ads.giaitriwin79.us Open in urlscan Pro
172.67.180.80 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ads.giaitriwin79.us/
Submission: On June 21 via api (June 21st 2024, 4:18:37 pm UTC) from US — Scanned from US

Summary HTTP 152 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 152 HTTP transactions. The main IP is 172.67.180.80, located in United States and belongs to CLOUDFLARENET, US. The main domain is ads.giaitriwin79.us.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 26th 2023. Valid for: a year.

This is the only time ads.giaitriwin79.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
109	172.67.180.80 172.67.180.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:820::200a	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:80d::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:816::200e	15169 (GOOGLE) (GOOGLE)
1	23.48.224.16 23.48.224.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	31.13.71.7 31.13.71.7	32934 (FACEBOOK) (FACEBOOK)
16	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	23.34.59.10 23.34.59.10	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	157.240.241.35 157.240.241.35	32934 (FACEBOOK) (FACEBOOK)
152	12

109 172.67.180.80 (United States)

ASN13335 (CLOUDFLARENET, US)

ads.giaitriwin79.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.224.16 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-224-16.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.34.59.10 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-34-59-10.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.241.35 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-lga3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
109	giaitriwin79.us ads.giaitriwin79.us	5 MB
20	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	13 KB
11	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	100 KB
3	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 5540 api.livechatinc.com — Cisco Umbrella Rank: 5088	30 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	178 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 268	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	1 KB
0	closwbay9bak.org Failed ipv4.closwbay9bak.org Failed ipv6.closwbay9bak.org Failed
152	9

	Domain	Requested by
109	ads.giaitriwin79.us	ads.giaitriwin79.us
20	www.facebook.com	ads.giaitriwin79.us
11	connect.facebook.net	ads.giaitriwin79.us connect.facebook.net
2	api.livechatinc.com	cdn.livechatinc.com
2	www.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	ads.giaitriwin79.us www.googletagmanager.com
1	cdn.livechatinc.com	ads.giaitriwin79.us
1	cdnjs.cloudflare.com	ads.giaitriwin79.us
1	fonts.googleapis.com	ads.giaitriwin79.us
0	ipv6.closwbay9bak.org Failed	ads.giaitriwin79.us
0	ipv4.closwbay9bak.org Failed	ads.giaitriwin79.us
152	11

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
t.me
play.win79d.com
1.1.1.1
i.win79.fun
www.google.com

Subject Issuer	Validity	Valid
giaitriwin79.us Cloudflare Inc ECC CA-3	`2023-12-26` - `2024-12-25`	a year	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-31` - `2024-06-29`	3 months	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-31` - `2025-01-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ads.giaitriwin79.us/
Frame ID: 7A2A6E66E693ABA1BCDD66AD177F731A
Requests: 152 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Win79 - Game bài đổi thưởng vượt thời đại và đẳng cấp

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

152
Requests

98 %
HTTPS

45 %
IPv6

9
Domains

11
Subdomains

12
IPs

2
Countries

5579 kB
Transfer

6983 kB
Size

3
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/win79gamebaihiendai

Search URL Search Domain Scan URL

URL: https://t.me/win79_gamebaihiendai

Search URL Search Domain Scan URL

URL: https://play.win79d.com/
Title: Bạn đã có tài khoản? Chơi ngay

Search URL Search Domain Scan URL

URL: https://1.1.1.1/

Search URL Search Domain Scan URL

URL: https://i.win79.fun/
Title: Bạn đã có tài khoản? Chơi ngay

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https://win79.org/&sa=D&source=editors&ust=1684347077872733&usg=AOvVaw0oS39mpygcmGNFfe0YHusC
Title: Win79

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

152 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
ads.giaitriwin79.us/ 81 KB
17 KB 369ms
312ms Document
text/html 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.22
Resource Hash: 37ac9dff411f56a2b147b6c38bfed00044c6d9d4596faa74a6eaf1f986315e6d

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 897550917d02b3c7-MIA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Fri, 21 Jun 2024 16:18:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8apEdU18C5u%2BFSt%2FBLLGL%2B7C3X4vyjxHV8Xv3edyV89SNaPbJN%2B1ZJIUoLVEuAmVagkzj%2BgkC4d%2Fab1bjOA%2Br1NOq9zce%2FFi1hRd3aBNwf8IIhdiApCp6QMr5%2FRQkn7fCAEXqguY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.22

GET
H3 200 bg-form.png
ads.giaitriwin79.us/images/ 46 KB
46 KB 317ms
315ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/bg-form.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a99f92fe915b0ca1a1b6143c84826f4d2e7e184dc3dd8f91c9c8f4e5d8fa887b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:29 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 08 May 2023 12:49:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6458efeb-b6f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QDUVCeZrpWafqX0sUm8SNAYmRofaTtiQCsP%2FdH%2BI6eoO8nk6mSKIA%2B%2F6SoLnKLOjvQdCKmWZCi0rw%2BXu2mW2I7agN3Ytsfj736g7X%2FfihO%2BiAR6PoQ1dTySPeGHWAP9l6pEp3wTH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550936f75b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 46840

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 216ms
81ms Stylesheet
text/css 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,300,400,700,900

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d68c87dd14a6d930bcf636725c453c33490c083be547441149fd263be8caf2f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jun 2024 16:18:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 16:12:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jun 2024 16:18:29 GMT

GET
H3 200 bootstrap.min.css
ads.giaitriwin79.us/vendor/bootstrap/css/ 150 KB
25 KB 1026ms
1025ms Stylesheet
text/css 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.giaitriwin79.us/vendor/bootstrap/css/bootstrap.min.css
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
content-encoding: zstd
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"644307fd-2565e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Za%2BEks8g4PPdSZ7JYjxJJSOK8qpdom3yF2tPAAvHdJej8kEmvCeWmfjh8JA6ucwg4Sz8%2F8VMNBmPSTZf7YCuhpwNEyC8S7JzUj9fy9TiOI61SYd%2BdJVolXWrAzeWyg8NxMSxtqcv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 897550937f77b3c7-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 all.min.css
ads.giaitriwin79.us/vendor/fontawesome-free/css/ 55 KB
13 KB 1331ms
1330ms Stylesheet
text/css 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.giaitriwin79.us/vendor/fontawesome-free/css/all.min.css
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
content-encoding: zstd
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"644307fd-da9f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gNRY8Jq3PdRPg54LxmNulKXliSOX4dg9KAUBL3bNEqVFVmea7Jl5cUylkZ%2BQoCDW8dLHZSFi35m9vMesMNDQcoNJRUPZdPL2Dp4gs%2FgMhLx8ClpG0UVntOL2smUTHhk8Ir2SJpm%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 897550937f7ab3c7-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 style.min.css
ads.giaitriwin79.us/build/ 51 KB
13 KB 346ms
345ms Stylesheet
text/css 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3495ce79b5fb295feccdc9a2446e7062fbb4741f13b6bf81cee6f7fd3460bbde

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:29 GMT
content-encoding: zstd
cf-cache-status: REVALIDATED
last-modified: Mon, 20 May 2024 04:54:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664ad793-cd65"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l9pSMovhvfKWptaF6RWa6Bt63sVeZ%2FpAuRzy9bsl4R3z65zbgo6YiidsyplI4qxyTlsI1auF28Kupy%2BazsCrsVEeTKptkkYXsAiPHKPDRCTt5uMearkn%2Fvfb8I4LC1wza3GS6Cmz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 897550937f7bb3c7-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 apphd.min.js Show response
ads.giaitriwin79.us/build/ 85 KB
32 KB 1080ms
1080ms Script
application/javascript 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.giaitriwin79.us/build/apphd.min.js?v=1.0.0
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c34b55cf2da67a1b940191ee2f5bf5540ac4c2098770189f62dd7a4b585f1cb9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
content-encoding: zstd
cf-cache-status: REVALIDATED
last-modified: Sat, 14 Oct 2023 18:42:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652ae119-15544"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=75OLSVKXCpq24OvzXQba7gDDcEJjL97HV1Uf2%2FUWGdU%2F9tWrww66COB6pthNd%2B51ndjdahnKrMMH7neGkXp%2FX7ltym0QoomZS077CcLTZmh%2BAHh9sRiyCeHpPMOxgny1R%2F2Wr4Uh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 897550937f7cb3c7-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 chat-lazy.png
ads.giaitriwin79.us/images/ 104 B
562 B 314ms
313ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/chat-lazy.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38b242c7a9ad57fb755c38125c12585952d56bc074df78dbb90e1f007653b30e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:29 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ei5ZxwTI1mNTo7%2BhVbbnJZWjEQXVK9hxaj4bpsLQ3V5%2F6OpsVh66K26MZNYk6oP%2Foj6BA79K3aFqKo%2FKnaZ7idc52qU3gwCs2mZ%2BHVJbOVL%2BDsbhn0ZcKxOYnQ5QZ7A65opdFge"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550937f7db3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 104

GET
H3 200 logo-lazy.png
ads.giaitriwin79.us/images/ 111 B
565 B 390ms
390ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/logo-lazy.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d91a208d3fec58fc18e388e457a420ffcf89a59f973179ef1b4611ac9d323c93

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:29 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lo9S959ZmmFAkQ6ueQLyi21zgYS5Y6zlXUBdIEf2jyc4JFFY1SydHq1hzfUSAo%2BTIEYKgietoQ4bzrzE3n7Xpnp69MdaGfgWKyfxbNGzOp%2BkXLfpX8PdHYQPo7EkGRvbZxEnMMk7"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550937f7eb3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 111

GET
H3 200 winner-rank1.png
ads.giaitriwin79.us/images/ 9 KB
10 KB 1053ms
1052ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/winner-rank1.png?v=1.0.7
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35c1c252fcd00278cbd173da5e4eee885dcd9440c7e6266a3ec4a742766dceb2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-2589"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2BHMvhF3zCyCXFmgPRahDjntRKhXv%2BHkce799BYRhr6M1aN3ldXSQdR30R6jXM0C%2B9WihuVwWFvq4Rz3SxAlWHL0ltlX0pxGfU90Mnykk0%2Ffa1Sq5uf1GH3x8JiSIJUoMv32Dp3R"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550956a06b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 9609

GET
H3 200 money.png
ads.giaitriwin79.us/images/ 971 B
1 KB 1901ms
1900ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/money.png?v=1.0.7
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1dc5fda0e36647679239e9313fde121d0d2d579977c119e2303b93c30b1650c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-3cb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pUmyyKMhfoMZrOZ2eW6jcELbSByLCqPsyM%2Bs9rfq%2FFUC74vkAPuxpDq8BI8TxZUI6abkeScKvO9mtnNVd97ZJbi2cfxQOEoF%2FQZU8a%2BzUcW%2BjO6RmcCDgbyxzDd4Bh7u98r4zVU0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bda06b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 971

GET
H3 200 winner-rank2.png
ads.giaitriwin79.us/images/ 9 KB
9 KB 339ms
337ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/winner-rank2.png?v=1.0.7
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3979d3ebdaa4217084c8174c3b597680909725abc95b48910ac6b85e03e64ef0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-23b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DlJkUK29OfPRJ0MW3cA6Q08gXZ46JqbzAGcUEsGEm2A%2BYD6ywBg09CzrRGGMI7vH5tT7tECRwN%2Fp5tBfQYjxJHQetvSnCFGMP%2BSlwTw2uYHtBblhZ76e55YGtmDSamDBkRYbY2J1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bda09b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 9145

GET
H3 200 winner-rank3.png
ads.giaitriwin79.us/images/ 7 KB
7 KB 308ms
305ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/winner-rank3.png?v=1.0.7
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44f8bca009029e0b31456ebcddb570e07c2fdc491378442fe81c1894d8b8102a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-1b0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TJ3vU31mvOPhxzo7T9aW03zf3i88waYy7zLdCwoeAAk%2B1%2BxXpuUYHrGYDUNLUrwIoXAwYOg903AB4wSFYgEy5cwDNtuc0i6GZgWE6L1zZX6qwJNSCLfKxPXVQepvsu5DjeUfWDWy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bda0db3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 6922

GET slogan-lazy.png
ads.giaitriwin79.us/images/ 0
0

GET
H3 200 btn-dl-lazy.png
ads.giaitriwin79.us/images/ 112 B
564 B 1063ms
1057ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/btn-dl-lazy.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e856597b4ded91aaa28c09a6a1863e7c17ac275708bebbc1e98d1e6205caeb6b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-70"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3BAX9Y7eHpbMkEbfAAY6bpDq9LQk7y5OSQDeYCwSuPhoI8PN8Km36iEUYWojNDj3av7Jkek0tyGWVEwOTEORRMlhJMbaJnq0NDY60WKjsL%2FDNiidqL4yJsuvkLfHMVaQqA94Hatt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bda10b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 112

GET
H3 200 vuottuonglua-lazy.png
ads.giaitriwin79.us/images/ 104 B
560 B 1052ms
1046ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/vuottuonglua-lazy.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebd570a2c872302de5f9797491b03634a2bca24b197e8f5cc4907db2cf3c06fc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s8jD9mF80dXi2%2FE0ofvWpjBHtylwpdaCuoc8u2%2Fj%2FHLmPy7SRrEvLjMT4uu%2FkB%2FVpfTMi%2FqVa83SgpJvGQCt0%2FIsB%2BDD4KO7QcX2y4WT77v42oJBTSLRXXn0LKcNUGrBoBWWGKBB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea15b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 104

GET
H3 200 btn-main-lazy.png
ads.giaitriwin79.us/images/ 123 B
572 B 303ms
297ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/btn-main-lazy.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a40dc19cf2511b2a3cb700642e9fe12f87176b3a773478a762d0323b7be36c39

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-7b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eoWnYJZBFS72TauJUbH81iFScSEDxiPbtXq0mT2YzAqPAjVaA%2B86JchJMMqRwLuhZ3Gmx2TXyJaCNrdYkkFe9rdNA%2B5A18oHz3teruhYoeUZ%2Bdxf7ySd7xHu6I%2F1ein3TBRLjX7T"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea17b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 123

GET
H3 200 rank-lazy.png
ads.giaitriwin79.us/images/ 118 B
567 B 312ms
306ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/rank-lazy.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 981a5f550ed9f2f2fb3c26c9d11e071ff9b08a6a837cb8d95203da56ae45a1d7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-76"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8IW2eO9JW9nb9Bh7NESm348I8jeNB6V330t3p3Avmd5eVIDDGSl%2BF7IDmTqFFzaUkPZnfCdwTOBkt7adouYYAzgMvVO7gqX7uCRQuOKQ%2F5wScICo%2B1weFB8aayQBjFtBBDeSvYKC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea1ab3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 118

GET
H3 200 tab-active-lazy.png
ads.giaitriwin79.us/images/ 111 B
562 B 348ms
342ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/tab-active-lazy.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec28ff4890a98a2c1eb854ed9ec27038d413489b905936d95ff02559058f5e20

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fnV4OvPT0E0WrZH%2F1Cu1I3EIB7OiVuU7ebtzJZRtfm%2BpROYvOfAKPjO470jGpxBwtXBFcf65ijjNIDBuV9qtyjpX9O%2F4XJlcq0FURCDfMOKncEwxBEVuGnzvzw0xBF8hxX%2B7M1lQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea1db3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 111

GET
H3 200 icon-lazy.png
ads.giaitriwin79.us/images/ 2 KB
2 KB 1056ms
1050ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/icon-lazy.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0aed86436c0439f8d534d2ae8dcc6c7169d343aee95297ad1ee0a09288ba6c7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 28 Apr 2023 16:49:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644bf90f-675"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ARd162qdgYIa31szdmQukJbdVUzBI0FnFZEjX2XR26KKLGO1ZCiuY%2FVNF3ACNm27gcn6R2ZiBUvV6Xp7hKgpk3p6vDRpq3qso1wTyHc9o%2FbxpoYc%2BRP8LhhkoACZhjULy8hAS8t2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea1eb3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 1653

GET
H3 200 btn-dkdn-lazy.png
ads.giaitriwin79.us/images/ 114 B
564 B 1166ms
1160ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/btn-dkdn-lazy.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a26a33349b41a904e2b7368f4dcf43b5eb7c6f542add82090cb4c0ecf620c33

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-72"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yxAXBcv5dNKWJCPWepj6YlAEctDbdqEfKEm2ftsddEylHGYWDXN6ob5c1oAo4XI828B4qSOIadO6xbEdNcbQftVQUibLRIZPyIv4PWaHM0MlXWA22VZgT3HWoTrEn7eYAyIVB4ZF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea20b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 114

GET
H3 200 adv-lazy.png
ads.giaitriwin79.us/images/ 146 B
607 B 338ms
332ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/adv-lazy.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a29fc54a07056fddf42f7c9062597cd82a3fc7089d5ef14e421a398e6af20ffc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eh3qUAyumv%2F9leDjYPDscxTYRisHavtDE1RmOCXFfUELX%2B%2Bl57Qi7fJkwrBbVD514AabIOd%2F2KjyA%2FOLtoZaOKBJv9%2BDVAxo6l8IQEu95WEPT%2BgV2H6FTl7qppp1kJW1IZjgLS3P"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea22b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 146

GET
H3 200 btn-dl-lazy-v2.png
ads.giaitriwin79.us/images/ 102 B
549 B 1250ms
1244ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/btn-dl-lazy-v2.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb5fe0c96abadf23fc4c637edfa2a5096938640246acd60455083e59c422b9bf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nM8VroWImOE%2BW1HAzpWwBR9YEW1taIMkey7howlpVRNWYJfiy3h8TAxItWAzzaFTZ1tG8G7jSZlDitj6O2cRZgroN4T4GrC%2BCr7iDkXioq2ZDX1eRKaSpx6nHFr3WuuBO6PtybYP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea25b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 102

GET
H3 200 loading.gif
ads.giaitriwin79.us/images/ 2 KB
2 KB 305ms
299ms Image
image/gif 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/loading.gif
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-663"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=61%2B32RSQudN9Try2m31SPhZfuiaOfzybDods0vPLE64tp5hry5mUA5zVakWX4QyE7nLmzhAWCZUju1%2BdpBtSeQAt%2Fv3GVWE46RAiE1PzUc%2BHKfu2CgPtgulE3oeEp9Vh3e%2BhdgdV"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea27b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 1635

GET
H3 200 close-about-lazy.png
ads.giaitriwin79.us/images/ 98 B
552 B 1154ms
1148ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/close-about-lazy.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47efdd1f42293f62d9fcca3d1d3cec1b3a264ee6db92741b7918712942f7e6a1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=43D0KNU735DMEfepw%2Bk5KOAfCc%2BuqgYfoMsn1bba2cqZEAfE7GmShl4hSlySjP%2BQsjYcPjcXddEV6JbFMII%2FTHJVU4xSe3Ta6%2ByZD8xFgfwTVgZTlNi9uADwQCKnMwoWXCZ%2FKGY0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea29b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 98

GET
H3 200 image4.jpg
ads.giaitriwin79.us/images/ 71 KB
72 KB 504ms
499ms Image
image/jpeg 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/image4.jpg
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eccbb9672b85650b223cc2461fffa2dbb003bd9c448cd3d6380125016b5879c2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: MISS
last-modified: Wed, 17 May 2023 17:51:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6465140a-11d64"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JfGrEeH9woSqRJLmRWIW2YGWtIyeumQsxowFd0vlxgJO4olVR%2B%2FK11GxieuMwKsSZF5KKq5GZFYmjnxuTYlhBU1JhvwBjQhhG4Shmn8B3tuuY%2BjEQrXZrfq2DBBxf9ZDn%2FyvSAam"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea2bb3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 73060

GET
H3 200 image9.jpg
ads.giaitriwin79.us/images/ 138 KB
139 KB 602ms
597ms Image
image/jpeg 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/image9.jpg
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5973fb6f8ebb71dea93a9147d822549a4850acc42a3469c75ab4fedd6496b983

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: MISS
last-modified: Wed, 17 May 2023 17:51:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6465140a-229e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PKObt0ljatyksekw0v%2BQ4%2FC9PQesQu9U9fUNfdczyBOmG6t9woj4cw4XGYb%2FHIVgwZQT%2FxgSDwNuPZexZ1VwCEIKuvZQXLMeLyP4NNId%2FYICtzsvH1PqTOaYhP%2FbAf%2BkXS2R6R7%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea2eb3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 141800

GET
H3 200 image2.jpg
ads.giaitriwin79.us/images/ 41 KB
41 KB 397ms
392ms Image
image/jpeg 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/image2.jpg
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e96c634ad1e5f3a500654e0b9578f714da806c8ac04f5214fcd69aed488b99d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: MISS
last-modified: Wed, 17 May 2023 17:51:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6465140a-a227"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FUWnyv6GJNE3Q1bqwos5cXUc1Gjwe40aujZK3jr7pJg9kpPKkm4kaD9vBM6onJTKD3prSU0aBboMAnlNe2Gr99nnR%2BqNEjsB6Lk9CHsAxUTYsraFJOKOPVxX3gLXJAVsAUe%2BC0V9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea2fb3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 41511

GET
H3 200 image6.jpg
ads.giaitriwin79.us/images/ 117 KB
117 KB 1319ms
1315ms Image
image/jpeg 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/image6.jpg
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 234a3218807b3343b10bcefc9e8807811b2f4afc4073f6a7b6ae962ddc233945

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 17 May 2023 17:51:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6465140a-1d21f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L0PVJYI3mcp3dRugJvdwbJHZ7GL60teaoeveikeMKIzFoumhq1P229WvEUwKngnVhoE4HfTSpEoTbfz1oUyULro1S9xeTSCAXGT6g2IwB%2BEhZu82iYjS9msJqzih2iaZrY3MAxDH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea30b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 119327

GET
H3 200 image7.jpg
ads.giaitriwin79.us/images/ 65 KB
65 KB 1091ms
1086ms Image
image/jpeg 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/image7.jpg
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35af097fde4ea4bb3f29cf4404dbca9c8442e553fe75d9545958a9be3b7bfd54

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 17 May 2023 17:51:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6465140a-1030b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2Bqp9JSU%2BX%2F7t2p33dNRHWZ1HH4ID5GZCtLXqVOK1A%2B9I04jl5M61QHE8AvvatUa1IAUqVuqQwSNGizHAwJcjt0bGBdQLwHzLi8lR3ntw7leXRiGQcUHNvAzXmNY6bQA3IAg%2FEmz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea31b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 66315

GET
H3 200 image1.jpg
ads.giaitriwin79.us/images/ 42 KB
42 KB 2666ms
2662ms Image
image/jpeg 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/image1.jpg
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c71624af566f3245d2ecde15a84d3fb8fe842c0a3a1928960d41e2aef024c16

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:33 GMT
cf-cache-status: MISS
last-modified: Wed, 17 May 2023 17:51:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6465140a-a749"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eu7TZ8cRpBzNKJFfVWOz%2Fwq0FgBZ1K5xOGafIOn55i0RFf0wscugUY9DixoLHUN4c4tsk8Hbo%2F1svS3z0hsIWoGX00U6JqJ69whlhKqfrlxFnwabs6TsegdxUiUSB9kHsna5gInB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea32b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 42825

GET
H3 200 image5.jpg
ads.giaitriwin79.us/images/ 56 KB
56 KB 346ms
342ms Image
image/jpeg 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/image5.jpg
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67c49238df46e4cd4701491d1f1d97c5db48d86bf6d5dc409d3abea86cf2f664

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 17 May 2023 17:51:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6465140a-df55"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0zlwdtrXqYSMLGkvF1XK72c36Kukgokl8r5kFFa5pq%2BGQyJa5aeen2EZL7hf0oOdtPQ4SVCNZbxluXbuSnSRQyxVlISoBA3vQN%2BCy%2FvrjST6QXedJ1mEN7jek%2BY55Cx1NV%2FkHpwi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea33b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 57173

GET
H3 200 image8.jpg
ads.giaitriwin79.us/images/ 40 KB
40 KB 408ms
404ms Image
image/jpeg 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/image8.jpg
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fa668e52f79d008d43cf98f8c14b6c95d8a1b7a2cf0db0a011936b9a093c1e5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: MISS
last-modified: Wed, 17 May 2023 17:51:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6465140a-9e5e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kEksANh%2BNZs3Aq%2FVr39iwgaNcvIS6QDN7Qnfn9L%2B0gRmZOjFbwrONiXH8ZY3ARSMlQCC9jucFh22C%2F4qssSqyF32XmdHMdrWEmPPGNYfFaeWgbhWp%2FH50JYPHCJ3U4BRPTpFlNu4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea34b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 40542

GET
H3 200 image3.jpg
ads.giaitriwin79.us/images/ 75 KB
75 KB 1168ms
1164ms Image
image/jpeg 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/image3.jpg
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f091e1d441288ecb2e4751e9b263bc552df511fc3405d3439b93d3b4b29ddbff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 17 May 2023 17:51:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6465140a-12bc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JtnrxBChGjD4sFby7DgQDJBgvzN5r3UdGiNHgy%2BjaLoQ5d6RLClA2by%2FCtHJqnymTbSluTZd0%2ByyCa7Ipo2mHq1NpRBMQvkaHkn9ZwkZFi3SVgZJUqJW44dLrHK2yDzW6tBaojO0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea35b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 76736

GET
H3 200 image10.jpg
ads.giaitriwin79.us/images/ 53 KB
53 KB 1214ms
1210ms Image
image/jpeg 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/image10.jpg
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e024ceb80aad75b72044fa250422849569484454f65d0dcfbe224defaef72641

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: MISS
last-modified: Wed, 17 May 2023 17:51:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6465140a-d3ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QrGm6UYFURbpYDfL1zjKBljEg8v7Ioe8NuyB1iRLhCtJEzew%2BVyeRKnUWu42qn1SSHgPbaQUJ7tYCAa2ZMleugHv7rt1npCEsVxGT2jrxCd1NYKmNJcxzj817wOdzgvGthm%2Bm8IK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea37b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 54271

GET
H3 200 app.min.js Show response
ads.giaitriwin79.us/build/ 307 KB
99 KB 1277ms
1277ms Script
application/javascript 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.giaitriwin79.us/build/app.min.js?v=1.9.88
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92ed6848b795db8c2deb24a11c5e6bfecdd4ba181d27da87b0c30eb53143892d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
content-encoding: zstd
cf-cache-status: MISS
last-modified: Mon, 20 May 2024 04:54:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664ad793-4ca7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BEeQVFptnuVFuFtWuDSAPQ06%2F99rOomXAe8WpcN4zXPHzUO3GRE3kJbM3N8UsjZYuf%2B0SqFjD%2FEnA%2B%2BIdvwcRe%2Fd3s0EZkub01pY62VOqJXQPmlqJC6VSm9qia6BextxL%2BjjeQPB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 897550962afdb3c7-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.marquee.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jQuery.Marquee/1.5.0/ 6 KB
2 KB 80ms
40ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jQuery.Marquee/1.5.0/jquery.marquee.min.js

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23b9b39ea61308052256b9921bf1c0de6698bcf0c04e3e4f2978adc86168ff6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 90259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1756
last-modified: Mon, 04 May 2020 16:11:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ebd-1718"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eM1wQPGECUGT3NUdKbiGTe5c1fV3FAcb%2Ffg1TuTz0HwX2qoZgLT3sx3ZkwPud4GD1i0kREVWEVnKqVGz9XHyyBUdJaXynsmqF3Z7Xt8jT5Oe7GCAOkWXBtEsnb27w7fe%2BoGNUTaW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8975509c1a3474c6-MIA
expires: Wed, 11 Jun 2025 16:18:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 227 KB
75 KB 244ms
112ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N29R5DGQ

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c069d58fd7a01544c71d35093e8fc3f6d946a94490b10a39b16b7e4ca04d2f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76029
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Jun 2024 16:18:30 GMT

GET
H3 200 chat-lazy.png
ads.giaitriwin79.us/images/ 104 B
0 4ms
4ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/chat-lazy.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38b242c7a9ad57fb755c38125c12585952d56bc074df78dbb90e1f007653b30e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:29 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ei5ZxwTI1mNTo7%2BhVbbnJZWjEQXVK9hxaj4bpsLQ3V5%2F6OpsVh66K26MZNYk6oP%2Foj6BA79K3aFqKo%2FKnaZ7idc52qU3gwCs2mZ%2BHVJbOVL%2BDsbhn0ZcKxOYnQ5QZ7A65opdFge"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550937f7db3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 104

GET
H3 200 money.png
ads.giaitriwin79.us/images/ 971 B
0 1897ms
1896ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/money.png?v=1.0.7
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1dc5fda0e36647679239e9313fde121d0d2d579977c119e2303b93c30b1650c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-3cb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pUmyyKMhfoMZrOZ2eW6jcELbSByLCqPsyM%2Bs9rfq%2FFUC74vkAPuxpDq8BI8TxZUI6abkeScKvO9mtnNVd97ZJbi2cfxQOEoF%2FQZU8a%2BzUcW%2BjO6RmcCDgbyxzDd4Bh7u98r4zVU0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bda06b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 971

GET
H3 200 winner-rank1.png
ads.giaitriwin79.us/images/ 9 KB
0 20ms
20ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/winner-rank1.png?v=1.0.7
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35c1c252fcd00278cbd173da5e4eee885dcd9440c7e6266a3ec4a742766dceb2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-2589"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2BHMvhF3zCyCXFmgPRahDjntRKhXv%2BHkce799BYRhr6M1aN3ldXSQdR30R6jXM0C%2B9WihuVwWFvq4Rz3SxAlWHL0ltlX0pxGfU90Mnykk0%2Ffa1Sq5uf1GH3x8JiSIJUoMv32Dp3R"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550956a06b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 9609

GET
H3 200 winner-rank2.png
ads.giaitriwin79.us/images/ 9 KB
0 335ms
335ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/winner-rank2.png?v=1.0.7
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3979d3ebdaa4217084c8174c3b597680909725abc95b48910ac6b85e03e64ef0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-23b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DlJkUK29OfPRJ0MW3cA6Q08gXZ46JqbzAGcUEsGEm2A%2BYD6ywBg09CzrRGGMI7vH5tT7tECRwN%2Fp5tBfQYjxJHQetvSnCFGMP%2BSlwTw2uYHtBblhZ76e55YGtmDSamDBkRYbY2J1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bda09b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 9145

GET
H3 200 winner-rank3.png
ads.giaitriwin79.us/images/ 7 KB
0 303ms
303ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/winner-rank3.png?v=1.0.7
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44f8bca009029e0b31456ebcddb570e07c2fdc491378442fe81c1894d8b8102a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-1b0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TJ3vU31mvOPhxzo7T9aW03zf3i88waYy7zLdCwoeAAk%2B1%2BxXpuUYHrGYDUNLUrwIoXAwYOg903AB4wSFYgEy5cwDNtuc0i6GZgWE6L1zZX6qwJNSCLfKxPXVQepvsu5DjeUfWDWy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bda0db3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 6922

GET
H3 200 btn-dl-lazy.png
ads.giaitriwin79.us/images/ 112 B
0 1058ms
1058ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/btn-dl-lazy.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e856597b4ded91aaa28c09a6a1863e7c17ac275708bebbc1e98d1e6205caeb6b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-70"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3BAX9Y7eHpbMkEbfAAY6bpDq9LQk7y5OSQDeYCwSuPhoI8PN8Km36iEUYWojNDj3av7Jkek0tyGWVEwOTEORRMlhJMbaJnq0NDY60WKjsL%2FDNiidqL4yJsuvkLfHMVaQqA94Hatt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bda10b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 112

GET
H3 200 btn-main-lazy.png
ads.giaitriwin79.us/images/ 123 B
0 300ms
300ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/btn-main-lazy.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a40dc19cf2511b2a3cb700642e9fe12f87176b3a773478a762d0323b7be36c39

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-7b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eoWnYJZBFS72TauJUbH81iFScSEDxiPbtXq0mT2YzAqPAjVaA%2B86JchJMMqRwLuhZ3Gmx2TXyJaCNrdYkkFe9rdNA%2B5A18oHz3teruhYoeUZ%2Bdxf7ySd7xHu6I%2F1ein3TBRLjX7T"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea17b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 123

GET
H3 200 icon-lazy.png
ads.giaitriwin79.us/images/ 2 KB
0 1052ms
1052ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/icon-lazy.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0aed86436c0439f8d534d2ae8dcc6c7169d343aee95297ad1ee0a09288ba6c7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 28 Apr 2023 16:49:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644bf90f-675"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ARd162qdgYIa31szdmQukJbdVUzBI0FnFZEjX2XR26KKLGO1ZCiuY%2FVNF3ACNm27gcn6R2ZiBUvV6Xp7hKgpk3p6vDRpq3qso1wTyHc9o%2FbxpoYc%2BRP8LhhkoACZhjULy8hAS8t2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea1eb3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 1653

GET
H3 200 adv-lazy.png
ads.giaitriwin79.us/images/ 146 B
0 335ms
335ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/adv-lazy.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a29fc54a07056fddf42f7c9062597cd82a3fc7089d5ef14e421a398e6af20ffc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eh3qUAyumv%2F9leDjYPDscxTYRisHavtDE1RmOCXFfUELX%2B%2Bl57Qi7fJkwrBbVD514AabIOd%2F2KjyA%2FOLtoZaOKBJv9%2BDVAxo6l8IQEu95WEPT%2BgV2H6FTl7qppp1kJW1IZjgLS3P"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea22b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 146

GET
H3 200 vuottuonglua-lazy.png
ads.giaitriwin79.us/images/ 104 B
0 1047ms
1047ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/vuottuonglua-lazy.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebd570a2c872302de5f9797491b03634a2bca24b197e8f5cc4907db2cf3c06fc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s8jD9mF80dXi2%2FE0ofvWpjBHtylwpdaCuoc8u2%2Fj%2FHLmPy7SRrEvLjMT4uu%2FkB%2FVpfTMi%2FqVa83SgpJvGQCt0%2FIsB%2BDD4KO7QcX2y4WT77v42oJBTSLRXXn0LKcNUGrBoBWWGKBB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea15b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 104

GET
H3 200 close-about-lazy.png
ads.giaitriwin79.us/images/ 98 B
0 1151ms
1151ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/close-about-lazy.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47efdd1f42293f62d9fcca3d1d3cec1b3a264ee6db92741b7918712942f7e6a1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=43D0KNU735DMEfepw%2Bk5KOAfCc%2BuqgYfoMsn1bba2cqZEAfE7GmShl4hSlySjP%2BQsjYcPjcXddEV6JbFMII%2FTHJVU4xSe3Ta6%2ByZD8xFgfwTVgZTlNi9uADwQCKnMwoWXCZ%2FKGY0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea29b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 98

GET
H3 200 tab-active-lazy.png
ads.giaitriwin79.us/images/ 111 B
0 345ms
345ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/tab-active-lazy.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec28ff4890a98a2c1eb854ed9ec27038d413489b905936d95ff02559058f5e20

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fnV4OvPT0E0WrZH%2F1Cu1I3EIB7OiVuU7ebtzJZRtfm%2BpROYvOfAKPjO470jGpxBwtXBFcf65ijjNIDBuV9qtyjpX9O%2F4XJlcq0FURCDfMOKncEwxBEVuGnzvzw0xBF8hxX%2B7M1lQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea1db3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 111

GET
H3 200 btn-dkdn-lazy.png
ads.giaitriwin79.us/images/ 114 B
0 1162ms
1162ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/btn-dkdn-lazy.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a26a33349b41a904e2b7368f4dcf43b5eb7c6f542add82090cb4c0ecf620c33

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-72"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yxAXBcv5dNKWJCPWepj6YlAEctDbdqEfKEm2ftsddEylHGYWDXN6ob5c1oAo4XI828B4qSOIadO6xbEdNcbQftVQUibLRIZPyIv4PWaHM0MlXWA22VZgT3HWoTrEn7eYAyIVB4ZF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea20b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 114

GET
H3 200 bg-header2.png
ads.giaitriwin79.us/images/ 16 KB
17 KB 455ms
454ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/bg-header2.png?v=3.65.2
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f32efab3e613d54ba8a902582e4d9c71c427d40671d35b3e767b4d02c979ba74

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 28 Apr 2023 16:49:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644bf90f-416b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C7hwgTYGiC1QfXNYmRmtHGMXWvFxfIaLiElyV%2B38k7qw21PFoT7wW7iJH%2FrDrBlqm3mN9d5TnoR%2F5E8jwXbIVJ0KA%2FrJgsSQMwYsCv4XmLWdllM6oZanbj6NjzDR6%2B7PeRb7nEc8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea38b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 16747

GET
H3 200 bg2.jpg
ads.giaitriwin79.us/images/ 64 KB
65 KB 1339ms
1338ms Image
image/jpeg 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/bg2.jpg?v=3.65.4
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 920139bd32dda0f1e985189d3cba55cd3a0ffc471f230468c83f3f55c5e2a795

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: MISS
last-modified: Wed, 01 Nov 2023 07:41:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65420144-10086"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FEHGldRO3R5NhmoVx8lJ3uTTeD3dr59FQfXoQkUjgwkyPNuZrg6q%2Bjbhw0ZuDstphu3km%2Bf64MY7R0duQvOHoAG2PVeOMUwAZ%2Bgc9DJsav4aYQeWHiux6v1VLO2PMy0zf3b0lnev"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea3bb3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 65670

GET
H3 200 bg-hotmatch.png
ads.giaitriwin79.us/images/ 9 KB
9 KB 327ms
327ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/bg-hotmatch.png?v=3.65.2
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b58191e86807185aaf9aacff7f14f7bda665cc7c6b359a343a8ae20bc4b48425

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 10 May 2023 05:12:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "645b27d7-23f7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NoT%2Bi3rN5DAH04r1zhYU3LnaP2f5Sx1KfztIOb0JOiBmxU7W2elesSDUzAgDDCamnPVINs%2BkFVFkbM%2BEamu%2BkoZ4IEMJQMq78HX4qMajuP1pyIPUAq%2F%2Bo9Ji81ZpIEDWp3X4%2FFMk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea3cb3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 9207

GET
H3 200 loa.png
ads.giaitriwin79.us/images/ 3 KB
4 KB 1295ms
1295ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/loa.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d95436f7767d00183b0ad333c2886d86116f46a2c089346295fc5f1cbde9d7fc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 10 May 2023 05:12:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "645b27d7-cee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R6BQJOdIWuwtFsLfuXP0MBNZH8Igrx9t79r7cj8d%2F6rzwERtQeiCYg2e8g%2FcOG2%2B%2B8%2B7gkvE%2FU1LHFf%2BpRq6l1qkq0qCP%2BcUwBPeIpGw%2BdIFgRuP%2BVGb5OAHVec5LSmxCdBlufuQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea3db3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 3310

GET
H3 200 bg-same.png
ads.giaitriwin79.us/images/ 251 B
709 B 1062ms
1062ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/bg-same.png?v=3.65.2
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 075aa3958cf5201a738a711338ff0e2b6304e08c804c669b5b759e00184f71e0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 28 Apr 2023 16:49:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644bf90f-fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XPUV3vZQLf6ZV%2FpMylAaKYg8u2NoVP%2BdwOLexyGFWf7lznVDndcIaV%2FMQ40oyMcGvHyjmkciwVQUxyuMd1umZl8gYzT21VBjUpr4JEQN3RvHXmbdw2qHNK76YvpE790%2FOJ%2FukH0i"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea3eb3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 251

GET
H3 200 winner.png
ads.giaitriwin79.us/images/ 39 KB
40 KB 521ms
521ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/winner.png?v=3.65.2
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 772176209d43c449df429e107b27e22a3b11e627562de92d79d859c64a6c7225

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-9d1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UHvf9htwXEAwuWsYBbC38NdBIrxv4mdrXSlTWJpZg%2Fb1zls3Q59WYBlG0nZulBXdcSxLyzn6Sk7gNuqd%2BLVsKrsUtBuEM4wgOhN9UKyOCctJ1mp3DZUOGRuBJwULT89sgM7EhCLm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea40b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 40220

GET
H3 200 bg-moneyx.png
ads.giaitriwin79.us/images/ 52 KB
53 KB 303ms
303ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/bg-moneyx.png?v=3.65.2
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad2b8011f959f9f083ba5d7e778fdfdd3fbb6c62c0040675be08d9793fd98630

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-d13e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4lptAJ2ttT%2FMBKOMsXs1vFPmkffLDF%2FHtSn2RfVau8qMEJGmqGtSgQrVtuQAVf%2BRsa4Ljip0M6Rp3ZVXIIbHxfWhPWiZV2GsH8njKRIeoSXOdZ678p69OTQRXfOb8KibTi4hdqYC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea41b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 53566

GET
H3 200 racing.png
ads.giaitriwin79.us/images/ 39 KB
39 KB 1028ms
1027ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/racing.png?v=3.65.2
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7d049e4a4d0f8f769cdc296833aa8bb51d35876416af0667f7406476613c3e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-9ade"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jRQpbOAGB%2F8oB4xLv12cfZ1xFZJnKeTdFyHTmJlTkoGiztUAVqk6XXhXfDJJiufBV2WXXJd9sRVceW46MNtCbSgSRFYUHfPWrjTqg04QyP47s5CzgJhSSY7YmWjF07GSqBjHPVq6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509bea43b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 39646

GET
H3 200 conthrax-sb.ttf
ads.giaitriwin79.us/fonts/ 156 KB
156 KB 353ms
353ms Font
application/octet-stream 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.giaitriwin79.us/fonts/conthrax-sb.ttf
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c464fac9dfadef32c17e2eaae4a1065ba33431ccb76b1b580c0b646a3fa27ce6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Origin: https://ads.giaitriwin79.us
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-26ec0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y6rUxXZ%2BQUc1suCKt8fVIlIeIZdW1a%2FXCtU0j8s%2FvIyJO0VFXaoOWOQIGaOcMDEvgkWK0Yc4pagzRqrfi%2BJ8NF%2B0Dbq3JRoFiDMisCGqA5ieEuf0pP9c8dIkuJv%2FYpNGe4J9zy1s"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509c0a56b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 159424

GET
H3 200 SVNBOLD.ttf
ads.giaitriwin79.us/fonts/ 63 KB
64 KB 397ms
397ms Font
application/octet-stream 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.giaitriwin79.us/fonts/SVNBOLD.ttf
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81318f126e63f8658d3ec2f83a20b2854e8333212744a53701a8f100178eb1d7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Origin: https://ads.giaitriwin79.us
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-fd3c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=95kPg6N7gO94ta0sjmG%2FmVyAhhgufEaPkZgkKSJaXGepYA86%2FhLhsyCr6RB1xInRNm8E6rfUcVWEufJchixe3wJltdgk%2BgyoTUkLLF6S85OdvTXnbT2tHE%2BV7JdktL5cxYb4Mao2"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8975509c0a57b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 64828

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 316 KB
104 KB 105ms
104ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-310BTLVP2Y&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N29R5DGQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

34cf677f1033fdadd526d3dd1ba63baee6f6475b15bf5424b244efd792f485d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106193
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Jun 2024 16:18:30 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 199ms
62ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jun 2024 16:18:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=12, mss=1297, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: F5xURhTPeJmcJzldJunF4b37GhuHKDlRUtSimK6NSE0GUpNibJBx09j88S3sInXHPWYbpqkmD5FpBZCETlLsZQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 220ms
79ms Fetch
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-310BTLVP2Y&gtm=45je46j0v9145017223z89163984563za200zb9163984563&_p=1718986710359&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=437496773.1718986711&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718986710&sct=1&seg=0&dl=https%3A%2F%2Fads.giaitriwin79.us%2F&dt=Win79%20-%20Game%20b%C3%A0i%20%C4%91%E1%BB%95i%20th%C6%B0%E1%BB%9Fng%20v%C6%B0%E1%BB%A3t%20th%E1%BB%9Di%20%C4%91%E1%BA%A1i%20v%C3%A0%20%C4%91%E1%BA%B3ng%20c%E1%BA%A5p&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2347&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-310BTLVP2Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 16:18:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ads.giaitriwin79.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 825546689197596 Show response
connect.facebook.net/signals/config/ 67 KB
14 KB 270ms
269ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/825546689197596?v=2.9.158&r=stable&domain=ads.giaitriwin79.us&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5992f5e54ed0fc66369860392f4d504733ea2cb4aae9437f6573c153d066ce19

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jun 2024 16:18:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=66, rtx=0, c=64, mss=1297, tbw=63515, tp=-1, tpl=-1, uplat=207, ullat=0
pragma: public
x-fb-debug: zoQ7f4AWHntRe1+tMJAMPVm9JCNLYjp8dINcvx2YSGVcujcqmNd+b9aWULtrb/pGi91u/h8M5Rb7Lih45PgTCg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 90 KB
27 KB 285ms
63ms Script
application/javascript 23.48.224.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/build/app.min.js?v=1.9.88
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.16 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-16.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a92ffe05385c4d65343693065f7a6d7dbb554bc741c9550d8634aa23ef5f610a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Mw1YqUgK6H2AwYwDtxsidkb55nQv0dY0
content-encoding: br
date: Fri, 21 Jun 2024 16:18:31 GMT
x-amz-cf-pop: JFK50-P3
x-amz-server-side-encryption: AES256
cross-origin-resource-policy: cross-origin
content-length: 27630
last-modified: Thu, 20 Jun 2024 11:04:13 GMT
server: AmazonS3
etag: W/"42364c6d7d99fddb1d95f01aec597029"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
x-amz-cf-id: R2kBgttXGMu7TZ-0W5ve_6KgpJhy3J25McFxkCeVBzONhO0EgV2JAg==
expires: Sat, 22 Jun 2024 00:18:31 GMT

GET collect
ipv4.closwbay9bak.org/sw/ 0
0

GET collect
ipv6.closwbay9bak.org/sw/ 0
0

GET
H3 200 getWinner.html Show response
ads.giaitriwin79.us/ 268 B
613 B 302ms
302ms XHR
text/html 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.giaitriwin79.us/getWinner.html?t=1718986711000
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/build/apphd.min.js?v=1.0.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.22
Resource Hash: aca4da4e4ba38d9e94526266b7806420b2c2f2b77043479c7f93566d5876e81b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-CSRF-TOKEN: e10ba57a54a2108c85b43ec39e394641
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
content-encoding: zstd
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.22
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BNrOWrHdrEbyiQUNpkz0kaPwTgUGs%2FrrHqAkeJBBXEbAGXApTKDFsavEyBZkXHG3RY1fzigVMvgABLYK9GAZzy54BsPFJLXckT3p1AYfb6Jcxk%2FaXFRV67IrXGbOsttOIjNZiEs5"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 897550a1b9bbb3c7-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 getRank.html Show response
ads.giaitriwin79.us/ 273 B
613 B 307ms
307ms XHR
text/html 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.giaitriwin79.us/getRank.html?t=1718986711000
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/build/apphd.min.js?v=1.0.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.22
Resource Hash: 4da505ea6f3625e028ec59074633a63028dae9e0158a438165b0db8afd254966

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-CSRF-TOKEN: e10ba57a54a2108c85b43ec39e394641
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
content-encoding: zstd
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.22
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X67mocpT1Bh9dKSlNjGDCxgm9yudrtiqzzZ6RWOKK9pk9g236h%2BoIfRvcn7QbEaKsRVsNG0Y9Pgcq1%2B6dOIEsOCNXTO3s11T3xqJSpKvhWiBVvJJb5ObCayBmRnW6kRVp7iZhS6x"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 897550a1b9bcb3c7-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jackpot.html Show response
ads.giaitriwin79.us/ 228 B
626 B 2361ms
2361ms XHR
text/html 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.giaitriwin79.us/jackpot.html?t=1718986711000
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/build/apphd.min.js?v=1.0.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.22
Resource Hash: 8433bf03e354863e753d3dbc05855e70d2e8c8022de7e151a22914c0b3ececff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-CSRF-TOKEN: e10ba57a54a2108c85b43ec39e394641
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:33 GMT
content-encoding: zstd
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.22
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KGw1EW5LtRsDtRSW4Oy1e0TD4bk%2FUvWTxGM1EXgDERZjpSEJd9Va9vml8tP9rpJlvgDQizp0OJDnUlr8srQ90vRRV%2FckZsJru2gUoJAfaRyIZpDeXd%2B2NFP%2BVzo1Qq9Y6rE7OKB%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 897550a1b9bdb3c7-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bg-game.png
ads.giaitriwin79.us/images/ 18 KB
19 KB 1087ms
1086ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/bg-game.png?v=3.65.2
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3185e7bde194446dc658e5954c97602d94f9cc05be650b20566dd52f2e5cdf1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 28 Apr 2023 16:49:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644bf90f-48b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yQdwt21u7N0f6UHRfVRBTrehCbUnanklJhXikaAkO6zuUfVhx%2BvQR2aDFk%2FRXPxfaTPqYFzO5cLz0%2BT4JqJ2X2mjNrbD3vi%2B%2Ff0At8zFKP9KqIxhIALQ7t%2Bg5KsWsrmKHgdNQt8P"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1c9c8b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 18613

GET
H3 200 fb.png
ads.giaitriwin79.us/images/ 23 KB
23 KB 1037ms
1036ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/fb.png?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f89763eb455b8aa8b55d4c31ef89452f5e91cc67e7dc17b4a40e50a6052a9589

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Aug 2023 09:23:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64d5fe06-5b08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Piahts%2FGAva68u0rejB5WHbYymk1iQBYS%2FxMGjq96I8Lnt05k1YYtb9c8v3VvYSSJwEIe3Z3WMTC%2F7B8ILGuFO%2BImpJRaOOTlsigJfvE3jp1yCJu03eCUQ0Mp7saxhUcfmz%2FjFOo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa09b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 23304

GET
H3 200 tele.png
ads.giaitriwin79.us/images/ 24 KB
24 KB 1039ms
1038ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/tele.png?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e91d6d55853024930f0f6881740f446be9bc2f94da22f4adcd1901c4063fad93

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 11 Aug 2023 09:23:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64d5fe06-5f98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5kehVnVaJnOq2%2FSVt457OSmGaFj2uzvVutXKpuBbd4q4kqtISSO8Zdljf4nFYRRtcN4tMIL0LFUSoQtYmFh%2FFxrCVPL%2FadYqUILcfQzGF%2B2VtMpFuQOAq5LfocmRPkONG%2BASX9mh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa0ab3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 24472

GET
H3 200 icon-livechat.png
ads.giaitriwin79.us/images/ 22 KB
23 KB 302ms
300ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/icon-livechat.png?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92ca3f465bf99474f13921fd833ca80c1e75272c6e690fcb330c0cdd2558889a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 28 Apr 2023 16:49:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644bf90f-586a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e3D1Buw%2BHcjkcJAczy33WXnnrolpKqp5WP%2BqYF5oLYyv7MuVy%2FP0WulcxkZxejYjfwZwMtLhAyhSO746Yb6Nqxg5%2BHCo%2FyNIVXOrFAHx5eTYmuZINaaydG8HT2%2BNVZvRiHnfTRDo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa0cb3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 22634

GET
H3 200 logo.png
ads.giaitriwin79.us/images/ 160 KB
160 KB 359ms
357ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/logo.png?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc4745c49e7b36562c11318938ea23875cd8437a7cfe420fc8cd7e69bb3361b1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 20 May 2024 04:54:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664ad793-2800a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UT9ubqdWfaDJO5adixVhimCMVEnDLv7rQ1A2CqEG6bEatAhgeUd9mXeSLPbxe4fKO3hcTIcbYsIhLoRiL%2BVANdg0FA8qCKMxo05BmKC5OL%2BF%2FM3s%2BjZnkOBbr5q5g4BX%2FdHWhEZa"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa0db3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 163850

GET
H3 200 winner-rank1.png
ads.giaitriwin79.us/images/ 9 KB
10 KB 1044ms
1042ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/winner-rank1.png?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35c1c252fcd00278cbd173da5e4eee885dcd9440c7e6266a3ec4a742766dceb2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-2589"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8AXHb8aE%2FKO0Dfc3fUI4bLR%2BsDU5keOkd98aOtzJ0tAUeK2jaSS8EI20lcUmi7L8wvT6TA3O7Abp15Sk%2BlDu7vkyFSxjWI9FGftNdnp9gcSCmxZ1iq5dkK41LFimeCbfxFUsix2s"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa10b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 9609

GET
H3 200 money.png
ads.giaitriwin79.us/images/ 971 B
1 KB 1102ms
1100ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/money.png?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1dc5fda0e36647679239e9313fde121d0d2d579977c119e2303b93c30b1650c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-3cb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6fQjKBa9og4lJxHzeNGIHB4U0SFDXbrIFlGXqUcxRRW65lNKiZMC%2FgfIo89CdNZrMB3bVf0YMQpOM70O%2FowPRWmEVFvB9nuwbhIjIGIEQt4ncYN7jUfR5k00RIZQArWdY5pL5RIB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa11b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 971

GET
H3 200 winner-rank2.png
ads.giaitriwin79.us/images/ 9 KB
9 KB 367ms
365ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/winner-rank2.png?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3979d3ebdaa4217084c8174c3b597680909725abc95b48910ac6b85e03e64ef0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-23b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vY98Eg1qSJFwuI7fJoT4Q7%2Bb2HRP4%2BBhLas9qxNMubthDcY4wT4Lam8vnB77VtwTkT%2FD8G9vlMQ61Z%2FLwcCLrchyUQ67YoXDYIX5NrJb5jl4SO3tNJdXRUAbr6P%2BaECbkj2LVPU8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa14b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 9145

GET
H3 200 winner-rank3.png
ads.giaitriwin79.us/images/ 7 KB
7 KB 329ms
327ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/winner-rank3.png?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44f8bca009029e0b31456ebcddb570e07c2fdc491378442fe81c1894d8b8102a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-1b0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hnct3UlMsRuSrjjRrDXtbFNPGMB89dN2mds3%2BeKWfzSptCztQ6nL9kcr7Zj6voA6iGam6pXM%2BWSCyCXr157pOaZUH0hARLdHRUCcPp9kZycog4Sa9zx20LEstPWKNBI9tBz6F%2FJf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa15b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 6922

GET
H3 200 slogan.png
ads.giaitriwin79.us/images/ 25 KB
26 KB 305ms
303ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/slogan.png?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0da65ca6b4acda8087afe07ff8f0aaa22c2530769a4f1bf4833f225e9d040fc3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 08 May 2023 12:49:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6458efeb-648a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JJz6GQY5PVDQxAp9oC3Rlz5jIWQSO5Tc9KBPoXnOdwbPkyQSmmGCbqq6WhZZ4jCgHaZVHbV434A%2BKCtakGfFt7XFIbWLymkFRJHqegrYU9uBbCEO%2BJNUgtDuPjtsxUzmqc58PwX1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa16b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 25738

GET
H3 200 btn-playweb.png
ads.giaitriwin79.us/images/ 9 KB
10 KB 1089ms
1087ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/btn-playweb.png?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6721eb88c24c24246f9323a36beddfed8bdd851ed596eab913c75bbe08124021

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 22 Apr 2023 16:02:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6444051a-255d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DhNUI31MsVdpvUn9FRQ0XBX5gQ2RF3jCknAQb31sWuv45WJ7yvBsx2muHpEQG%2BLsOCGQiiTXYy5zxVPKrcJ5M2PnG2LgAUrWOAU5kwGR9CFKWbjc4tz9oOJVgQewXtgj2JBS%2FJ0D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa17b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 9565

GET
H3 200 vuottuonglua.png
ads.giaitriwin79.us/images/ 2 KB
3 KB 329ms
327ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/vuottuonglua.png?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 935d7b916577c5dde41d0d19f8a368e9e1acf755551f31eca2fcc3a92e35c145

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-8b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q3vtYHK3KLgW8fE2ovqUlNU2nT%2BwtPsQ2icA7tuToSCHj1VN5XSjlrnldo3Gr1oUoeyN2L6jQNAklFQ0Wyk1fPIO0CS3E0u7d9fyOu2E4JMxPmTay9Be4sVBzYXXLsorVw9tNYNe"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa18b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 2232

GET
H3 200 btn1111.png
ads.giaitriwin79.us/images/ 39 KB
39 KB 377ms
375ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/btn1111.png?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 242b535602d0ba7eaae4df7f53927438e856d10f68c9b6a3797e24623608806a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: MISS
last-modified: Thu, 29 Jun 2023 06:56:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "649d2b15-9ac9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T67PUz2QeD0PISH2XhTjPoE%2FtTb2xkJgq8N2v6iTfIbFpizF2dMfZEBcgUgQknn2BD4V7ZwDehgu1e4dsTkGjT07gv5v6MCGLmxzylc0zPwX1iQbcKOnjr4h9FJ42q3AmXFNHVGF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa1ab3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 39625

GET
H3 200 btn-main.gif
ads.giaitriwin79.us/images/ 515 KB
516 KB 408ms
406ms Image
image/gif 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/btn-main.gif?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e258c4c1836df7c9688d63930e1354e1988ea281efac6338fc4378dd88e14397

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 May 2023 06:34:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6459e989-80c35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fzlYH4sJdwOZ8QgvhBmwYK1Lt%2BYbIo179piuiiZseSCRlVmRxD%2BI0gIiVzP%2F5ih%2FLISW%2BilOdaEPEBM0gIzuaHXBt%2FKwU5KBC%2FCTonm50aESxS6a088%2BPnintTw5bmwLNs%2FO2YcA"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa1cb3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 527413

GET
H3 200 btn-main2x.gif
ads.giaitriwin79.us/images/ 604 KB
605 KB 307ms
305ms Image
image/gif 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/btn-main2x.gif?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7458ea665353807b29b429e0e622531bdd4e5eeb2502a89f2c8e198c51e69b5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 20:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653193e7-971bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=umwNF2aOcFsQf%2F1yBRR9DG83MfAODUl3esLAED43hObAx1NUIT75lQbuPF6fd0sMZFA5BvSj2siHXEcYj%2F5mA4UYhChkGvqF35I%2FG1P7l47nxiTKhFhaH1o%2BglgKjts238rMO8nc"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa1db3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 618941

GET
H3 200 btn-main3.gif
ads.giaitriwin79.us/images/ 639 KB
639 KB 1339ms
1336ms Image
image/gif 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/btn-main3.gif?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6ba6b202312eac1413a78f104b48982edc1cd9dd3b89b0285fd8dcea05f170a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 20:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653193e7-9fbd8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EZw6y3NICYxrwrma9u6b6b8QX1Sr8ycLqoH9PnYIqY0TEl05DXFnGcS7jdslhsfI673es86E7Xi%2Bv%2FGgcuuEJWujr1o5oot9YVAaFGf2Ky42XLOpvvDhIwff6NpAfTCpOU1wP3FF"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa1fb3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 654296

GET
H3 200 rank.png
ads.giaitriwin79.us/images/ 19 KB
20 KB 1138ms
1135ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/rank.png?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 461e7847c44d160a24ba9baf638f2ba77c204ed310917113fd7b534e681d35b9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-4cb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2zH3MGDYq3GGniyUN9HKvGN%2Bbc0MXG%2Bzrz4yNOtp57n1JzkSEnM0Grao9ohVbh7QUGvKAzIIMqfP96g%2FoPk38GTq801dfEoGj%2BgKXKWmETIi%2FK218tMHW1Mm73i7VmclNnk3iSQk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa20b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 19638

GET
H3 200 tab-dangky-active.png
ads.giaitriwin79.us/images/ 6 KB
6 KB 287ms
285ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/tab-dangky-active.png?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a78a513c795284c49ea24f5298882f853bc8a24e4c04476170bcd192ab3083ce

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: MISS
last-modified: Mon, 08 May 2023 12:49:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6458efeb-1661"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7aJckGJ1Tt%2F8B3OH6mWopvAyrIvwb86Z3q9d%2FKVAEMS428TCWpaft43xRBYDBvt5xRcOlWq7FLrwWCjLQMS6i6w4ZVtTTyiiehueAOqn2j%2F%2BIAQc9ur9nrMXEqLHntHESzJfXm4x"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa21b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 5729

GET
H3 200 icon-user.png
ads.giaitriwin79.us/images/ 5 KB
5 KB 379ms
377ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/icon-user.png?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce4a90a5f4277cc37df4c749f440c4c407db17053e8f87d744898297591ff349

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 16:49:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644bf90f-1277"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ZMpdDe3Sc07FiBxKqCEDFPAsdO7kbHiuFgCQ1hVs7lHo43YyjctWYanhc2cVy5%2BO93FlYne0gn%2B0%2FLWyD9SriBHIfGaPqIJ%2BbPfuQRF4TkRNXc4xflHhSr9bu7hOQuXNw2SNJLr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa22b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 4727

GET
H3 200 icon-pass.png
ads.giaitriwin79.us/images/ 4 KB
5 KB 1091ms
1089ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/icon-pass.png?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ddd801e6c93a097c1d03f0cf8d539b9ccf6416fe32075212906346a21819321

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 28 Apr 2023 16:49:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644bf90f-11f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eq%2FXskxL2k7OBbVbB7fyjQplP8ArD5JPc%2BxgekAOcCY8bolj%2FpDL%2Fn%2Bs9UzYpuzGgsUtIl%2FAiNXqDGgM8dn6WgMwDWeqbJR7QPzlmgXPXmsBS07xbMGXQicyzcv0xari1Inp%2Fh0C"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa24b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 4596

GET
H3 200 icon-pass2.png
ads.giaitriwin79.us/images/ 5 KB
5 KB 423ms
421ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/icon-pass2.png?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f54cdf772b56c8f09df24d5f10edf5dfba7174acd963d7f7d75cf59471305188

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 28 Apr 2023 16:49:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644bf90f-1418"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dQkdC8wU0SzYgEisxrNrGEedDFtcAvz86Zo0h1WALOpZOgUVcc6wNeUt%2B5SRuSO6isCawBgANZqIEczDD82HeGVFfC82VsL8yzk8b6DmxkAbjfmz6hgjuGoJbK8UFsebUbtvgvJw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa25b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 5144

GET
H3 200 btn-dangky.png
ads.giaitriwin79.us/images/ 8 KB
8 KB 1015ms
1013ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/btn-dangky.png?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66e6506f7505a0849a4580318c5f1165f3442b7cade4b3d56faf3ea63d22ebce

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 08 May 2023 12:49:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6458efeb-1e99"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2B0dROYn%2BN1f%2FyPh6KPQc29Y6%2Brsl9roujn0%2B6UQ%2BXYpqgpjdUkvH%2BN%2FoSvptMZjvxqWcFutJhMflgIeBI9dLDauH0YNBpKa8%2FfAOhFdWFhaOi5TEewhsEDEGihKrguCQ7P6FGE3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa28b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 7833

GET
H3 200 adv.png
ads.giaitriwin79.us/images/ 25 KB
26 KB 1033ms
1032ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/adv.png?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e29acc502d51a983b5c3b52248d56610d211e7039cb9c06eabf00cc99859415

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 08 May 2023 12:49:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6458efeb-65a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BZL19mjbmGjKADRhZ8WNSkBAHedezozkQPFaS%2FbVvyfQbGPLVszpaFE8sykvPB2iwd7X5Q7Desw4%2FZDZe2otw17Lf7wQGrR3PEjr2QR6RM3fyZg8y71CPAevv9P%2FDAKILzSkscLK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa2ab3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 26024

GET
H3 200 adv2.png
ads.giaitriwin79.us/images/ 17 KB
17 KB 1077ms
1076ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/adv2.png?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b51a7b102d4061a92cb0c37be955db922b95c336dedf935f26c37f2504032017

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 27 Oct 2023 06:08:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653b53d8-4388"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jBoyHvqjc8YwFvsQ0XWJOLZ0MdKKztNLhprRLkYdzLMQWZM%2Fsrz889hIgzkZ8Hn7JyArm7gBVn3IHwfTmDwh4eExX5tfyvYSQ%2BR8jzxAO1thmQqHH%2FmWMxmeRf2GNS3tHnBvhISA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa2bb3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 17288

GET
H3 200 adv3.png
ads.giaitriwin79.us/images/ 17 KB
18 KB 1051ms
1050ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/adv3.png?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6965a5d86fa648b2003fa95074ee42389c44defdc12027fd8c4577b3039a7ad3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 27 Oct 2023 06:08:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653b53d8-45f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oyzs08Ve8eUn%2FcFEfXKv2fAcfiiBlgqg1mTzZ7vlq6b36mSjCgwY1%2BEpSzc67v1SAlCaiFr%2FmE2U3AG8x0d8awxUHZzIJfzn%2FnmTuuKv%2FpYgIqhKcTTDw0R5A783RmIM4cyNzf%2FP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa2eb3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 17904

GET
H3 200 btn-dl.gif
ads.giaitriwin79.us/images/ 593 KB
593 KB 1120ms
1119ms Image
image/gif 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/btn-dl.gif?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db45bc7896bfe61840d5d5e8ffc8b0ff59a6386e88df91ff312cd44f7a321193

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 May 2023 06:34:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6459e989-94231"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fFI0SXxNjt4TaLPYBfRETFHpFIIvEh%2BeHDh3c5AI5nOwrgDWZhR1nKA3CcOS3wi0xAhQmV0Ji0xBrmmbU%2FCFuRZerdGB%2BphkPQPWb7MUtlXWMBJJkz0d1dktTXA9ziGl7yMNL3Iu"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa32b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 606769

GET
H3 200 close-about.png
ads.giaitriwin79.us/images/ 4 KB
4 KB 327ms
327ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/close-about.png?v=1.9.27
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fafa1a4bd0cd3cbd2d8e07b04a74cafa68f69b0333c6b59c3bbb43fd264d27b5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-f2e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hOlgVlkc9UhrAafKdUl8i8UM4yoKdIyPwGBv3pVTOqqIa1VHDOSucD%2F5ku%2BQyEMjP52GGPQc0ZHL59hSDi4pNMzAOM0K3ijdWHKd7gt7MHZ3Wu3fmH3SpK3iNVzy0pJJgrp0kz6k"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa35b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 3886

GET
H3 200 arrows-left.png
ads.giaitriwin79.us/images/ 7 KB
8 KB 1046ms
1046ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/arrows-left.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 210899e92cc814ff5541ff9b972fed39c4086dea1852fbfc32a1312c234a306e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 10 May 2023 05:12:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "645b27d7-1d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=duI%2F80CzSXhbr7i4osfKz5nTSPWeCRm5TgX8wL9RahmkpXln3SuFMjFAbd%2FREk8eu0hZYcnYwipQvupD5vgdKdXO5o12UiuKdJJPwmU3y0uMZelwG8TmvXSSdkqCvp8EQcdMr7t2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa37b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 7517

GET
H3 200 arrows-left-active.png
ads.giaitriwin79.us/images/ 7 KB
8 KB 1035ms
1034ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/arrows-left-active.png
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d295f5d029476fcb8dd3d86619fbcb5540edf66704d042829cb1f9383776833

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 13:12:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652d36bb-1d4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PBlhoRnd7i1hwfndh8%2B5Qcc1bz76a3FtC5ngSqe7FrJT72nk%2FeH3Ba4amK%2Brs8qOFv1f4mBsXzZIx9waWAoC%2FdRqpaVUYjE03KT7PhF2v9wIX9eafDHSeoSiOd1mtsOOqo4vjKE0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa38b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 7498

GET
H3 200 game1.png
ads.giaitriwin79.us/images/ 20 KB
20 KB 526ms
526ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/game1.png?v=1.0.5
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf13ad23226567c7251a5209f79cec02f77934498ab2e5b5a24942c18ba35134

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 19 Oct 2023 20:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653193e7-501c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fnAnJEEl7lVpfNiqMKHlpnnfeDDKsqyp39OkorcTQt%2BrEgagbiMRx2J1zG05uy3bjLrYn6FsZpOnjoaatjQAu6h%2F0nW35NKazMpflZupkqEKKZDIgPuuCUL%2FdeDw1Styi7a9MKXf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa3ab3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 20508

GET
H3 200 game2.png
ads.giaitriwin79.us/images/ 19 KB
19 KB 327ms
325ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/game2.png?v=1.0.4
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e557e7bfc09a8442fcf15aa049fa912182b915bcc5fc79d10dd1a7fb9da9b124

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 20:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653193e7-4a07"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aFDnp7%2F7rXEO%2F6JUYGQ6bCyol0sYGHAh6ss0skiN2%2FHbCumYGHm3jebmVYlWuPtsE9pJ7roM%2BLlB3C1%2FFkVfVxaIT9WVHF5GbDEMGagDFaldOfCxIjklS9CexdpXoLGrd2qAeFDd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa3cb3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 18951

GET
H3 200 game3.png
ads.giaitriwin79.us/images/ 19 KB
19 KB 327ms
325ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/game3.png?v=1.0.4
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a1de51b404de14ff237f52ebe9fcb5611061f966d68a1a29ae43912e12513c0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 19 Oct 2023 20:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653193e7-4b90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d2WGzVOOni3bCryh2bKkHqcG4uitdaZTCAb1TnxqfAwc9HepIGE48BjMTyXKh8QUNpnkoTmg3qu2GmEqNUgEjomL%2FHWy23j%2B1KIIx3ev%2FBwBIVBnvGp7okLYKeUeu0OhMM9IYUPZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa3fb3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 19344

GET
H3 200 game4.png
ads.giaitriwin79.us/images/ 23 KB
24 KB 1095ms
1093ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/game4.png?v=1.0.4
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02f38ba6e3e764ddf9925b6c5f2bb925ac5a026a0d8d4b1cd61c071dd46dc66f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 20:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653193e7-5d81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7cd%2FdE0ZfiuGWa%2BcDYivutsq3TnM7ARQjkeEvfq6fQNukZFG0sPTWRJ1geB8%2BuTFowVkERFRDj2CCmszNHY4niz%2FmSpTTUumMz0HsH8yedncNq6QGjCHfqvg6AewtvCDPO1sk08A"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa43b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 23937

GET
H3 200 game5.png
ads.giaitriwin79.us/images/ 23 KB
24 KB 1494ms
1492ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/game5.png?v=1.0.4
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f50f5608be0e73b86cf1072a8ab346969ba9035882e7cf2deb073e896483c5c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 20:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653193e7-5d31"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cTUv8DkTQYiHGM7iJ3sn5XhejJqHA9QALUoFnTr%2FpsGu6eRq80eMaVnYHGc%2FMSttkU34bBNExUNQzEhh6vlTwkNUuEhjPJWIsdb%2BDcAUyBVE5LdgbjlOHNLhfqdBuHnrUOYHzSls"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa44b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 23857

GET
H3 200 game6.png
ads.giaitriwin79.us/images/ 23 KB
23 KB 327ms
325ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/game6.png?v=1.0.4
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2525c91bbb1f6aee60bf491c874cab636bb816d7e6a8c33dd5c147f71032d4fb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 19 Oct 2023 20:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653193e7-5b0f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0XT2igEBKI76gZpNb%2BvFzAhzwRLJbX5r%2Brk7CUbc46bc6YRsQEQ%2FVNBtrffSUuqu2fXHUviZJ0vpHsOBmQBZJKuuUpUMh3n5LztwnkJ1oKYQCd7T55NW%2FV%2B0NdgRotOaehk49FlY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa45b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 23311

GET
H3 200 game7.png
ads.giaitriwin79.us/images/ 20 KB
21 KB 2838ms
2837ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/game7.png?v=1.0.4
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3b1d1f7c45599c4f8255df6951a412c0ef6caf667dd552c8943ac4454d3a2f3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:34 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 19 Oct 2023 20:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653193e7-511b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rzesFSkYKDoXgTOFCi%2B3B0YRoHFYmAaiewwIwvy%2BBX4LuMilpK%2FrpWv6xdhGFhIxFIjISpW8F9DYmp%2F7EzQvFHtQNavTsvcuZINCE8%2FBlFDvhYUpn%2BRqH8ac8OclFrF43ZgYBt8%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa46b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 20763

GET
H3 200 game8.png
ads.giaitriwin79.us/images/ 25 KB
25 KB 327ms
326ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/game8.png?v=1.0.4
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9ec0942628d3ff20e555db432cfc3a5b31e63aef544b23f081c6519bca359e8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 20:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653193e7-63e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nkaFPDMZx37PDvGEYBh4NcJB5NSvwWHkhgPQd5n2baU3l7CGXrMR3Ag8tpcrAqDy1JiZaUXQF5avm9%2B0USYFH9LfN1N1QsFZ2J%2FnB3YRVTDRQSkrQ6f8FJGFrmnLEcHkIKBCr%2Ba1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa48b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 25574

GET
H3 200 game9.png
ads.giaitriwin79.us/images/ 20 KB
21 KB 1045ms
1044ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/game9.png?v=1.0.4
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a68d1309fb3cec74c013cb389d0fa1c918a840b968e09387f4a6b3a68eb0efed

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 20:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653193e7-5194"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5eeylJEhI9459MAYTQfgHCwsf6nP5AL5yZ5%2B4EHJDjx9EUs091yrsyCDU%2FrltZmVRbnwIhs1ip6IJGElvMgmuvQkQoXK2VX00Q2KT4BvT%2BpFThU44iF9uFyb8b1N2phU1IVSJZMU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa49b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 20884

GET
H3 200 game10.png
ads.giaitriwin79.us/images/ 25 KB
25 KB 328ms
326ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/game10.png?v=1.0.5
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5b927395aabcf0119f941bf3a319450f58f3a22f116959ba102a4814d8aba0c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 20:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653193e7-622f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2NfP%2Bk%2FoO82V7l%2BgGthij5ZMRgjYRrqMfmEvAphVXBm%2FhYM9HjuAfcXB7ur3JdIdTUkJuwZF3egMfXWVUSZBmRIeBS%2BEqIwdMSKp8td0ibTMGt9meJl39wlkeB7kyLQknqg%2F2am0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa4bb3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 25135

GET
H3 200 game8.gif
ads.giaitriwin79.us/images/ 132 KB
133 KB 1054ms
1053ms Image
image/gif 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/game8.gif?v=1.1.2
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0050e9252d7f84b5511ef7b8452c95f2ddd67bd86264cac85c837135ae59adcb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 19 Oct 2023 20:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653193e7-211b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f59vF%2BP9T7vD5uJP0jrPO7G2Rhp0JzTvQQ51HdBHvS6gjCrtetR%2FQWgSC94jxFGQdrzyPOlspjGUWFFEp2dCPARwJJlAqJlwUtCX%2B%2FcxPRfZJyl4zWaELx54PMI0lkrSvOdyvBQ9"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa4cb3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 135606

GET
H3 200 game9.gif
ads.giaitriwin79.us/images/ 145 KB
146 KB 366ms
365ms Image
image/gif 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/game9.gif?v=1.1.2
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 520895c70e0ea933a3841c46bffd68a2ef5902c0b8ec9f981bf616fa6e299230

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 22 Apr 2023 15:58:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6444040a-24482"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VLWcZCkdZSxwv1dcvLDDVjDBLKx%2BSkCfEX8D06msbtMMpTTtHALX58wxMMmXhLWy7DdMlShqngCZgwl4CVIm2zh71AsaHiaCUlcEdUFFJo7Cnvwdmm7d1kAqb3jtlkY%2FoRqlk8vN"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa4fb3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 148610

GET
H3 200 game10.gif
ads.giaitriwin79.us/images/ 144 KB
145 KB 386ms
385ms Image
image/gif 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/game10.gif?v=1.1.2
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99597c956bdd2d885ffacd6de716c4fdaaeb5953a601db98f30f1c2ffe164f19

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 19 Oct 2023 20:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653193e7-2408c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G77FFZHiKW88QF7rqMTY%2F5GZ9K6utiz2Z%2BZCmdd53CpSEagY2Rq1ULgtrF2WscxFQR5MMu433EBPuf1k4TgGVGJMShlSSt1bcVWWXkfqvXp3o2Dl7epIKj9x4h0xVXMDjuBEcB6m"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa50b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 147596

GET
H3 200 288381496973905 Show response
connect.facebook.net/signals/config/ 27 KB
3 KB 204ms
203ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/288381496973905?v=2.9.158&r=stable&domain=ads.giaitriwin79.us&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

9dcd27da04d35aa46cd178338918311818b61da20bf6ac8d41921c97ba5fb308

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jun 2024 16:18:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=61, rtx=0, c=23, mss=1232, tbw=4327, tp=9, tpl=0, uplat=143, ullat=0
pragma: public
x-fb-debug: hqBf4r5pMetYAU8g/QQ6hAqtTDXfC9YJ25krBXoBps+rA8p8ctJn0IFkmA59OtljEhJGyCRHrRwhYac8GHBrxQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
269 B 230ms
63ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=825546689197596&ev=PageView&dl=https%3A%2F%2Fads.giaitriwin79.us%2F&rl=&if=false&ts=1718986711419&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718986711416.578013902549378858&cs_est=true&ler=empty&cdl=API_unavailable&it=1718986711123&coo=false&rqm=GET

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=10, mss=1297, tbw=2789, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Jun 2024 16:18:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 317ms
151ms Image
image/png 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=825546689197596&ev=PageView&dl=https%3A%2F%2Fads.giaitriwin79.us%2F&rl=&if=false&ts=1718986711419&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718986711416.578013902549378858&cs_est=true&ler=empty&cdl=API_unavailable&it=1718986711123&coo=false&rqm=FGET

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xe79e92166e04dcd8","source_keys":["1","2"]},{"key_piece":"0xe6400976f3a596c1","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 21 Jun 2024 16:18:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382991707313102419", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=15, mss=1297, tbw=3314, tp=-1, tpl=-1, uplat=86, ullat=1
pragma: no-cache
x-fb-debug: bM9tSQAi4mtI4WrkAvjGLoMyWy1ZI2i35MVu9B0dXbb5uz22S6A8twj4fHisxOgdNiqdZEnffH0z3A+9hCzheA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382991707313102419"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 bg-form.png
ads.giaitriwin79.us/images/ 46 KB
46 KB 1285ms
1284ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/bg-form.png?v=3.65.2
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a99f92fe915b0ca1a1b6143c84826f4d2e7e184dc3dd8f91c9c8f4e5d8fa887b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: MISS
last-modified: Mon, 08 May 2023 12:49:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6458efeb-b6f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7w5kT2ACA5a0mWKCB4GcXDGMS45qCn2P0H6qO0kI7XLoIEcnX%2B0TkPexjOuW1TA5XvBtyYXazBd3%2FXB2cKL56ZZiEchXPeRYJJSDqbZqJtT4%2B60no9zbXhOmaTuJDa37sTpuhssj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a2ab03b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 46840

GET
H3 200 bg-input.png
ads.giaitriwin79.us/images/ 2 KB
3 KB 1014ms
1014ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/bg-input.png?v=3.65.2
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ab3ffacb910fdbc40e34420f8ef1bf394426a0a5fc9ea2f32b3466e268ccd75

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ads.giaitriwin79.us/build/style.min.css?v=1.9.84
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-8e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oX0qQoHsW9CLe7g8EEqgNp%2BIxeABuubiGYlUzdOkKhBszD%2BjgLLtvIVYNPYAsLtyTiLGefmjD1UBJLsqFaHqkniI9lUPbzaQGgE3Ap9RBGzZuWhLCGXckMoRI2HQTIBWCuWXO%2BjW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a2ab05b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 2280

GET
H3 200 fa-regular-400.woff2
ads.giaitriwin79.us/vendor/fontawesome-free/webfonts/ 13 KB
14 KB 1367ms
1367ms Font
font/woff2 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.giaitriwin79.us/vendor/fontawesome-free/webfonts/fa-regular-400.woff2
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/vendor/fontawesome-free/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ads.giaitriwin79.us/vendor/fontawesome-free/css/all.min.css
Origin: https://ads.giaitriwin79.us
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Apr 2023 22:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644307fd-350c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IHcNsQ2p7FkCxgNyWjvr5PjbPJJ6k5dQN2YWZonETc0SuJ6TGF3D548lMpjf47Rlwa5GlOA5IgZp%2Fw71yCMTl1aS5o9doaZf1x3RPnkxzESrz043szst%2F5V5UKQjS8AqyXqQ02Ju"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a2ab09b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 13580

GET
H3 200 1462713301174981 Show response
connect.facebook.net/signals/config/ 24 KB
3 KB 155ms
155ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1462713301174981?v=2.9.158&r=stable&domain=ads.giaitriwin79.us&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

9456998da42c46e3611bdb32ae1c9902d0989e54583e00c9c2faae897a462fc5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jun 2024 16:18:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=28, mss=1232, tbw=10279, tp=15, tpl=0, uplat=95, ullat=0
pragma: public
x-fb-debug: ydEFFcA7yBFXbXl1oroqsyBXyFG72uwPLaaVvCirRq/1DX0PT2/ZzqeW9MwwBY5CCg41mAReQcxh0r3+ylyVJg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
98 B 63ms
62ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=288381496973905&ev=PageView&dl=https%3A%2F%2Fads.giaitriwin79.us%2F&rl=&if=false&ts=1718986711629&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718986711416.578013902549378858&cs_est=true&ler=empty&cdl=API_unavailable&it=1718986711123&coo=false&rqm=GET

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=10, mss=1297, tbw=3172, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Jun 2024 16:18:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 371ms
371ms Image
image/png 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=288381496973905&ev=PageView&dl=https%3A%2F%2Fads.giaitriwin79.us%2F&rl=&if=false&ts=1718986711629&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718986711416.578013902549378858&cs_est=true&ler=empty&cdl=API_unavailable&it=1718986711123&coo=false&rqm=FGET

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x1727e6e127ead568","source_keys":["1","2"]},{"key_piece":"0x92cb10a9f66f5bd0","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 21 Jun 2024 16:18:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382991707804528708", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=18, mss=1297, tbw=7017, tp=-1, tpl=-1, uplat=308, ullat=0
pragma: no-cache
x-fb-debug: 9dMpphdZzNpqQo9LBgneS74hfocTTJQRB7ZSKEN3f1q+74l2hddvUviiWaWGXqWQw/ounY/vwmd4OQJoDbZTvw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382991707804528708"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.6/customer/action/ 393 B
575 B 483ms
263ms Script
application/javascript 23.34.59.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=14860335&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fads.giaitriwin79.us%2F&channel_type=code&jsonp=__5fc0yxsjh5r

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.10 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-10.deploy.static.akamaitechnologies.com

Software

Resource Hash

0cd4d34882e52b0e523b81603f29f4023d74bb09577b7011442a9d0b288c8366

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors ;
X-Frame-Options	allow-from

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors ;
date: Fri, 21 Jun 2024 16:18:32 GMT
cross-origin-resource-policy: cross-origin
content-length: 393
vary: Accept-Encoding
x-frame-options: allow-from
content-type: application/javascript; charset=UTF-8

GET
H3 200 412266534963016 Show response
connect.facebook.net/signals/config/ 21 KB
3 KB 152ms
152ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/412266534963016?v=2.9.158&r=stable&domain=ads.giaitriwin79.us&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

590a1d56337333409617baa753e17cce1c964a713e148d06d9211778ad6c5ca0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jun 2024 16:18:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=59, rtx=0, c=31, mss=1232, tbw=13671, tp=19, tpl=0, uplat=92, ullat=0
pragma: public
x-fb-debug: CiGO+vzlyAb4aw9KbcXqPsSwwRr8VwmoW5zyi35RM+M4M7BX6Kteh6U8MepNxrG9LNCc7qrWM+w4CFGTn+0bXQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 782657430672530 Show response
connect.facebook.net/signals/config/ 21 KB
3 KB 198ms
197ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/782657430672530?v=2.9.158&r=stable&domain=ads.giaitriwin79.us&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

f77a386a01cdbcd97f66205f354fa42c3c3b88070c7792c6383c2bc9c65153ad

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jun 2024 16:18:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=59, rtx=0, c=33, mss=1232, tbw=16775, tp=23, tpl=0, uplat=137, ullat=0
pragma: public
x-fb-debug: F1xGuWcbc6Ya0OLivSkHGSx1PbqLCGiFD6NBR4eS9MI72QP3Cqd1JoYA1lmWwmnfZCVq6GHPeYTPbipeh4IGBw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 game1.png
ads.giaitriwin79.us/images/ 20 KB
0 0ms
0ms Image
image/png 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/game1.png?v=1.0.5
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf13ad23226567c7251a5209f79cec02f77934498ab2e5b5a24942c18ba35134

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:31 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 19 Oct 2023 20:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653193e7-501c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fnAnJEEl7lVpfNiqMKHlpnnfeDDKsqyp39OkorcTQt%2BrEgagbiMRx2J1zG05uy3bjLrYn6FsZpOnjoaatjQAu6h%2F0nW35NKazMpflZupkqEKKZDIgPuuCUL%2FdeDw1Styi7a9MKXf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550a1fa3ab3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 20508

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.4/customer/action/ 5 KB
2 KB 148ms
147ms Script
application/javascript 23.34.59.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=5dc1858e-d9ee-408a-ab4e-393e6a1311a4&version=735.0.2.120.352.183.103.3.1.61.1.10.7&group_id=0&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.34.59.10 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-34-59-10.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 25641ace577db6de1251c19c4e12112bd28a810fd57e74269ad6e9ad8def8322

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:32 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
deprecation: 2024-11-30
cache-control: public, max-age=600
cross-origin-resource-policy: cross-origin
content-length: 1791
expires: Fri, 21 Jun 2024 16:28:32 GMT

GET
H3 200 995072555590050 Show response
connect.facebook.net/signals/config/ 21 KB
3 KB 145ms
145ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/995072555590050?v=2.9.158&r=stable&domain=ads.giaitriwin79.us&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

05b76ce50c3f89e11c6a05da7f8e6aeaca56b8b6e12a19d233b5abfc0e473b7a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jun 2024 16:18:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=59, rtx=0, c=36, mss=1232, tbw=19911, tp=27, tpl=0, uplat=84, ullat=0
pragma: public
x-fb-debug: TAG8pH78Nk7ljpfOdzHVpuWTmmA6FDEanUMwF4RkJR/wEKQJPZ0pKDQNXJ2jW90k7aupV1fA0a7Q+OJ4ySjm7A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1547711265790353 Show response
connect.facebook.net/signals/config/ 21 KB
3 KB 148ms
148ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1547711265790353?v=2.9.158&r=stable&domain=ads.giaitriwin79.us&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

3981841fa986986e9900cc5713b9b8d91e2a1a30cbf4db717de29def14fba0fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jun 2024 16:18:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=61, rtx=0, c=38, mss=1232, tbw=23015, tp=31, tpl=0, uplat=87, ullat=0
pragma: public
x-fb-debug: tcqWleCiQmBfwBc4qVPFiZQzoWFKRGDrFsg6sv2Anmm+MAjMyR1udVrXi7zHR2kzXU7LI0ivy2Tm7hw/+uua0Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 301491726361938 Show response
connect.facebook.net/signals/config/ 21 KB
3 KB 174ms
174ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/301491726361938?v=2.9.158&r=stable&domain=ads.giaitriwin79.us&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

b763771b6cc14414c34bad71eb61900ba16b132711b50320b88339bb2f03a798

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jun 2024 16:18:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=39, mss=1232, tbw=26119, tp=35, tpl=0, uplat=114, ullat=1
pragma: public
x-fb-debug: Hda1dwCdGdYkl/al13nm7ROBdoKP4YN5SYax77WFiSxSlpWAjgzpj/L9tfNdDzTS0E/u9narKBJ8x80DgDK+Yg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 907187881118948 Show response
connect.facebook.net/signals/config/ 24 KB
3 KB 156ms
156ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/907187881118948?v=2.9.158&r=stable&domain=ads.giaitriwin79.us&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

5ae8d587951166ac4364f3350d3408b81b44cb40ebb5452f2cfd85cfa8b39f68

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jun 2024 16:18:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=39, mss=1232, tbw=29223, tp=39, tpl=0, uplat=96, ullat=0
pragma: public
x-fb-debug: Q5IMXgilUTwn4rVakE3ao7/wzIM4T+SbxlqPfKh+Qs4VWMH0KvoSpXun9LWiuWgdi3/3hik0G7BhPRJk4ARhwA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
120 B 62ms
62ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1462713301174981&ev=PageView&dl=https%3A%2F%2Fads.giaitriwin79.us%2F&rl=&if=false&ts=1718986712642&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718986711416.578013902549378858&cs_est=true&ler=empty&cdl=API_unavailable&it=1718986711123&coo=false&rqm=GET

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=10, mss=1297, tbw=8323, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Jun 2024 16:18:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 295ms
295ms Image
image/png 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1462713301174981&ev=PageView&dl=https%3A%2F%2Fads.giaitriwin79.us%2F&rl=&if=false&ts=1718986712642&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718986711416.578013902549378858&cs_est=true&ler=empty&cdl=API_unavailable&it=1718986711123&coo=false&rqm=FGET

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x6a994d98fba729d1","source_keys":["1","2"]},{"key_piece":"0xfdf61a90f6fb697a","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 21 Jun 2024 16:18:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382991711691086409", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=63, rtx=0, c=24, mss=1297, tbw=10714, tp=-1, tpl=-1, uplat=233, ullat=0
pragma: no-cache
x-fb-debug: n+YHoNMUkYiaeVl7jRKp/eU/Fe754PAWJ3X/OYfPsdTHtu9Tg7ot8VAUD1hSue48I68mTnd567S4qEwFau+Utg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382991711691086409"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
98 B 61ms
61ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=412266534963016&ev=PageView&dl=https%3A%2F%2Fads.giaitriwin79.us%2F&rl=&if=false&ts=1718986712643&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718986711416.578013902549378858&ler=empty&cdl=API_unavailable&it=1718986711123&coo=false&rqm=GET

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=10, mss=1297, tbw=8522, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Jun 2024 16:18:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 298ms
298ms Image
image/png 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=412266534963016&ev=PageView&dl=https%3A%2F%2Fads.giaitriwin79.us%2F&rl=&if=false&ts=1718986712643&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718986711416.578013902549378858&ler=empty&cdl=API_unavailable&it=1718986711123&coo=false&rqm=FGET

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xf271f01db5a23697","source_keys":["1","2"]},{"key_piece":"0xaf69bf2f111c2a0e","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 21 Jun 2024 16:18:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382991710950559812", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=63, rtx=0, c=24, mss=1297, tbw=11949, tp=-1, tpl=-1, uplat=237, ullat=0
pragma: no-cache
x-fb-debug: nKwVCo9Mz2u2UPW5sOUrv6lhG1/jVxux94ch6ifxHbiJxEvac3wz1uatuC/gWLPBgY7rDU7cf9CSJZu56DlZMw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382991710950559812"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
97 B 61ms
61ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=782657430672530&ev=PageView&dl=https%3A%2F%2Fads.giaitriwin79.us%2F&rl=&if=false&ts=1718986712644&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718986711416.578013902549378858&ler=empty&cdl=API_unavailable&it=1718986711123&coo=false&rqm=GET

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=10, mss=1297, tbw=8712, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Jun 2024 16:18:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 321ms
321ms Image
image/png 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=782657430672530&ev=PageView&dl=https%3A%2F%2Fads.giaitriwin79.us%2F&rl=&if=false&ts=1718986712644&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718986711416.578013902549378858&ler=empty&cdl=API_unavailable&it=1718986711123&coo=false&rqm=FGET

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x8acb584f55e6444c","source_keys":["1","2"]},{"key_piece":"0x96954c290514da29","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 21 Jun 2024 16:18:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382991710871023881", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=63, rtx=0, c=24, mss=1297, tbw=13183, tp=-1, tpl=-1, uplat=259, ullat=0
pragma: no-cache
x-fb-debug: HR7xnW3nHSjOxawJTJzgXCjTF99jSDynWYtNqnemgguTRgaW65PiYFxIF3Cob2XvFBgZHS51dFMd68SuseUqGQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382991710871023881"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
97 B 118ms
117ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=995072555590050&ev=PageView&dl=https%3A%2F%2Fads.giaitriwin79.us%2F&rl=&if=false&ts=1718986712644&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718986711416.578013902549378858&ler=empty&cdl=API_unavailable&it=1718986711123&coo=false&rqm=GET

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=10, mss=1297, tbw=8901, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Jun 2024 16:18:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 239ms
239ms Image
image/png 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=995072555590050&ev=PageView&dl=https%3A%2F%2Fads.giaitriwin79.us%2F&rl=&if=false&ts=1718986712644&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718986711416.578013902549378858&ler=empty&cdl=API_unavailable&it=1718986711123&coo=false&rqm=FGET

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x95d25eaff8f16b10","source_keys":["1","2"]},{"key_piece":"0x6ef24e8c1f88f61b","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 21 Jun 2024 16:18:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382991712035672395", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=63, rtx=0, c=24, mss=1297, tbw=9478, tp=-1, tpl=-1, uplat=177, ullat=0
pragma: no-cache
x-fb-debug: D5AIeSc3+8BEIANeSuq8ymZZr4yCJltTgijIP4qxV8m6X4Wt0ndbz4nTaQZuP8yVp+yYkQPHJB9d2nghsX7b/g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382991712035672395"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
97 B 117ms
117ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1547711265790353&ev=PageView&dl=https%3A%2F%2Fads.giaitriwin79.us%2F&rl=&if=false&ts=1718986712645&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718986711416.578013902549378858&ler=empty&cdl=API_unavailable&it=1718986711123&coo=false&rqm=GET

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=10, mss=1297, tbw=9112, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Jun 2024 16:18:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 373ms
373ms Image
image/png 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1547711265790353&ev=PageView&dl=https%3A%2F%2Fads.giaitriwin79.us%2F&rl=&if=false&ts=1718986712645&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718986711416.578013902549378858&ler=empty&cdl=API_unavailable&it=1718986711123&coo=false&rqm=FGET

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xc87a4af0d8d98886","source_keys":["1","2"]},{"key_piece":"0x91d7327a7ff25687","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 21 Jun 2024 16:18:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382991711973633352", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=62, rtx=0, c=24, mss=1297, tbw=15657, tp=-1, tpl=-1, uplat=310, ullat=0
pragma: no-cache
x-fb-debug: De1llMqUF+/G+WdzH8A7TxocindpWja2k6d9L8zj4HTN5LJ5W/Gurvnin8TUWz7uAn4fTsV29mBm7gZKELpliw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382991711973633352"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
98 B 117ms
117ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=301491726361938&ev=PageView&dl=https%3A%2F%2Fads.giaitriwin79.us%2F&rl=&if=false&ts=1718986712646&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718986711416.578013902549378858&ler=empty&cdl=API_unavailable&it=1718986711123&coo=false&rqm=GET

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=13, mss=1297, tbw=9336, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Jun 2024 16:18:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 365ms
364ms Image
image/png 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=301491726361938&ev=PageView&dl=https%3A%2F%2Fads.giaitriwin79.us%2F&rl=&if=false&ts=1718986712646&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718986711416.578013902549378858&ler=empty&cdl=API_unavailable&it=1718986711123&coo=false&rqm=FGET

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x6e2b723bbea57e7e","source_keys":["1","2"]},{"key_piece":"0xf767d52c828b02f7","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 21 Jun 2024 16:18:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382991710547774867", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=62, rtx=0, c=24, mss=1297, tbw=14420, tp=-1, tpl=-1, uplat=248, ullat=0
pragma: no-cache
x-fb-debug: hOTW83oE41X1t9hSLuw/HgO4uqYbkOkzqY9vos3cg1BS2cB4oUWmr9+nh59b77DhgFReWrhE9r0ETHglgKBUOQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382991710547774867"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 325041826915141 Show response
connect.facebook.net/signals/config/ 24 KB
3 KB 163ms
163ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/325041826915141?v=2.9.158&r=stable&domain=ads.giaitriwin79.us&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

9253804f4f4dc5bf00124956426c494ef97f3c9cbfe8d95ecb135309e65ffddc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jun 2024 16:18:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=59, rtx=0, c=39, mss=1232, tbw=32583, tp=43, tpl=0, uplat=103, ullat=0
pragma: public
x-fb-debug: 5GEbj+Ylo4j9w3nHwe1IflFQcI82x2E8o6ZIWUJv7Y+ybQ6NfruWeIXlb+RbACuw7MERY6jPwLFwCmQ1H8Oezg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 60ms
60ms Image
text/plain 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=907187881118948&ev=PageView&dl=https%3A%2F%2Fads.giaitriwin79.us%2F&rl=&if=false&ts=1718986712807&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718986711416.578013902549378858&cs_est=true&ler=empty&cdl=API_unavailable&it=1718986711123&coo=false&rqm=GET

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=58, rtx=0, c=23, mss=1232, tbw=4375, tp=10, tpl=0, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Jun 2024 16:18:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
197 B 186ms
185ms Image
image/png 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=907187881118948&ev=PageView&dl=https%3A%2F%2Fads.giaitriwin79.us%2F&rl=&if=false&ts=1718986712807&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718986711416.578013902549378858&cs_est=true&ler=empty&cdl=API_unavailable&it=1718986711123&coo=false&rqm=FGET

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xaf53237a43ff1e7d","source_keys":["1","2"]},{"key_piece":"0xb9c693db27685a7f","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 21 Jun 2024 16:18:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382991711330748749", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=58, rtx=0, c=23, mss=1232, tbw=4743, tp=13, tpl=0, uplat=126, ullat=0
pragma: no-cache
x-fb-debug: 2QYHbgqYplI3zJbSv9pJZFYUawntgmo8ZLunsON/0TAfqn/Vn3dCq1ecTStfRGS48ERuzrNzOCPqerg9CNUl9Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382991711330748749"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 60ms
60ms Image
text/plain 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=325041826915141&ev=PageView&dl=https%3A%2F%2Fads.giaitriwin79.us%2F&rl=&if=false&ts=1718986712976&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718986711416.578013902549378858&cs_est=true&ler=empty&cdl=API_unavailable&it=1718986711123&coo=false&rqm=GET

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=58, rtx=0, c=23, mss=1232, tbw=8535, tp=18, tpl=0, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Jun 2024 16:18:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 113ms
112ms Image
image/png 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=325041826915141&ev=PageView&dl=https%3A%2F%2Fads.giaitriwin79.us%2F&rl=&if=false&ts=1718986712976&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718986711416.578013902549378858&cs_est=true&ler=empty&cdl=API_unavailable&it=1718986711123&coo=false&rqm=FGET

Requested by

Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xe441f5b231e06018","source_keys":["1","2"]},{"key_piece":"0xc79275447be89277","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 21 Jun 2024 16:18:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382991714781244891", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=58, rtx=0, c=26, mss=1232, tbw=8775, tp=21, tpl=0, uplat=52, ullat=0
pragma: no-cache
x-fb-debug: bd/tm20lE5zKQnjGOU9FknHpjwf2aAKz8V0BJmcGlaGePyNyxsABSu0UuLDaNKTGPph+DQAlMZhGBpOnLakcMw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382991714781244891"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 favicon.ico
ads.giaitriwin79.us/ 188 KB
136 KB 697ms
696ms Other
image/x-icon 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.giaitriwin79.us/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9dd836c5f5ce8dc93258dd3de715c780086d50054add38a53f3855f69f1a283

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:34 GMT
content-encoding: zstd
cf-cache-status: MISS
last-modified: Sat, 13 May 2023 07:59:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"645f4367-2efac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cF4JrJmcjB3AwUI8vTdscC1iSS8Q47%2FKEQdz0bZGOTD5uQgJyQG1f9%2FgkTF1WrQdQVtGghcxNV48QhSSmmYzj%2BMUrx1gCWgqBFGRKoVhjmJEE7O90DwU9uVcifgB1P%2BHE8UghUaj"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 897550b3ca46b3c7-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 game11.gif
ads.giaitriwin79.us/images/ 139 KB
139 KB 295ms
294ms Image
image/gif 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.giaitriwin79.us/images/game11.gif?v=1.1.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a959eadb0b0acf2f2bfa17ab51c36e39ec59e2a474ee95131af7370d60d02601

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:34 GMT
cf-cache-status: MISS
last-modified: Sat, 22 Apr 2023 15:58:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6444040a-22afa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2BcUwtz856OPgUT2JR6JfRwALN2qmITOcyo6D9qkD2kXg5sqWs1k1%2FzIyjIFWnqilRPrNGHaFT6d0ueU4oXNrmeLWGr88hEZSAWjXCRXPfLj9ma8J7RQEy868c2gb%2FIetaB7UGLK"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897550b4ab76b3c7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 142074

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 86ms
82ms Fetch
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-310BTLVP2Y&gtm=45je46j0v9145017223za200zb9163984563&_p=1718986710359&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=437496773.1718986711&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1718986710&sct=1&seg=0&dl=https%3A%2F%2Fads.giaitriwin79.us%2F&dt=Win79%20-%20Game%20b%C3%A0i%20%C4%91%E1%BB%95i%20th%C6%B0%E1%BB%9Fng%20v%C6%B0%E1%BB%A3t%20th%E1%BB%9Di%20%C4%91%E1%BA%A1i%20v%C3%A0%20%C4%91%E1%BA%B3ng%20c%E1%BA%A5p&en=scroll&epn.percent_scrolled=90&_et=10&tfd=7360&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-310BTLVP2Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 16:18:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ads.giaitriwin79.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 notifications.html Show response
ads.giaitriwin79.us/ 1 KB
735 B 1216ms
1216ms XHR
text/html 172.67.180.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.giaitriwin79.us/notifications.html?t=1718986716000
Requested by: Host: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/build/apphd.min.js?v=1.0.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.22
Resource Hash: 985467087e38f9a24cc53e8b432738a228d56f2bcf87590ec8de45e1682a8f5e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-CSRF-TOKEN: e10ba57a54a2108c85b43ec39e394641
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:18:37 GMT
content-encoding: zstd
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.22
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b5%2BN%2FnwQHdiQINRKeRYiZ0AyA64MJz1gYtfserm%2BbtRAdueFtXUBIRrAQ72yRBOxCVRwJCr5%2BLploVLoM%2B%2B0PHAwymU0u4QriCo7Z0G4v3Gcl%2BJCyfya%2BpYjoW7VN1WtT2OxQyT3"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 897550c0fbebb3c7-MIA
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ads.giaitriwin79.us
URL: https://ads.giaitriwin79.us/images/slogan-lazy.png

Domain: ipv4.closwbay9bak.org
URL: https://ipv4.closwbay9bak.org/sw/collect?aff_id=w79

Domain: ipv6.closwbay9bak.org
URL: https://ipv6.closwbay9bak.org/sw/collect?aff_id=w79

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.giaitriwin79.us/	1970-01-21 07:05:46	Name: _ga Value: GA1.1.437496773.1718986711
.giaitriwin79.us/	1970-01-21 07:05:46	Name: _ga_310BTLVP2Y Value: GS1.1.1718986710.1.0.1718986710.0.0.0
.giaitriwin79.us/	1970-01-20 23:39:22	Name: _fbp Value: fb.1.1718986711416.578013902549378858

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://ads.giaitriwin79.us/ Message: Access to XMLHttpRequest at 'https://ipv4.closwbay9bak.org/sw/collect?aff_id=w79' from origin 'https://ads.giaitriwin79.us' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ipv4.closwbay9bak.org/sw/collect?aff_id=w79 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ads.giaitriwin79.us/ Message: Access to XMLHttpRequest at 'https://ipv6.closwbay9bak.org/sw/collect?aff_id=w79' from origin 'https://ads.giaitriwin79.us' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ipv6.closwbay9bak.org/sw/collect?aff_id=w79 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.giaitriwin79.us
api.livechatinc.com
cdn.livechatinc.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
ipv4.closwbay9bak.org
ipv6.closwbay9bak.org
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
ads.giaitriwin79.us
ipv4.closwbay9bak.org
ipv6.closwbay9bak.org
104.17.25.14
157.240.241.35
172.67.180.80
23.34.59.10
23.48.224.16
2607:f8b0:4006:80d::2008
2607:f8b0:4006:816::200e
2607:f8b0:4006:820::200a
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
31.13.71.7
0050e9252d7f84b5511ef7b8452c95f2ddd67bd86264cac85c837135ae59adcb
02f38ba6e3e764ddf9925b6c5f2bb925ac5a026a0d8d4b1cd61c071dd46dc66f
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
05b76ce50c3f89e11c6a05da7f8e6aeaca56b8b6e12a19d233b5abfc0e473b7a
075aa3958cf5201a738a711338ff0e2b6304e08c804c669b5b759e00184f71e0
0cd4d34882e52b0e523b81603f29f4023d74bb09577b7011442a9d0b288c8366
0da65ca6b4acda8087afe07ff8f0aaa22c2530769a4f1bf4833f225e9d040fc3
210899e92cc814ff5541ff9b972fed39c4086dea1852fbfc32a1312c234a306e
234a3218807b3343b10bcefc9e8807811b2f4afc4073f6a7b6ae962ddc233945
23b9b39ea61308052256b9921bf1c0de6698bcf0c04e3e4f2978adc86168ff6e
242b535602d0ba7eaae4df7f53927438e856d10f68c9b6a3797e24623608806a
2525c91bbb1f6aee60bf491c874cab636bb816d7e6a8c33dd5c147f71032d4fb
25641ace577db6de1251c19c4e12112bd28a810fd57e74269ad6e9ad8def8322
3495ce79b5fb295feccdc9a2446e7062fbb4741f13b6bf81cee6f7fd3460bbde
34cf677f1033fdadd526d3dd1ba63baee6f6475b15bf5424b244efd792f485d8
35af097fde4ea4bb3f29cf4404dbca9c8442e553fe75d9545958a9be3b7bfd54
35c1c252fcd00278cbd173da5e4eee885dcd9440c7e6266a3ec4a742766dceb2
37ac9dff411f56a2b147b6c38bfed00044c6d9d4596faa74a6eaf1f986315e6d
38b242c7a9ad57fb755c38125c12585952d56bc074df78dbb90e1f007653b30e
3979d3ebdaa4217084c8174c3b597680909725abc95b48910ac6b85e03e64ef0
3981841fa986986e9900cc5713b9b8d91e2a1a30cbf4db717de29def14fba0fc
3c71624af566f3245d2ecde15a84d3fb8fe842c0a3a1928960d41e2aef024c16
3ddd801e6c93a097c1d03f0cf8d539b9ccf6416fe32075212906346a21819321
44f8bca009029e0b31456ebcddb570e07c2fdc491378442fe81c1894d8b8102a
461e7847c44d160a24ba9baf638f2ba77c204ed310917113fd7b534e681d35b9
47efdd1f42293f62d9fcca3d1d3cec1b3a264ee6db92741b7918712942f7e6a1
4d295f5d029476fcb8dd3d86619fbcb5540edf66704d042829cb1f9383776833
4da505ea6f3625e028ec59074633a63028dae9e0158a438165b0db8afd254966
520895c70e0ea933a3841c46bffd68a2ef5902c0b8ec9f981bf616fa6e299230
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
590a1d56337333409617baa753e17cce1c964a713e148d06d9211778ad6c5ca0
5973fb6f8ebb71dea93a9147d822549a4850acc42a3469c75ab4fedd6496b983
5992f5e54ed0fc66369860392f4d504733ea2cb4aae9437f6573c153d066ce19
5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b
5ae8d587951166ac4364f3350d3408b81b44cb40ebb5452f2cfd85cfa8b39f68
5e29acc502d51a983b5c3b52248d56610d211e7039cb9c06eabf00cc99859415
5f50f5608be0e73b86cf1072a8ab346969ba9035882e7cf2deb073e896483c5c
5fa668e52f79d008d43cf98f8c14b6c95d8a1b7a2cf0db0a011936b9a093c1e5
66e6506f7505a0849a4580318c5f1165f3442b7cade4b3d56faf3ea63d22ebce
6721eb88c24c24246f9323a36beddfed8bdd851ed596eab913c75bbe08124021
67c49238df46e4cd4701491d1f1d97c5db48d86bf6d5dc409d3abea86cf2f664
6965a5d86fa648b2003fa95074ee42389c44defdc12027fd8c4577b3039a7ad3
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9
6a26a33349b41a904e2b7368f4dcf43b5eb7c6f542add82090cb4c0ecf620c33
6ab3ffacb910fdbc40e34420f8ef1bf394426a0a5fc9ea2f32b3466e268ccd75
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
772176209d43c449df429e107b27e22a3b11e627562de92d79d859c64a6c7225
81318f126e63f8658d3ec2f83a20b2854e8333212744a53701a8f100178eb1d7
8433bf03e354863e753d3dbc05855e70d2e8c8022de7e151a22914c0b3ececff
920139bd32dda0f1e985189d3cba55cd3a0ffc471f230468c83f3f55c5e2a795
9253804f4f4dc5bf00124956426c494ef97f3c9cbfe8d95ecb135309e65ffddc
92ca3f465bf99474f13921fd833ca80c1e75272c6e690fcb330c0cdd2558889a
92ed6848b795db8c2deb24a11c5e6bfecdd4ba181d27da87b0c30eb53143892d
935d7b916577c5dde41d0d19f8a368e9e1acf755551f31eca2fcc3a92e35c145
9456998da42c46e3611bdb32ae1c9902d0989e54583e00c9c2faae897a462fc5
981a5f550ed9f2f2fb3c26c9d11e071ff9b08a6a837cb8d95203da56ae45a1d7
985467087e38f9a24cc53e8b432738a228d56f2bcf87590ec8de45e1682a8f5e
99597c956bdd2d885ffacd6de716c4fdaaeb5953a601db98f30f1c2ffe164f19
9a1de51b404de14ff237f52ebe9fcb5611061f966d68a1a29ae43912e12513c0
9dcd27da04d35aa46cd178338918311818b61da20bf6ac8d41921c97ba5fb308
9e96c634ad1e5f3a500654e0b9578f714da806c8ac04f5214fcd69aed488b99d
a29fc54a07056fddf42f7c9062597cd82a3fc7089d5ef14e421a398e6af20ffc
a40dc19cf2511b2a3cb700642e9fe12f87176b3a773478a762d0323b7be36c39
a68d1309fb3cec74c013cb389d0fa1c918a840b968e09387f4a6b3a68eb0efed
a78a513c795284c49ea24f5298882f853bc8a24e4c04476170bcd192ab3083ce
a92ffe05385c4d65343693065f7a6d7dbb554bc741c9550d8634aa23ef5f610a
a959eadb0b0acf2f2bfa17ab51c36e39ec59e2a474ee95131af7370d60d02601
a99f92fe915b0ca1a1b6143c84826f4d2e7e184dc3dd8f91c9c8f4e5d8fa887b
a9dd836c5f5ce8dc93258dd3de715c780086d50054add38a53f3855f69f1a283
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aca4da4e4ba38d9e94526266b7806420b2c2f2b77043479c7f93566d5876e81b
ad2b8011f959f9f083ba5d7e778fdfdd3fbb6c62c0040675be08d9793fd98630
af7d049e4a4d0f8f769cdc296833aa8bb51d35876416af0667f7406476613c3e
b1dc5fda0e36647679239e9313fde121d0d2d579977c119e2303b93c30b1650c
b51a7b102d4061a92cb0c37be955db922b95c336dedf935f26c37f2504032017
b58191e86807185aaf9aacff7f14f7bda665cc7c6b359a343a8ae20bc4b48425
b763771b6cc14414c34bad71eb61900ba16b132711b50320b88339bb2f03a798
bb5fe0c96abadf23fc4c637edfa2a5096938640246acd60455083e59c422b9bf
bc4745c49e7b36562c11318938ea23875cd8437a7cfe420fc8cd7e69bb3361b1
c069d58fd7a01544c71d35093e8fc3f6d946a94490b10a39b16b7e4ca04d2f50
c34b55cf2da67a1b940191ee2f5bf5540ac4c2098770189f62dd7a4b585f1cb9
c464fac9dfadef32c17e2eaae4a1065ba33431ccb76b1b580c0b646a3fa27ce6
c9ec0942628d3ff20e555db432cfc3a5b31e63aef544b23f081c6519bca359e8
ce4a90a5f4277cc37df4c749f440c4c407db17053e8f87d744898297591ff349
cf13ad23226567c7251a5209f79cec02f77934498ab2e5b5a24942c18ba35134
d0aed86436c0439f8d534d2ae8dcc6c7169d343aee95297ad1ee0a09288ba6c7
d3b1d1f7c45599c4f8255df6951a412c0ef6caf667dd552c8943ac4454d3a2f3
d5b927395aabcf0119f941bf3a319450f58f3a22f116959ba102a4814d8aba0c
d68c87dd14a6d930bcf636725c453c33490c083be547441149fd263be8caf2f9
d91a208d3fec58fc18e388e457a420ffcf89a59f973179ef1b4611ac9d323c93
d95436f7767d00183b0ad333c2886d86116f46a2c089346295fc5f1cbde9d7fc
db45bc7896bfe61840d5d5e8ffc8b0ff59a6386e88df91ff312cd44f7a321193
e024ceb80aad75b72044fa250422849569484454f65d0dcfbe224defaef72641
e258c4c1836df7c9688d63930e1354e1988ea281efac6338fc4378dd88e14397
e3185e7bde194446dc658e5954c97602d94f9cc05be650b20566dd52f2e5cdf1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e557e7bfc09a8442fcf15aa049fa912182b915bcc5fc79d10dd1a7fb9da9b124
e6ba6b202312eac1413a78f104b48982edc1cd9dd3b89b0285fd8dcea05f170a
e856597b4ded91aaa28c09a6a1863e7c17ac275708bebbc1e98d1e6205caeb6b
e91d6d55853024930f0f6881740f446be9bc2f94da22f4adcd1901c4063fad93
ebd570a2c872302de5f9797491b03634a2bca24b197e8f5cc4907db2cf3c06fc
ec28ff4890a98a2c1eb854ed9ec27038d413489b905936d95ff02559058f5e20
eccbb9672b85650b223cc2461fffa2dbb003bd9c448cd3d6380125016b5879c2
f091e1d441288ecb2e4751e9b263bc552df511fc3405d3439b93d3b4b29ddbff
f32efab3e613d54ba8a902582e4d9c71c427d40671d35b3e767b4d02c979ba74
f54cdf772b56c8f09df24d5f10edf5dfba7174acd963d7f7d75cf59471305188
f7458ea665353807b29b429e0e622531bdd4e5eeb2502a89f2c8e198c51e69b5
f77a386a01cdbcd97f66205f354fa42c3c3b88070c7792c6383c2bc9c65153ad
f89763eb455b8aa8b55d4c31ef89452f5e91cc67e7dc17b4a40e50a6052a9589
fafa1a4bd0cd3cbd2d8e07b04a74cafa68f69b0333c6b59c3bbb43fd264d27b5

ads.giaitriwin79.us Open in urlscan Pro 172.67.180.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

152 Requests

98 %HTTPS

45 %IPv6

9 Domains

11 Subdomains

12 IPs

2 Countries

5579 kBTransfer

6983 kBSize

3 Cookies

6 Outgoing links

Redirected requests

152 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ads.giaitriwin79.us Open in urlscan Pro
172.67.180.80 Public Scan

Screenshot
Live screenshot

Full Image

152
Requests

98 %
HTTPS

45 %
IPv6

9
Domains

11
Subdomains

12
IPs

2
Countries

5579 kB
Transfer

6983 kB
Size

3
Cookies

152 HTTP transactions
0 data transactions