt=1678264313&rafmt=1&to=qs&pwprc=2659037108&format=1170x280&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264313604&bpp=1&bdt=2602&idt=-M&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D397f6e8d981f9038%3AT%3D1678264312%3AS%3DALNI_MaA6C1OhneARynHevk8dsz_G_tXHw&gpic=UID%3D00000bc2674e4a1b%3AT%3D1678264312%3ART%3D1678264312%3AS%3DALNI_MZ_l5NvB854Y-sEqH0pJ6_yacKt8g&prev_fmts=0x0%2C1200x280%2C1170x280&nras=3&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=oMQSHgWpbo&p=https%3A//anonyviet.com&dtd=42
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 08 Mar 2023 08:31:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7122 143 B
166 B 22ms
20ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2642640466336649&output=html&h=280&adk=2603416086&adf=3803891251&pi=t.aa~a.280637418~rp.1&daaos=1678233736636&w=1170&fwrn=4&fwrnh=100&lmt=1678264313&rafmt=1&to=qs&pwprc=2659037108&format=1170x280&url=https%3A%2F%2Fanonyviet.com%2Ftieptucdentrangmoi%2F%3Furl%3Dhttps%253A%252F%252Fwww.watched.com%252Fdownload&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678264313604&bpp=1&bdt=2602&idt=-M&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D397f6e8d981f9038%3AT%3D1678264312%3AS%3DALNI_MaA6C1OhneARynHevk8dsz_G_tXHw&gpic=UID%3D00000bc2674e4a1b%3AT%3D1678264312%3ART%3D1678264312%3AS%3DALNI_MZ_l5NvB854Y-sEqH0pJ6_yacKt8g&prev_fmts=0x0%2C1200x280%2C1170x280&nras=3&correlator=5256364240302&frm=20&pv=1&ga_vid=2112452769.1678264313&ga_sid=1678264313&ga_hid=750522802&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759876%2C44759927%2C44774606&oid=2&pvsid=4165028374417609&tmod=1492832068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=oMQSHgWpbo&p=https%3A//anonyviet.com&dtd=42
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 584
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 08:22:10 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7080 1 KB
643 B 35ms
34ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42456
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 20:44:18 GMT
etag: 48472445140208031
expires: Wed, 08 Mar 2023 20:44:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DCF7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46a5d1b4499ef41d56003fe3e16d4c52330df01b1d41c225a5043c371d359bf9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame FFA6 36 KB
14 KB 35ms
34ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 20:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 20:43:58 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7122
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

34ms
34ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 08:31:54 GMT
expires: Wed, 08 Mar 2023 08:31:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 08:31:54 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7080
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKLutu7DVT5jDx5EhaDU1v8&google_cver=1&google_push=Aa02lx9C66iFS_xUaKdKshfXARP4xsRWAM4L9VNxM7wMA5frmP75sZVXBrwVeo-5NtQ7SxpEG_J5dMRpqpxNhf308PN_MzZIqrvUamA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=918BBDDC1D0843BFA444EB3BF2D62EC8&google_push=Aa02lx9C66iFS_xUaKdKshfXARP4xsRWAM4L9VNxM7wMA5frmP75sZVXBrwVeo-5NtQ7SxpEG_J5dMRpqpxNhf3...

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=918BBDDC1D0843BFA444EB3BF2D62EC8&google_push=Aa02lx9C66iFS_xUaKdKshfXARP4xsRWAM4L9VNxM7wMA5frmP75sZVXBrwVeo-5NtQ7SxpEG_J5dMRpqpxNhf308PN_MzZIqrvUamA

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 08 Mar 2023 08:31:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=918BBDDC1D0843BFA444EB3BF2D62EC8&google_push=Aa02lx9C66iFS_xUaKdKshfXARP4xsRWAM4L9VNxM7wMA5frmP75sZVXBrwVeo-5NtQ7SxpEG_J5dMRpqpxNhf308PN_MzZIqrvUamA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 07 Mar 2023 08:31:54 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7080
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMXf76RyMQhgFqZab1GuJnw&google_cver=1&google_push=Aa02lx_R7v8DASMH7Phbeacya2PkgGimwGQuJpXstQAd_oP1Gexj9YxCmanzVylo0Qqtu2JMuGfLRrgi...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzc5MTU0NjQ5MTA0OTI4ODY0Ng&google_push=Aa02lx_R7v8DASMH7Phbeacya2PkgGimwGQuJpXstQAd_oP1Gexj9YxCmanzVylo0Qqtu2JMuGfLRr...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzc5MTU0NjQ5MTA0OTI4ODY0Ng&google_push=Aa02lx_R7v8DASMH7Phbeacya2PkgGimwGQuJpXstQAd_oP1Gexj9YxCmanzVylo0Qqtu2JMuGfLRrgicndhqRH0rWc599MVDUWhgQ

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzc5MTU0NjQ5MTA0OTI4ODY0Ng&google_push=Aa02lx_R7v8DASMH7Phbeacya2PkgGimwGQuJpXstQAd_oP1Gexj9YxCmanzVylo0Qqtu2JMuGfLRrgicndhqRH0rWc599MVDUWhgQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7080 0
12 B 30ms
30ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K0SiWSEvELkmvM5cLNjt33nheVRUW8SrKlcQk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame DCF7 28 KB
28 KB 33ms
33ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:20:09 GMT
x-content-type-options: nosniff
age: 576705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:20:09 GMT

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame 8599 36 KB
14 KB 35ms
34ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 20:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 20:43:58 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 80ms
80ms XHR
application/json 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023030201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f96c7c4331380ce0165946578fa425c0c67ccd2500dc41644b6fe6905e75a80a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11120
x-xss-protection: 0

GET
H2

200

/
www.facebook.com/login/ Frame F4F6
Redirect Chain

https://www.facebook.com/v2.8/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df20102da83028cc%26d...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...

0
0

99ms
99ms

Document
text/html

2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df20102da83028cc%2526domain%253Danonyviet.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fanonyviet.com%25252Ff3312f342190218%2526relation%253Dparent.parent%26container_width%3D1580%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fanonyvietdotcom%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=ea1b34bef4c7b55a93892f6e5ee49325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Mar 2023 08:31:54 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 9/YndoGGNXfx/IPfFXCxbtbVskuTM2wisFZ66Lh8ReIdOccWMJ7T2Zw8gleV6oRUghIqqKUqU5AacamecNelFg==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 08:31:54 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v10.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df20102da83028cc%2526domain%253Danonyviet.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fanonyviet.com%25252Ff3312f342190218%2526relation%253Dparent.parent%26container_width%3D1580%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fanonyvietdotcom%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width
origin-agent-cluster: ?0
pragma: no-cache
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: FcHyUqPaqBvikQRf1Edkfm+xklSTaDfU51IcXqIuR2gadGEj6fo7psna3Rop6iLCS8sXwG60sG1mdKsJahlbkg==
x-fb-rlafr: 0
x-xss-protection: 0

POST
H2 204 rum Show response
anonyviet.com/cdn-cgi/ 0
203 B 23ms
23ms XHR
text/plain 2606:4700:3030::ac43:8c4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anonyviet.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8c4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json

Response headers

date: Wed, 08 Mar 2023 08:31:54 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://anonyviet.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7a49b97f280330c0-FRA

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Mar 2023 08:31:54 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 118A 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1077
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 08:13:57 GMT
expires: Thu, 07 Mar 2024 08:13:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 90B0 783 B
536 B 65ms
63ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e236160f2257ea6423374399957f56886bfa05bc0eec543ea1d978c7a9ecaba7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-B0GDtI9NhXA_GGx_W5Sygg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-B0GDtI9NhXA_GGx_W5Sygg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 08:31:54 GMT
expires: Wed, 08 Mar 2023 08:31:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame 118A 36 KB
14 KB 35ms
34ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 20:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 20:43:58 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 90B0 0
0 68ms
67ms Image
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023030201&jk=4165028374417609&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AC76 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrv0VYGXV43ZvPjOoFuB7TNTEHQUgmVmgHdETQhgRbcm0RmESqRvWexz56UW6bbMTYgicZlkepBIpNUL3TmPCCLeus8Yg9dJ5EnZpqNrICyGcA_zAyKKRabv6HYuEQ0kmB8d81LQ&sai=AMfl-YStZ7MC0pMnKr683_zgJ6aAMZEo6cK6LuRbODfNVhxC5QqYPxEZsTaq4PCq0ylmsRg1xYn2SwBEDd-9xZ5WexJXGYHA22IIruY&sig=Cg0ArKJSzLIdrCi2w5FcEAE&cid=CAQSKQDUE5ym0gpHxIuDtQ-9mKRX_ilhrBGmHiVtQaQFTvTWMS0hrT0WVvjtGAE&id=lidar2&mcvt=1025&p=0,0,124,1005&mtos=117,788,1025,1025,1025&tos=117,671,237,0,0&v=20230306&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678264313696&rpt=412&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 118A 0
12 B 20ms
19ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FB0DNQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:31:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 528C 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYzvhfOxqT6MNxs3C9OyJrfkzpUDPIm1nfZ0_3RuMX-3yhKh5pHfB6R0nZLAtHavYFSiAaAzYh20WUqOE8fqg4vWxIWHXdj0ot1g9QmWojYFldF5imMeBgrtMOV9e4WEWveRrDhA&sai=AMfl-YSXJHSZYLRGo1Z3Oeu0L482IfiJ3NE3Qbk6SdDpoKxEn1P1yONj3_1O2sTK2U-Od9f1TmH71e31WFAYDgbW8BSFR-EZbagyLuY&sig=Cg0ArKJSzDfRO2cgl5AfEAE&cid=CAQSKQDUE5ymXwb5M4IghQiij7ZJQjMkTLiDSnU8WxbY-WPkHgeeKl1BVkR4GAE&id=lidar2&mcvt=1029&p=0,0,280,1200&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20230306&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1104571469&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678264312976&rpt=1312&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:31:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 70ms
69ms Image
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023030201&jk=4165028374417609&bg=!hoWlhdHNAAbv3-2Ez987ADkAdvg8Wo7RDJ4U7Gl-s916HlyPuPMTQOjl2NSQsEeel_AThLgAVk4Q4rXqWahxcg5tcjwLI_B2YFkCAAAA7VIAAAACaAEHmQKjpYiL_D7IVwIiVUeWgf1-WpHjABpS279ST20BYCd1jWRosRJLo3jecxofT0swTbQtUnjxJldCW6KznmgrYd9etHVUSG3r1A-U3wxwyUWCbwObO4UlSNUYe5ElVKuA0yEHxMfJT6rLUnSdMOe-aymoLRnHW3QeDvXylgn9m4R6YPyBBxxrkIcoP_WbWWpSiBOm5yArXDEDvvIQbtwOxbBpJKAZW2lwomWtvqnE57JCUTd2tqzb6eNqCAQg_hZ8J4JUNABk412kNR-SRam5Zh4a1HBjTNbFOX1J0pn-KnIo6Y-2fSqF-FURqZULZJjtSItH_NEk2aSRrl0twG-NJn42ptgUrB8XR00wEbZi7DslTIeIMfcR1MrrXGq8i2-c8wQb2BGT0R_faHG6rv24vahno_RL9hAf8sQ2l7_LIDD2wA1QXZz7cOZXL00n9iQpMf_Mpv36MUlAJOh6C3cS3Wap0cf32IyDOgF1_4NsJ-za2EI4AbGrZ59UiVwY3kK2GGe9L9qCR0-bWlEYrFwOtxLk-5N2rLCISnlTNTpH1wXeVaqrGdLRtVo7lyxR8382s0YJXg0iXVzceVsf1uOnGyEIjvlO0FQXq6sa9zaP0vYfpQ0wks6WLKuaAfAwZjdyHGNYuoS2QgVv5h12bGVOHwIDvKRXEfekPVqyOKxUBoAYG1DIm2EYxMAff9OxodVBvc9sxrSgq-AWk1G8pnQdmtXxPBL1rPAW9BiE5SZFdca73IBkdp7fzWOdnZzpIgNHu1guMeYGnq9fxJyIXLN-WbexsuP7ANkkE6jTivxrUB1JSbN-Kx5j2_PJF0yjEI6zByy3fjj0_afQEeza7yYQolsqz45FG53CVMsARwhEVJESyB7S2p-_8UoIgrVMzw5JEYuqRKqz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anonyviet.com/tieptucdentrangmoi/?url=https%3A%2F%2Fwww.watched.com%2Fdownload
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 7F16 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68dbd69350f68eda44680a79b4f8e24d8f8b9218bccafa9749f2c1911ff352fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/MC6AHTCPP4KGD57DBPMSPC6VVZHYUJTLITOLZU7COF7VMIQ2RWMPJKZHTV4WEKLSPMBWV4OSRIFQKRMUBUR65FCG5O3UW7HK6TYMWBAVXXQGK65EO46WWHPBDCEDI6MMIOHRAE2BYPGRBNARBAD65NEL44PRJG... Frame A266 26 B
151 B 101ms
25ms Image
image/gif 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/MC6AHTCPP4KGD57DBPMSPC6VVZHYUJTLITOLZU7COF7VMIQ2RWMPJKZHTV4WEKLSPMBWV4OSRIFQKRMUBUR65FCG5O3UW7HK6TYMWBAVXXQGK65EO46WWHPBDCEDI6MMIOHRAE2BYPGRBNARBAD65NEL44PRJGEVPBEBIZNZTEZLQMR3JTFQB2JO2RDXK67LGEMBMXXWVWKUIHYRJDRMOB7SXUQ4F6XHNAEXS6QTQ4FOT5D7UNBHC6F673EYABUY5G5U4SQYE4JS6BNMW3XR5OGVWPPW47CYIYJPXWKCG6WYPYUMKF4HPUF5XF2ENTCXFY3OPXWGSFQNJZKTKM4NH6P7BN3BI6GIXCCMCSWKO7EPUHYQD3VQ/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 08:32:05 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 ev1
eb2.3lift.com/ Frame 7F16 37 B
139 B 24ms
24ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ev1?inv_code=adasia_allpublishers_desktop_300x250&aid=42972975451547897721560&rev=5d57158&pr=ZAhH-AANE1kKd7ORAAMIMKgsCCIIdE-oS-bcOg&bc=0.013&bmid=2460&biid=6335&sid=90892&brid=563620&adid=65815469&crid=9710657&ts=1678264312&bcud=13&ss=5&caid=0&unid=0&cepos=0&ceid=0&cb=26882
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:32:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7F16 42 B
64 B 67ms
67ms Fetch
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssuCAAnnumg8EwMd7Noz78m-rsh9Mf0yt1TRPy_cfSwLarLLQYD1QG7i92RbMBVi8xd4nQKZ4mjdfcKmTdp9wygjDdS&sig=Cg0ArKJSzB5KT6XrmVxLEAE&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230306&bin=7&avms=nio&bs=0,0&mc=0.69&if=1&vu=1&app=0&itpl=20&adk=1555566212&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678264313130&rpt=536&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 08:32:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ev
eb2.3lift.com/ Frame 7F16 37 B
139 B 25ms
25ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ev?inv_code=adasia_allpublishers_desktop_300x250&aid=42972975451547897721560&rev=5d57158&pr=ZAhH-AANE1kKd7ORAAMIMKgsCCIIdE-oS-bcOg&bc=0.013&bmid=2460&biid=6335&sid=90892&brid=563620&adid=65815469&crid=9710657&ts=1678264312&bcud=13&ss=5&caid=0&unid=0&cepos=0&ceid=0&cb=20946
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 08:32:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Verdicts & Comments Add Verdict or Comment

284 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.anonyviet.com/	1970-01-20 19:47:04	Name: _ga_3BC4SCE7WS Value: GS1.1.1678264312.1.0.1678264312.0.0.0
.anonyviet.com/	1970-01-20 19:47:04	Name: _ga Value: GA1.2.2112452769.1678264313
.anonyviet.com/	1970-01-20 10:12:30	Name: _gid Value: GA1.2.480850209.1678264313
.anonyviet.com/	1970-01-20 10:11:04	Name: _gat Value: 1
.anonyviet.com/	1970-01-20 19:32:40	Name: __gads Value: ID=397f6e8d981f9038:T=1678264312:S=ALNI_MaA6C1OhneARynHevk8dsz_G_tXHw
.anonyviet.com/	1970-01-20 19:32:40	Name: __gpi Value: UID=00000bc2674e4a1b:T=1678264312:RT=1678264312:S=ALNI_MZ_l5NvB854Y-sEqH0pJ6_yacKt8g
.openx.net/	1970-01-20 18:56:40	Name: i Value: 09390f75-6496-429e-ac37-d80392e23608\|1678264313
.criteo.com/	1970-01-20 19:32:40	Name: uid Value: f712d697-d669-4404-8e14-de6f0585bbd7
.3lift.com/	1970-01-20 12:20:40	Name: tluid Value: 2218822600144605325985
.doubleclick.net/	1970-01-20 19:32:40	Name: IDE Value: AHWqTUnnKn37rSLHiMQLBCZz2C86x7MnjUdjSleDftY1XUYSA4eZoXs3b8c8Ie93DnY
.doubleclick.net/	1970-01-20 10:11:07	Name: DSID Value: NO_DATA
.blismedia.com/	1970-01-20 18:56:44	Name: b Value: 640847FA4FBCA2DFA6AAA907BLIS
.mathtag.com/	1970-01-20 19:36:59	Name: uuid Value: 91fb6408-47fa-4900-898c-3c61a23c087f
.mathtag.com/	1970-01-20 10:54:16	Name: mt_mop Value: 4:1678264314
.turn.com/	1970-01-20 14:30:16	Name: uid Value: 2661471712884186123
.bidswitch.net/	1970-01-20 18:56:40	Name: tuuid Value: 58fda6f2-d323-4bf2-bbe0-bbde0e4a000b
.bidswitch.net/	1970-01-20 18:56:40	Name: c Value: 1678264314
.bidswitch.net/	1970-01-20 18:56:40	Name: tuuid_lu Value: 1678264314
.casalemedia.com/	1970-01-20 18:56:40	Name: CMID Value: ZAhH.gykg93pfqobQWUk8QAA
.casalemedia.com/	1970-01-20 12:20:40	Name: CMPS Value: 2228
.casalemedia.com/	1970-01-20 12:20:40	Name: CMPRO Value: 2228
.anonyviet.com/	1970-01-20 19:32:40	Name: cto_bundle Value: sy_AEl9wUklNZ1E1dER4WFAzU1ZHa3glMkI4SlZEV0RCNk1YcjBtbGpmaDdPMVpWWUFvU2ZnSHlSbUZIbnNTY1FsSDlMT1pvRkpwT0NRVGNib1p1d240alBiUG8zdllOQmJOc1dXNmdCMk43d1ZkYTFNMjM3SEZNRzhndVlzZU1CM2syZDBUJTJGeUM3UlZLR28lMkJHUWt0Sm83UnZSWlElM0QlM0Q
.bidswitch.net/	1970-01-20 10:11:04	Name: google_push Value: Aa02lx_KWvTx15GHfZJGJUjb4i_zblg5ImCzKrcS-LSYa-h7gsJztnlmYgA_OepOw1vAs1-tLCS3h5Mypnxqr4kOTzdLNoCEiFw-dgA
.simpli.fi/	1970-01-20 18:58:06	Name: suid Value: 918BBDDC1D0843BFA444EB3BF2D62EC8
.adform.net/	1970-01-20 10:55:42	Name: C Value: 1
.tribalfusion.com/	1970-01-20 12:20:40	Name: ANON_ID Value: alnseFtZdPuem7SpBnA8ogK0bJoM7ZblD5oQZbavqWboUUBIGMrulrZdMPbZcFQBH1RfUgn4BIIXjLKVY3U8ZadIxW
.adform.net/	1970-01-20 11:37:28	Name: uid Value: 4275132708999563403

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://anonyviet.com/wp-content/themes/jnews/css/chuyen-huong.css Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271801&client=ca-pub-2642640466336649&fa=1&ifi=9&uci=a!9&btvi=4&xpc=dLms9SzQm8&p=https%3A//anonyviet.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

31fc7ad8c02c85727a3eb2c08fc219be.safeframe.googlesyndication.com
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.webpushr.com
anonyviet.com
b1t-eudc1.zemanta.com
bcp.crwdcntrl.net
bot.webpushr.com
c1.adform.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.webpushr.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
ib.3lift.com
id5-sync.com
images.dmca.com
marketingplatform.google.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
r.turn.com
region1.google-analytics.com
rtb.openx.net
s.tribalfusion.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync.mathtag.com
sync.teads.tv
tags.crwdcntrl.net
tlx.3lift.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
widgets.outbrain.com
widgets.zemanta.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
zem.outbrainimg.com
142.250.180.198
142.250.186.130
151.101.130.132
151.139.128.10
157.230.100.179
162.19.138.116
167.172.175.225
167.71.54.9
178.250.1.11
18.185.173.185
18.66.97.36
185.29.134.244
185.80.39.216
199.232.18.132
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.227.153.223
23.35.209.30
23.35.237.86
2600:9000:2250:e600:a:e047:752:b361
2606:4700:10::6816:3556
2606:4700:3030::ac43:8c4d
2606:4700::6810:3865
2606:4700::6811:180e
2606:4700::6812:18ad
2606:4700::6812:acf
2a00:1450:4001:802::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2008
2a00:1450:400c:c07::9d
2a00:1450:400d:802::2002
2a00:1450:400d:806::2002
2a00:1450:400d:806::2003
2a00:1450:400d:806::200a
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2004
2a00:1450:400d:80c::200a
2a00:1450:400d:80e::200e
2a02:2638:3::3
2a02:2638::1c
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:400::485
3.64.167.250
34.102.146.192
34.120.135.53
34.160.236.64
34.96.105.8
35.204.74.118
35.227.252.103
35.244.159.8
37.157.4.23
52.222.139.35
52.223.40.198
52.50.248.190
76.223.111.18
00526e46a0cd4e0849012e53b5a9a2d003af41042d22f7cd4d6e2aaeb38577fd
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05c4c5e3b032ecb2b1c572f3bceb7295500482280315dd77c33df7a27e78d460
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
1037b86726d75746e484fc71deba07e385af13ebc9fc0d87806e6b68271e2c30
1490aad284b9af37c925810fe6cad4bf2b972ffbf906462c0e391d3218bd1224
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c468f25c66a9aeaa637ca5244f64ec7f967734b2dc2aa92b667cf5316155e81
1cd6396792d7bfdd898dcb9f2ee195387179b30fb4cc2cdc0c57575fab655230
1f429f4e2829515fb4ff9b67d875c2d023f08610e15a049ac0976715dd02182a
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
2500cea629c6bbfc4ab85693f21ac707f0a92d02f32781a2bea98f7065e4fbd2
28b48599f70697062736ea3a1ba1615648de56246ed31a5de2af29885ccd88d2
28c926f1275b729eedf81bb869082a2715898ae82a25fd4da8e8ba2104d7e63f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2db9f73aadc19fc7a482d18f2ad3626268a76237e4d64f07d46214ca3fed20d6
2f840763a07b5312fc63528256e33b2b0c49ba19d3ff5a2167d3496236f0afc7
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3fadf99638094a841349a5bc82be83289b9b7c795838626f5ab8462763bad224
3fb15fb7492e5ad3fdd512293b3284f9a3fbfebdfad1f253e2891a288d6ba7d0
40a7601282c7b3e6b5b0f0413199a813f9e9333e7e8791363ddea982747ed856
423ac0d177cdc8239da4ec1baa26a380f4b43141f749f2a75a6d079bc3ef27a6
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45f768f0645b03e75c61604c9d8cd684b9ad27a59fea01c8e6d5183c003925b8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46a5d1b4499ef41d56003fe3e16d4c52330df01b1d41c225a5043c371d359bf9
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48a3803c66697398863063eaad8263078145e5d97110d0b777a7347640a5afc6
48b2d240737cceb970b7b3ef8b86aef31f321c9d51f0af1fa1f4c68544e5d498
49bb365f5d56fc4d77739e2f67e5b6e78f75077adabe86a4ee4fa844e9720721
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea737ac05e8ee5e490220d97b820834c18cd7c6f1da7d85007a51a5c64425df
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
51b9a80bb5b987880dbde1d15bc552bb7ef1881b7d6a25b18bda20341b12e2cc
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548bbadf154ec47e52b1050b83e2899a75b4902e178a90bb38e8d621a9e22a06
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345
5706d2c26d70d4732ce11818b66d9e07b524b3151c115e9834c17275891ef7fe
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5b1546ae8f493de03b1ca99f9f955a20785679be18625354b363f2f8311f421b
5b9d993214b34e5c5f6c6f5d273bf1d600d21f37cd8fa3d2c4cc19ef0af96044
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24
5f98c35f7aa96d2853c689cf6547aa9bfc700cab9693a30c98ba9f275dd61ac2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f65ffb477798fa5c43f612569ca418f3768d11bcf083c48684d50c0e3983d0
62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e
664e73c5179ee5b5bd9bc25d38f940db171a99015670d017a8049898c4086382
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429
68dbd69350f68eda44680a79b4f8e24d8f8b9218bccafa9749f2c1911ff352fa
6a2d500d4ac0bba5317698b68c383179098a0ad47879f56de7318ceb37fba68e
6bbe94a691a7444bc65779ac2f9cecbdac43a35fafc7db164187412c818b2c79
6c3a243888bcab4081eed3ced9d82ac05f778de88d1b8a7b698011f55772f47e
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
709665667acf84fa3fc279f9227b349f6786127f13cf15ceb7fdae7bc47db38e
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
81b08e1a4df373f382931550b1700ff5820a741fb9741b9fefb6fa9df3c6b30e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85adddf8b04a947f000872c064145ddd13125e63a024e720664bf184a7144ce9
8a5d0e9eb548299980ec962ed34068013e54c3ccc4b4b29190ec8068c0fc9601
8bac631dfefdb96cf5526520c21e9ef3f585bba973970a7e62b10c945741105c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
93ff621ac7fa5d46c69366b0e695c90c06ac8c01cc280a99dd64515aa33e433b
95caf0d928e9ac5f611390c8827d0e93c095116cf90cca254c6eeac3058c2a03
96e6c17750959ad07d14787e73509692be230928accc68fb6e1cd63e9360c350
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8b6332c7602c339807b3e262c29b0acb00fc308ef2f6d9636ba5ab41a380540
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
acdebf935ded5cb063dcca7c46be5bbc503af5e76e295f6d0b7093c4514ed256
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
af209aa7494525be2b331227ec57fbe731749a484662424fb28072badbf4b61d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b2d31599822dae1353d655633c6dbd9454ef2138d172798f4a91119eedd6d89d
b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433
bacbbc585275032e9c612473e00d2072bb1815f8b45717dfcfc6487e6d1b5482
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc57fa080ddff449bf9688de3151827a8b98d67669b23798e31520befe4e7332
bf6e4bba0b899b524b548bf23c41019c1aa61cf3fed996bebc1049eaf5cec405
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cae70f7f613213bdc11271cda588e057abc99c8d7b45c33699631707a771ee71
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d1919eaa9a8c784fd55dd273fe1d5f1be8e5286b2f23ed5773bffea4fab74b4c
d278a77dc164d9eb3deb489db56077f6c912e96d7d8a70e3f6e689c8e23adb21
d3fe40ef9a202db16183076b4fc07b5b5ae7ecd5830814f7db93b0031be4828d
d5d2ea2d47c3b3f850beb6f9461fb4827e512f91ba5efb19715f350979a39cc3
d978f321eccbc1abc8ecb97e525855c6950f8feda06ec0ad6d7d7b0e03933d4f
dc83418b8007928f670603b01c80c22f60f7b282e1a415cde65c5f9d7d264aab
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e162d0bd095b76aa5b05015ff5f9b919cb988d44395d20fb80ae21dd61e9bf4b
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e236160f2257ea6423374399957f56886bfa05bc0eec543ea1d978c7a9ecaba7
e2ac0c300cb6d56d95595853c2ade73359dcc18dacb24782c539213934ff7b1c
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
ea3f3023104b5f4fff7c92e90cdcc12c9369f6a9984d34b36b67e82b93852ba1
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
eeee178c2c744742504a107a69ac6850f3bdd38b6e91785d45ffaa88b5260e22
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4a3dfb85adaef242c85d85c13609b23807ad8c0c96d12044edccefceffaa763
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f516ad758b25f4d1c6c8bf43604339460415462fda70479de7ca2e56f654079c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f73b32958219302340ffe65b86a891c0d5b6554a28382e3b4a3ab2f7cb9b184e
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7d8448242cefe7f9f68008d73cd8a07bcc79d419d7127f21caf1f5a2f99496a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f96c7c4331380ce0165946578fa425c0c67ccd2500dc41644b6fe6905e75a80a
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
feb53de7103cfe17c2e2a4468dfd1c7c54250b52f433f033b16f1dc89e4d5de5
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

anonyviet.com Open in urlscan Pro 2606:4700:3030::ac43:8c4d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

231 Requests

92 %HTTPS

52 %IPv6

41 Domains

65 Subdomains

57 IPs

10 Countries

2956 kBTransfer

7786 kBSize

27 Cookies

20 Outgoing links

Redirected requests

231 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

anonyviet.com Open in urlscan Pro
2606:4700:3030::ac43:8c4d Public Scan

Screenshot
Live screenshot

Full Image

231
Requests

92 %
HTTPS

52 %
IPv6

41
Domains

65
Subdomains

57
IPs

10
Countries

2956 kB
Transfer

7786 kB
Size

27
Cookies

231 HTTP transactions
7 data transactions