androidfly.com Open in urlscan Pro
2606:4700:3030::6815:47cb Public Scan

Go To Rescan
Add Verdict Report

URL:
https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Submission: On January 07 via api (January 7th 2024, 4:26:29 pm UTC) from US — Scanned from DE

Summary HTTP 127 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 27 domains to perform 127 HTTP transactions. The main IP is 2606:4700:3030::6815:47cb, located in United States and belongs to CLOUDFLARENET, US. The main domain is androidfly.com.
TLS certificate: Issued by GTS CA 1P5 on November 10th 2023. Valid for: 3 months.

This is the only time androidfly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	2606:4700:303... 2606:4700:3030::6815:47cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	103.101.163.236 103.101.163.236	131353 (NHANHOA-A...) (NHANHOA-AS-VN NhanHoa Software company)
1	151.101.66.38 151.101.66.38	54113 (FASTLY) (FASTLY)
1	2600:9000:269... 2600:9000:269b:d600:a:2e9c:6840:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.212.20.240 52.212.20.240	16509 (AMAZON-02) (AMAZON-02)
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	144.202.89.196 144.202.89.196	20473 (AS-CHOOPA) (AS-CHOOPA)
1	51.79.228.46 51.79.228.46	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6810:ea0a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	209.59.169.245 209.59.169.245	32244 (LIQUIDWEB) (LIQUIDWEB)
1	141.193.213.11 141.193.213.11	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	103.212.121.91 103.212.121.91	135222 (MWNASHIK-...) (MWNASHIK-AS MilesWeb Internet Services Pvt Ltd)
1	2a05:d014:776... 2a05:d014:776:a63e:931e:6ac2:944b:f27e	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3030::ac43:8a88	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:225b:5400:1:f545:d900:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:303... 2606:4700:3035::6815:3899	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3 17	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
6	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
127	30

26 2606:4700:3030::6815:47cb (United States)

ASN13335 (CLOUDFLARENET, US)

androidfly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.101.163.236 (Viet Nam)

ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN)

tourdulichhalonggiare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.38 (United States)

ASN54113 (FASTLY, US)

media-cdn.tripadvisor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:269b:d600:a:2e9c:6840:93a1 (United States)

ASN16509 (AMAZON-02, US)

image.arrivalguides.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.20.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: server1.fatpromotions.co.uk

www.travelinsured.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.globalgrasshopper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.202.89.196 (Kent, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 144.202.89.196.vultrusercontent.com

globalgrasshopper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.79.228.46 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: sin-02.hcservers.com

angkorfocus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:ea0a (United States)

ASN13335 (CLOUDFLARENET, US)

images.pexels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.59.169.245 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.smarthealthshopforum.com

sifetbabo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

travelbabbo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.212.121.91 (India)

ASN135222 (MWNASHIK-AS MilesWeb Internet Services Pvt Ltd, IN)
PTR: zest.herosite.pro

northindiatourism.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d014:776:a63e:931e:6ac2:944b:f27e (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

homeiswhereyourbagis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:8a88 (United States)

ASN13335 (CLOUDFLARENET, US)

touristjourney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225b:5400:1:f545:d900:93a1 (United States)

ASN16509 (AMAZON-02, US)

img.theculturetrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:3899 (United States)

ASN13335 (CLOUDFLARENET, US)

www.indochinatravelpackages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

p4-bxjwhhrlct2ya-rirgzwy2edyxkvye-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	546 KB
26	androidfly.com androidfly.com	594 KB
17	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	183 KB
13	gstatic.com p4-bxjwhhrlct2ya-rirgzwy2edyxkvye-if-v6exp3-v4.metric.gstatic.com www.gstatic.com fonts.gstatic.com	134 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 173
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	4 KB
4	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 6	881 B
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	258 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	14 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 770	137 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	88 KB
2	globalgrasshopper.com 1 redirects www.globalgrasshopper.com globalgrasshopper.com	61 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1695	244 B
1	indochinatravelpackages.com www.indochinatravelpackages.com	56 KB
1	theculturetrip.com img.theculturetrip.com — Cisco Umbrella Rank: 981422	61 KB
1	touristjourney.com touristjourney.com	613 KB
1	homeiswhereyourbagis.com homeiswhereyourbagis.com	204 KB
1	northindiatourism.com northindiatourism.com	106 KB
1	travelbabbo.com travelbabbo.com	678 KB
1	sifetbabo.com sifetbabo.com	14 KB
1	pexels.com images.pexels.com — Cisco Umbrella Rank: 65812	89 KB
1	angkorfocus.com angkorfocus.com	280 KB
1	travelinsured.co.uk www.travelinsured.co.uk	224 KB
1	arrivalguides.com image.arrivalguides.com	31 KB
1	tripadvisor.com media-cdn.tripadvisor.com — Cisco Umbrella Rank: 12293	61 KB
1	tourdulichhalonggiare.com tourdulichhalonggiare.com	464 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	92 KB
127	27

	Domain	Requested by
26	androidfly.com	androidfly.com
22	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
17	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
13	pagead2.googlesyndication.com	androidfly.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
9	www.gstatic.com	googleads.g.doubleclick.net
6	www.googleadservices.com	androidfly.com
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	www.google.com	3 redirects tpc.googlesyndication.com
4	www.googletagservices.com	googleads.g.doubleclick.net
3	www.facebook.com	connect.facebook.net
2	static.xx.fbcdn.net	www.facebook.com
2	fonts.gstatic.com	fonts.googleapis.com
2	p4-bxjwhhrlct2ya-rirgzwy2edyxkvye-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-bxjwhhrlct2ya-rirgzwy2edyxkvye-if-v6exp3-v4.metric.gstatic.com
2	connect.facebook.net	androidfly.com connect.facebook.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.indochinatravelpackages.com	androidfly.com
1	img.theculturetrip.com	androidfly.com
1	touristjourney.com	androidfly.com
1	homeiswhereyourbagis.com	androidfly.com
1	northindiatourism.com	androidfly.com
1	travelbabbo.com	androidfly.com
1	sifetbabo.com	androidfly.com
1	images.pexels.com	androidfly.com
1	angkorfocus.com	androidfly.com
1	globalgrasshopper.com	androidfly.com
1	www.globalgrasshopper.com	1 redirects
1	www.travelinsured.co.uk	androidfly.com
1	image.arrivalguides.com	androidfly.com
1	media-cdn.tripadvisor.com	androidfly.com
1	tourdulichhalonggiare.com	androidfly.com
1	www.googletagmanager.com	androidfly.com
127	31

This site contains no links.

Subject Issuer	Validity	Valid
androidfly.com GTS CA 1P5	`2023-11-10` - `2024-02-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tourdulichhalonggiare.com R3	`2023-12-10` - `2024-03-09`	3 months	crt.sh
media.tacdn.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-06` - `2024-04-22`	a year	crt.sh
image.arrivalguides.com Amazon RSA 2048 M01	`2023-05-18` - `2024-06-15`	a year	crt.sh
travelinsured.co.uk R3	`2023-12-17` - `2024-03-16`	3 months	crt.sh
angkorfocus.com R3	`2023-12-15` - `2024-03-14`	3 months	crt.sh
images.pexels.com E1	`2024-01-02` - `2024-04-01`	3 months	crt.sh
*.sifetbabo.com R3	`2024-01-02` - `2024-04-01`	3 months	crt.sh
travelbabbo.com Cloudflare Inc ECC CA-3	`2023-03-08` - `2024-03-07`	a year	crt.sh
ftp.northindiatourism.com R3	`2023-12-16` - `2024-03-15`	3 months	crt.sh
homeiswhereyourbagis.com R3	`2024-01-05` - `2024-04-04`	3 months	crt.sh
touristjourney.com GTS CA 1P5	`2023-12-10` - `2024-03-09`	3 months	crt.sh
image-service.theculturetrip.com Amazon RSA 2048 M02	`2023-10-28` - `2024-11-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-16` - `2024-01-14`	3 months	crt.sh
indochinatravelpackages.com E1	`2023-12-28` - `2024-03-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Frame ID: 68A07A646D536AD44DEAD93F01BFF1A9
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/zrt_lookup_fy2021.html
Frame ID: 753B97398985209445E444D17A529E8B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&adk=1812271804&adf=3025194257&lmt=1704644782&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644782076&bpp=3&bdt=245&idt=185&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7086655669164&frm=20&pv=2&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=204
Frame ID: 5B237C61E40178001071EBCF2217E377
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&h=280&slotname=3351301778&adk=1023056894&adf=1723785077&pi=t.ma~as.3351301778&w=730&fwrn=4&fwrnh=100&lmt=1704644782&rafmt=1&format=730x280&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644782079&bpp=1&bdt=248&idt=204&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7086655669164&frm=20&pv=1&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=208
Frame ID: C1A6C3AEB542EA39042461DFA91F1C62
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&h=280&slotname=3351301778&adk=1023056894&adf=1468745917&pi=t.ma~as.3351301778&w=730&fwrn=4&fwrnh=100&lmt=1704644782&rafmt=1&format=730x280&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644782080&bpp=1&bdt=250&idt=210&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=7086655669164&frm=20&pv=1&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=212
Frame ID: 3679D33590C1EE523A6C0B9876801FB9
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 31B082520B87CBD0A5A93DB1CB78B6C6
Requests: 2 HTTP requests in this frame

Frame: https://p4-bxjwhhrlct2ya-rirgzwy2edyxkvye-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: CB29A125435F498F1723061169B20BEE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 0DC5ACC18E293F843894F83EC8CA4D3A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&h=280&adk=3282774983&adf=1030347576&pi=t.aa~a.182839455~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1704644783&rafmt=1&to=qs&pwprc=8259955455&format=360x280&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644783333&bpp=1&bdt=1502&idt=-M&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd2e0dfd6a6cdfebf%3AT%3D1704644782%3ART%3D1704644782%3AS%3DALNI_MbOfvMqEcLGTK-ypDnmvCgT7g8yDw&gpic=UID%3D00000d3c14206b48%3AT%3D1704644782%3ART%3D1704644782%3AS%3DALNI_MaBre1u3CCraNCp0jhatqPLVOCxwA&prev_fmts=0x0%2C730x280%2C730x280&nras=2&correlator=7086655669164&frm=20&pv=1&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1589&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&psts=AOrYGsnoeakJG0zb9d9LhXqxo6xwoiwgyKdoAEczrXNaZ5-mfh4rce5JapqdbwRg_RaUeBGEDIzRJHRBooT2zYbp4Bh-tQ&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=7
Frame ID: B97BD2E11ED244280528E9C94BDBE43C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&h=280&adk=207852320&adf=1197070778&pi=t.aa~a.2379756499~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1704644783&rafmt=1&to=qs&pwprc=8259955455&format=360x280&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644783333&bpp=1&bdt=1502&idt=0&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd2e0dfd6a6cdfebf%3AT%3D1704644782%3ART%3D1704644782%3AS%3DALNI_MbOfvMqEcLGTK-ypDnmvCgT7g8yDw&gpic=UID%3D00000d3c14206b48%3AT%3D1704644782%3ART%3D1704644782%3AS%3DALNI_MaBre1u3CCraNCp0jhatqPLVOCxwA&prev_fmts=0x0%2C730x280%2C730x280%2C360x280&nras=3&correlator=7086655669164&frm=20&pv=1&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1252&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&psts=AOrYGsnoeakJG0zb9d9LhXqxo6xwoiwgyKdoAEczrXNaZ5-mfh4rce5JapqdbwRg_RaUeBGEDIzRJHRBooT2zYbp4Bh-tQ&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9
Frame ID: C615093F7FFD39A08FA8212E0E51D766
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 82C77A0C39D66BD2BC56D7DF626AB69B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: FF0EC47D0B77B283A1E21E8BA2A5B7E2
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: D00C6723955792BAAE28D9CBFADD0A59
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 07D5EB5C9B4064B82E1787D7AE498783
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: 428F34549CC022404D15704251B48578
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B22B97D5B312DCF20196421E5852963B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 04A0A3FFE6923215D386DE016313C491
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 0E2287B3AAD0629C8742EB9FAFC1593B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.11/plugins/like.php?app_id=308966749604846&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c94fb86c551c8%26domain%3Dandroidfly.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fandroidfly.com%252Ff12dc43a5fb9244%26relation%3Dparent.parent&container_width=750&href=http%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&layout=button_count&locale=vi_VN&sdk=joey
Frame ID: B8091F00A2827A968573429984384A56
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.11/plugins/share_button.php?app_id=308966749604846&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df391f5f593d5704%26domain%3Dandroidfly.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fandroidfly.com%252Ff12dc43a5fb9244%26relation%3Dparent.parent&container_width=750&href=http%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&layout=button_count&locale=vi_VN&sdk=joey
Frame ID: 1C4351A39986C13B8D633F53259910CD
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v2.11/plugins/comments.php?app_id=308966749604846&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c300cd3057b5%26domain%3Dandroidfly.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fandroidfly.com%252Ff12dc43a5fb9244%26relation%3Dparent.parent&container_width=750&height=100&href=http%3A%2F%2Fandroidfly.com%2F%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&locale=vi_VN&numposts=5&sdk=joey&version=v2.11&width=
Frame ID: 01126054208A98D2C03DCBA78216CD35
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1CD23D070EE4FD31CABB1A70283485F5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F1A45823328FFE1E6289BF0DF5C8D6BB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Title Exploring the Enchanting Beauty of Bai Chay, Ha Long A Traveler's Paradise - Vietnam

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

127
Requests

96 %
HTTPS

67 %
IPv6

27
Domains

31
Subdomains

30
IPs

6
Countries

4989 kB
Transfer

8365 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://www.globalgrasshopper.com/wp-content/uploads/2010/05/Attuya.jpg HTTP 301
https://globalgrasshopper.com/wp-content/uploads/2010/05/Attuya.jpg

Request Chain 57

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 60

https://googleads.g.doubleclick.net/pagead/adview?ai=CMz3grtCaZbzrHJ_cs8IPv5aRoAWA_MaRdYmBhZv2DoiQlJhDEAEg3eukKmCV4pCCoAegAZju6qEDyAECqQITD9A53FuyPqgDAcgDyQSqBMICT9ByXeIdifzeU1Ca-2DeRCRvKByY4WprVUvN24UnP801pXfSMmH3oMXVYHuCDyz1ddorn9du1tu67rOb2PGI6yz6SUCF_tdTziZtO7gzlsL0tSozX5XH9INv9j75bVhgxnY_CGMpKPDlcLArmjtSs5nqvMGSc2eDetiD6yRHdcbnHlz5zApZaDGQkQjmHCzMcrZ86aBK3u1vJVAkj4qc3pzP3MCt_RoDC2NA6I8pv5h87OXXRKkF8hwhlfPSPRloQPblRoQnn5eYpm1fNlNQJVDAzsIz5sfuLVmh3Ax-KF_ac2WxrAlp-CVd9W5-XK7RfquGmUkewSPKazUAHcsqQtzphQc6lJgHd6ikYGsSfaIwhZcF3Ct9omckUe51G0Z8IJ3YwUQEeJPyyRauDqShTHqjwqx79IH7biXxHtpkYDeJHMAEt7yu6NcDiAWNzc-pMpIFBAgEGAGSBQQIBRgEoAYCgAfQkZVeqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ9r4D0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliL2t_V2MuDA5oJOmh0dHBzOi8vd3d3LmRldG9tYXNvLXdhdGNoZXMuY29tL2QwMi0zNS0wOT92b3VjaGVyPXNwZWNpYWyACgHICwGiDAgqBgoErLqxAtgTDdAVAYAXAbIXHAoaCAASFHB1Yi00NjM3Nzc1Mzc0MzgyNjk5GAA&sigh=anT1xpKbFDA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_MhC36SkIHlGiPu7DnsFsrX1JGo27YclQY59elWfvGPCna2yQRffggHZhhCNyNZd10LF_uqFXPtBXhuC7dgCKUnmU5texsMzoMM8YAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22121908502045368891%22,%22debug_reporting%22:true,%22destination%22:%22https://detomaso-watches.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22876263192%22],%2222%22:[%22true%22],%224%22:[%2201-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217515720148045224017%22}&andc=true

Request Chain 77

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 95

https://googleads.g.doubleclick.net/pagead/adview?ai=CoEoBrtCaZd7YHPers8IP0rKg8A3_zrX_ct6Ry5qiEvK8goHABRABIN3rpCpgleKQgqAHoAG8ob2lAsgBAakCEw_QOdxbsj6oAwHIA8sEqgTWAk_Qyx0MwMwgeMGm3zIywA0xmvqFQf3pQzbzlhObUbOs7WUBtAHpNxGrz_j0v0qBL5iCQJgKoIEcyG7blDmTIOOZ3hwSNEU-Exw1i7mL_aWt3qlYHFxPGC7kLchQ9OQ3x0qlHKPGc36H97SMYGa6UVt3BwpIwffnjYj0fNcCpetMzu12XRYU9YvhkKJIWBdGSEzot7L2fbmqvYX50-1SpqmU72-jNIbRmHWiuvHJttmagHhj5zYKOIRdnrrKJjWzdZrgXqKWkojcurJJqhefJmLbA8bdr7JqrDPNd3sUFnpNN0WuhZED1J0qEyqE7D7L_inoG4Es6W2hwvXgOJVSE4GxuQ4CqWlf4yVv2uqMO8vF6KjYgWKGX2Fc7F0LdXk_X2Qkp7MQpo7lRnzVL1bzgCIBfykI2XhLa4YK9WMKcnb_cSWmBgY8PqpY45fLIDUkP43xdo4oN8AEj_THo70EiAXd9ofGTJIFBAgEGAGSBQQIBRgEgAes3sLaAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEENPcCtIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYk8Df1djLgwOaCSNodHRwczovL3d3dy4xOTA1emlub3NwYWxhY2UuY29tL2VuL4AKAcgLAaIMDCoKCgisurECu7uxAtgTDdAVAYAXAbIXHAoaCAASFHB1Yi00NjM3Nzc1Mzc0MzgyNjk5GAA&sigh=vt9kiW2wtn8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_CRk0-346C1IBZ_rgVziUqLdEn-19pTGw4f71euP_Ph3YQZqZ90j6s_i10kQAnEOi8JsKuN6JArH1tb8NxQGawoNShvPbOVIzPBsYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227588421591831755984%22,%22debug_reporting%22:true,%22destination%22:%22https://1905zinospalace.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22615469244%22],%2222%22:[%22true%22],%224%22:[%2201-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213899833479151371729%22}&andc=true

Request Chain 107

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 109

https://googleads.g.doubleclick.net/pagead/adview?ai=CWMkNrtCaZZ2zHbrx7OsPpJuHkA7uh56vcI_jndGJCcCNtwEQASDd66QqYJXikIKgB6ABuen4hwPIAQGoAwHIA8MEqgTVAk_QYnroYzc6zcn5bTed24ftubWqQ3GRFlCw-cPTNl__6ptYXaslMq7CnUIZ1HWOHdngmk2b8GPFACxHy8vLpO3rCOlX_e9bY5gIHP_TVjbsdbFmUNdavgM-uVsRktRou5DHhpm5uZ-G4wgYqJ6xQi6NMMF-FX3Wd0DeNPu4LPIy4gB60XZHkzvwofQuMTGQ8gZOZqtr2QksOHWs2-JxW8WrMKdFIIby2aVWbLcfPg5j7Vn9W20M57QkC-siRpq7btMHtgkb6crw6M0QwiUuHlIXRsY9r3jV3D7eofZ75SkuU_pbzbYiEmydHn74UjnV-mEdbpZY7OhlEHNh2uO8bWQA0pduOiJVnlKBOfAXJ5Aqn4Y2SWysv0mT1FbBgQLLkF1DbJH-PeJAQ6uJ6tF26hszqYcyjpb1Kn-jCNgwqXgnmeKdJSlzUO1H08gdDg1tZjfh9tfrwAS34cLrjAKIBYC90sIGkgUECAQYAZIFBAgFGASgBlGAB6-Wh3ioB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDXuATSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WJGR39XYy4MDmgkqaHR0cDovL3VwcmlzZXRyYXZlbC5jb20vdG91cnMvZ2hhbmEtdG91cnMvgAoByAsBogwIKgYKBKy6sQLYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNDYzNzc3NTM3NDM4MjY5ORgA&sigh=DKKIouALOt0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_bjX0eJLZBxpngeqWVdemlredYGY-piFEt1QMuE6b_NzEg-GyoCc-Wrze_o6BMK1_ECDaaWChWgC4_r5YkBtsC1p0m7uK2p_Ym0gYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223487285709741259223%22,%22debug_reporting%22:true,%22destination%22:%22https://uprisetravel.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22821966009%22],%2222%22:[%22true%22],%224%22:[%2201-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227839100517795986801%22}&andc=true

127 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html Show response
androidfly.com/vietnam/ 55 KB
11 KB 484ms
430ms Document
text/html 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cd5e9727bb6efe4b3c8e14f7bcd707bc47ca5f9f143f5c75270e642716de07c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 841d8fdbcfa5922f-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 07 Jan 2024 16:26:21 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f87fRuyzG76tzQl9hR8QS4qOIU5B7EmcNMKXhT180xonySRckEl21HKFk0lRctg1pW82PI4dsec0sKx9wvlmiKDGZvRTffF48LJRBHihH7tDJT0OVrRe7IgdR7zUtUu8kIfUD1DCh6Gymh6BgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

GET
H2 200 global.css
androidfly.com/skins/default/css/ 7 KB
2 KB 17ms
13ms Stylesheet
text/css 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/skins/default/css/global.css
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67352a9258fb5621269f16f8a7f1d7da0ffbdfbee3790752f6a2fdd8c3de9825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 25 Sep 2015 05:28:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5349
etag: W/"1ac9-5208b9e4de000-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJUVqYvo5wp%2BVkRHTEyIBB8zVk%2FhZEyib0dfgax6XW2v%2BW%2FgrZGCJLCg1nymzmo18%2FNTKwtC%2F5EvZeOIlydauC5czz2ALi%2B7ISTWvW9uoSceUbtifs8BaVF33sUDG5dJBx2TT%2Fqkxw%2Fj1%2B0J5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 841d8fde7950922f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
androidfly.com/skins/default/css/ 503 B
558 B 21ms
17ms Stylesheet
text/css 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/skins/default/css/style.css
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2806f206b2660cc644bc15ef42e131015cf0ea786b81a06195083374d7d60ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Feb 2015 10:29:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5349
etag: W/"1f7-50ea53d09d300-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y67OUgY9sK3GWBukABPB3pCzceiYtNcU71VH0HjWbBSj2amDixdKQvq4u5eWsthTgP%2FOkf40rBuBWheoDeAuds%2BCpCZIQiLohSnlZSr2up18Td487rhpvmbDLnWcXCsWLpPdSV1Ns9ofhCNQzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 841d8fde7952922f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
androidfly.com/skins/news/css/ 2 KB
1 KB 22ms
19ms Stylesheet
text/css 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/skins/news/css/style.css
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 765ea96d5d11be769cf8364b3df56f5dd920b421d75155dab6d5d838a9ced529

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Aug 2018 15:31:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5349
etag: W/"8b2-573f3b75b1480-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DMYYNOccdk3QGk8n9EkyOx4gmv%2BGKKN4Qny0aJ5u%2B84Bprsrmo648lTcCxdejF7Kq%2BHEGWRxztpZCE%2FtPWE27%2FzifWyuv7P%2Fqe1KOt5KzH6o4hAsnIWm2bf%2FMUbaKyqbbd9Q8Xri%2BG5C0grBww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 841d8fde7953922f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 cookie.js Show response
androidfly.com/packages/core/includes/js/ 2 KB
1 KB 19ms
15ms Script
application/javascript 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/packages/core/includes/js/cookie.js
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d84768c516f12a49da48f88cf42d278d188c3f79df4f3b52e21dba576ff54049

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 31 Mar 2014 07:53:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5349
etag: W/"998-4f5e258cbae00-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rW9IviXsu7k6a4gjck5h%2FXhYagFI%2BVUiN9vjczwYW6Zeo92EPyDECvGxn82pyVyASovGMycvf4qRafPyInEpi37rA8mwq0eAs0MtHukyB6mIwCy1yJ98TKXsNBf%2FBP8jfH9M3JvR3PGyVfyYew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 841d8fde7954922f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-1.7.min.js Show response
androidfly.com/packages/core/includes/js/jquery/ 92 KB
34 KB 24ms
21ms Script
application/javascript 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/packages/core/includes/js/jquery/jquery-1.7.min.js
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jun 2013 22:28:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5349
etag: W/"16f44-4e01628b9a500-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vshqp0MUWcYaSmo1Lt21fzZwRhrMgW5XY4uDcPCCduCDAPWJekL3TjeiwQVAqwIRD4LtKYBHImFou3mG8UTmtU3fWCwAr7I3C0Jgi6091IV61XgC1WhASmiSzu1Rt1ycCF39HuP2EBjGtbBc%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 841d8fde7955922f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-ui-1.9.2.custom.min.js Show response
androidfly.com/packages/core/includes/js/jquery/ 232 KB
63 KB 33ms
30ms Script
application/javascript 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/packages/core/includes/js/jquery/jquery-ui-1.9.2.custom.min.js
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 013d958045ceb7dd26a259de01b1016ee47b9fbc8e884c56b7ed9573ac042c14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Nov 2013 04:13:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5349
etag: W/"3a0ea-4eab6b8e7f780-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAl8OMXIndaTAG3Lvy5eHZzkNLzArWiSFJrcAcU3czkS1AOh7UGFli9O%2FiOdlUQB5%2FwAbFXYylltle2xAjpLdZ5eaNFdu%2FzeMI74PAYpIMXBRuyGigBlegSrY8SIdrJX7UXCTIPtYqFKOeRjIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 841d8fde7956922f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 common.js Show response
androidfly.com/packages/core/includes/js/ 11 KB
4 KB 45ms
42ms Script
application/javascript 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/packages/core/includes/js/common.js
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f81e62d2930815d56b52bcd66e8591698d5bc7d2331c952dff5d789bf38775f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Dec 2017 03:49:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5349
etag: W/"2c7e-561220c23ac00-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjEl8XwZy8CCjiQBBtSBFRBbIo4WZYt%2BLoBKpKGC3XgbbTgFUXzZ7znMP2%2BqrGUzN0oYga34mkhmLpr2lr%2BdWDkJ4Up3WXZRplmlaiF4TOYhZKob0FjUa2llCmEikx%2BvlnTYLrOdxgPX6P8JoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 841d8fdea97e922f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-ui-1.9.2.custom.css
androidfly.com/skins/default/css/jquery/ 26 KB
5 KB 19ms
16ms Stylesheet
text/css 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/skins/default/css/jquery/jquery-ui-1.9.2.custom.css
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50bd0f708512076e7d0fb769280d25c40b21fb7e418aa59fb1950d7a6e3547bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 Dec 2014 06:44:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5349
etag: W/"6690-5097267af0b80-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3oq3UKYV1v%2BAsjf6yHk7B0qOG7bRTrMQ29wO6R32tW17y5ezVdjaFv7HG1SyuYJask9euZCsRgEOGHaUTac4aVQ%2FxzhNR%2BFIbmTnVoeTGbwy8vyVQsINToQBjQrNDHrLdYbk82UWSNUmXs2DeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 841d8fde8958922f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 font-awesome.css
androidfly.com/skins/default/font/css/ 30 KB
6 KB 21ms
18ms Stylesheet
text/css 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/skins/default/font/css/font-awesome.css
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a462da7bd355856fd2b98cef1e3b57e43743a4b8e9fac3d8136b8fcdd862da17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 Jun 2015 21:09:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5349
etag: W/"7856-517cbb5f3b180-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1YjKsHMCEpUCRAkfDcuTWGVUWBYINP9KcganujH7id1UwIfvAet%2BZB5ku2EW8Ur1m8oaGXaI1JCoGhtkYUp5sa35IXAMSqqRS%2B2s%2FBN%2Bd8X1%2BsLM6gWGFTN44S3E9HM0J8yf2lJXsmK62x5Z3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 841d8fde8959922f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 admin.js Show response
androidfly.com/packages/core/includes/js/ 3 KB
1 KB 43ms
40ms Script
application/javascript 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/packages/core/includes/js/admin.js
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbbb44b73eb4c11f052ca3d8b9935c80b5b37eca165048c402c5413d126b93df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Jan 2015 10:17:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5349
etag: W/"ac2-50c0d3bfb8200-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jl7NH%2ByPSIULogd3qjoFFHiwirG6R3Jx9P%2BTwbVwjVIUKeGgJsbsOoZcA8tBSHk9Q%2BZMksUaPQTxtucwX2pXRu2SGFEpAP7guTfDb8CYKXSizgeRZgZlI9bMbgLUc5Kx2Lx9HfBuFhfhN3q%2Bpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 841d8fdea97f922f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 lib.js Show response
androidfly.com/skins/default/js/ 3 KB
1 KB 42ms
39ms Script
application/javascript 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/skins/default/js/lib.js
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aff31ea304b7bc3012737681c0ac2a83f8b0712c6d901ba8572e8b1d862aade

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 Jun 2015 22:07:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5349
etag: W/"da7-517cc86546b80-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtpNOCYLwqfsH6b2aYFk3x%2BmTxpFI5cjabWxgifdeG1mTaduYgB6vF60zgrYNZBSss%2BZjtqIlzUjFv4Eq78HEhOl%2FzAYLofkHCQWZ9VkE5hc8cBxKNyQszotvlWp68QDV5iSjDR4kJ2sqnS%2F%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 841d8fdea980922f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 slick.css
androidfly.com/skins/news/plugins/slick/ 4 KB
1 KB 17ms
14ms Stylesheet
text/css 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/skins/news/plugins/slick/slick.css
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d164a71e13ac98acf5e89d5641152835322b4e784a7e0e9dd1c4cbba3724d0a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Aug 2018 15:13:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5349
etag: W/"fc4-572d9d7782c00-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dse%2FQN6hNNpo8vO2ZXg2d5RMTj1IpnLkM8iJdnWfeNLWh2tGPzF7SFL26uSqmceieXu5CO79uHYzR%2B%2FuqwK4bgt5j6VyzidNMnfwJWuNEzHyAWDFlaW7CbNUVhQoM%2FYzrnhi%2BIy3xHdGSPTPiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 841d8fde895b922f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 slick.js Show response
androidfly.com/skins/news/plugins/slick/ 69 KB
13 KB 46ms
44ms Script
application/javascript 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/skins/news/plugins/slick/slick.js
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57d77c8ca1ef7313363b200848555760678e8e85cf356248f5c67180212022c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 04 Apr 2015 05:35:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5349
etag: W/"11282-512df6d0b0900-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WIYEmoiTYeikhQoiuTNoUb0zJCa%2FROidBIDtIgGymnK4mWgLWD2ZCfNNJMzv0muPBhm87sYnEoGpEIT4jwW6q%2FLiKNQ0mtoerP9l8hvgYNEIo%2FF4TaAZV6UyDG52TeZdZJMYyVGbt5G0d%2FbMfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 841d8fdea982922f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.min.css
androidfly.com/skins/news/bootstrap/css/ 98 KB
17 KB 21ms
19ms Stylesheet
text/css 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/skins/news/bootstrap/css/bootstrap.min.css
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b7cdab5aad34832dbfe90f95a7382ac78d908c69db19a4af7f5e477928c2999

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Sep 2020 15:03:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5349
etag: W/"1867c-5aef6dea38700-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VPaez56DrMFQmmikK5C2ujIXYWFRzDuG%2Bv7fo2NwOnJQHyewPR1uZ2cPoyTMviHaeQIHb9gowkwOeu4r8fujGWs9dMl2%2Fv00woE3MjdrhE2CmSd4jpcTcMwv6ZxNeQnElPU%2Br2mvyLQs3ssttg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 841d8fde895c922f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 banner.css
androidfly.com/skins/news/css/ 92 KB
20 KB 40ms
38ms Stylesheet
text/css 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/skins/news/css/banner.css
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29ea8f5397b5d2dc5e0524f24c68130d0fa926d87df7ed18632e7845d643719f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Sep 2020 14:08:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5349
etag: W/"16ec8-5aef61b31f540-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpJY9gHeqFRwLzO2X2TXbzIJL3InpJCq20lhsVuGyp7P9Ybel1InH3BZMmBtx5M7uRadoJW7nBGd8yJSuYI34uttsDLs1KBXTvsDiYR3VLYA7ZXrmBT25UdZf7DvcYyz1ffUNqM5pYObbg8mIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 841d8fdea973922f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 path.css
androidfly.com/skins/news/css/ 0
346 B 43ms
42ms Stylesheet
text/css 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/skins/news/css/path.css
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
cf-cache-status: HIT
last-modified: Tue, 26 Dec 2017 16:51:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5349
etag: "0-56141182e2880"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHJ%2BsMUnL1ca6nKyRx3G6WoZh%2BvO1NC%2B2AbyL1%2B%2BSpw71gJHftb8bh%2FUh7Jg3GOVgAVmevy2wUUtFnRSpEx4%2Fx1qEQKZwksCUvIms4Fq%2BDNrsMLHkCPk9aUnSQI2aRIrswqh2SskqDXmXbxbXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 841d8fdea974922f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 extra.css
androidfly.com/skins/news/css/ 6 KB
1 KB 40ms
39ms Stylesheet
text/css 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/skins/news/css/extra.css
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0d1f1a280871e7e80f10bd671248ff3ec035c48382919092297736d5d0bb9ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Mar 2017 08:40:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5349
etag: W/"191b-54b2579452100-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lebx1WWA456w2rjAiBww9KEDpIDUB2DyIS4Tx9U1t1sBgim2kROfE0DHhgpZyoHAVWO2tvvNc8A9rtInEC3ojOM%2Bki2V84Uoxw4R3%2F%2F0Jx8aa7hdzMBOppprjXJEmbgt%2BQE%2B0HEUskLHZrRWJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 841d8fdea975922f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
androidfly.com/skins/news/templates/Advertisment/skins/default/ 310 B
450 B 45ms
43ms Stylesheet
text/css 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/skins/news/templates/Advertisment/skins/default/style.css
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3aaf9fc29938e4721f3800ba5c6f4abeacf1401acd5b8c24950f8c69b2d150d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Nov 2013 04:20:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5349
etag: W/"136-4eab6d0a0f700-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49pQejAYsCmIz5IZ59OKd2qzgflgkYepSnPJmDV56JM5%2BBLjeoEbuQcoVrKLjapJAegJRSkmLR%2BU%2FDt4WZOfXc51BAAlaKGH5%2B%2BPw%2BJPUxn7zeyRckwroYKpjOp1mmiTqlJiQTLu0uqpuAEIkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 841d8fdea977922f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 news.css
androidfly.com/skins/news/css/ 79 KB
15 KB 47ms
46ms Stylesheet
text/css 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/skins/news/css/news.css
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 286450fd86f5586c8880a42ed803326da595f169bf305c09235ce596e5990e2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Aug 2018 15:53:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5349
etag: W/"13af3-574a912027800-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqop1hEyuHE0FwWngdWi9rubxhBFxeTlAPPtyuA9eLkVTH9OG3RuykHlhuG5GmK3z7O%2B4v6BjBW7cNXD0nvnHBjLdKbU%2FiBq2n3J1rv%2FdmuJkq3UK2Qu4yHn1zGSeUmA4cH4mbJKbD13YsEWVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 841d8fdea97b922f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 contact.css
androidfly.com/skins/news/css/ 4 KB
1 KB 38ms
37ms Stylesheet
text/css 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/skins/news/css/contact.css
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aa60f55d0e1e9e9a21c74fb338db50d8befccd2e6b95621cd342abc88749d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Aug 2018 08:02:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5349
etag: W/"fb5-573c53797cc80-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6v13NSGAiyneD90fI1Aa%2FbE3ZA1%2B2GmFAiH3kBLC%2F%2F9lN4SyqIaVezaXBJMQFC2pztHYFOCFL%2B9YTnwc8jBiN0rQ8K9aLOeU6rAADn%2FbV8Dltty%2B%2BaPhIeQrbTWdbCo9nL8SidKCn2cThFQwyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 841d8fdea97c922f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 45ms
24ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R47QC7DB6V

Requested by

Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b8f9015b4e76948492f6cfe69a66206678474065d0ba791ad3b6966c63060436

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93946
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 07 Jan 2024 16:26:21 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 80ms
59ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4637775374382699

Requested by

Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d08bb9cc9ffedbd8d43b9ac65932e5f6b45c5df12a561887c87119a86f55171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidfly.com/
Origin: https://androidfly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51473
x-xss-protection: 0
server: cafe
etag: 15142273924996029171
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 16:26:21 GMT

GET
H2 200 logo.png
androidfly.com/upload/news/icon//46.2019/ 22 KB
22 KB 42ms
41ms Image
image/png 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://androidfly.com/upload/news/icon//46.2019/logo.png
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 621341a96156c4446e0c5d1e09d665dbbffe014a541d66766acf7f5ea65a33d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
cf-cache-status: HIT
last-modified: Thu, 14 Nov 2019 08:51:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5348
etag: "5656-5974a9514bd72"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdOivz8%2F14DIlnrnek9q9lhZxx%2FgBsYkQnYcH8ziZ2Gxcarg%2FA1aQjzd5XP6suy%2FN%2FBQBY9oYwOhIs9Si0BPdWZa17xjeRvirSZJ7aKByGlDFYzHsajn1xAC%2F7xfbccUB7jbstfwK3vV1%2FHb9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 841d8fdea984922f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22102

GET
H2 200 Bai-Bien-ha-long.jpeg
tourdulichhalonggiare.com/wp-content/uploads/2020/04/ 460 KB
464 KB 2621ms
195ms Image
image/jpeg 103.101.163.236
NHANHOA-AS-VN Nha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tourdulichhalonggiare.com/wp-content/uploads/2020/04/Bai-Bien-ha-long.jpeg
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.101.163.236 , Viet Nam, ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: 23f8d893cf04d599f581087623ac1f1a21f346817f177da41b184a480da3ca53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:24 GMT
last-modified: Fri, 03 Apr 2020 02:31:51 GMT
server: Apache/2
accept-ranges: bytes
etag: "73117-5a259b846f3c0"
content-length: 471319
content-type: image/jpeg

GET
H2 200 caption.jpg
media-cdn.tripadvisor.com/media/photo-s/1b/5d/51/50/ 61 KB
61 KB 76ms
8ms Image
image/jpeg 151.101.66.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/photo-s/1b/5d/51/50/caption.jpg
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 69e15fcb6bd7600dab7700e5e6941d7b28b59abad78d57b2e7b820a929513ef7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
via: 1.1 varnish, 1.1 varnish
x-media-cdn: 97354520
age: 375518
x-cache: HIT, HIT
content-length: 62579
x-served-by: cache-iad-kjyo7100156-IAD, cache-fra-etou8220054-FRA
last-modified: Sun, 31 May 2020 10:52:39 GMT
x-timer: S1704644782.953013,VS0,VE2
etag: "cb022bfc3e6568e02bc1c37bcc9a4680"
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
timing-allow-origin: https://www.tripadvisor.com
x-cache-hits: 13, 1

GET
H2 200 c18767847e3b4caa9d8a6d94b82d3698.jpg
image.arrivalguides.com/415x300/03/ 30 KB
31 KB 226ms
136ms Image
image/jpg 2600:9000:269b:d600:a:2e9c:6840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.arrivalguides.com/415x300/03/c18767847e3b4caa9d8a6d94b82d3698.jpg
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269b:d600:a:2e9c:6840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fea414456bef6c71f28e47040668585f17f07bf5ab76c9511a14317422e46514

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:23 GMT
via: 1.1 0a2c7c875f8793c5e59592c87bbf97ea.cloudfront.net (CloudFront)
last-modified: Tue, 20 Oct 2020 12:50:22 GMT
server: AmazonS3
x-amz-cf-pop: MRS52-P6
etag: "1879d71e3557042007624c2f3aca283d"
x-cache: RefreshHit from cloudfront
content-type: image/jpg
content-length: 31086
x-amz-cf-id: lU9nWx2DmzOUweNY_sxM_FM0N8ORQg5SUOpH5RbEKE5KVTQxPBiCIg==

GET
H2 200 saphan-bhumibol.jpg
www.travelinsured.co.uk/shopimages/ 223 KB
224 KB 255ms
58ms Image
image/jpeg 52.212.20.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelinsured.co.uk/shopimages/saphan-bhumibol.jpg
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.212.20.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: server1.fatpromotions.co.uk
Software: nginx / PleskLin
Resource Hash: 6007b2a39424fc3418bf30ffb01ebe6ba9974acd5e5582b8a5a98d9ae621fc36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:22 GMT
last-modified: Wed, 08 Apr 2020 11:08:48 GMT
server: nginx
etag: "5e8db0c0-37d88"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 228744
expires: Tue, 06 Feb 2024 16:26:22 GMT

GET
H2

200

Attuya.jpg
globalgrasshopper.com/wp-content/uploads/2010/05/
Redirect Chain

https://www.globalgrasshopper.com/wp-content/uploads/2010/05/Attuya.jpg
https://globalgrasshopper.com/wp-content/uploads/2010/05/Attuya.jpg

60 KB
60 KB

495ms
152ms

Image
image/jpeg

144.202.89.196
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://globalgrasshopper.com/wp-content/uploads/2010/05/Attuya.jpg
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Server: 144.202.89.196 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.89.196.vultrusercontent.com
Software: nginx /
Resource Hash: 1a6a957f0f98db4f975cd20c340d4ffc080d5b0f09f23fab2a8f0e4f372a6bc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:22 GMT
last-modified: Mon, 04 Jul 2022 20:09:05 GMT
server: nginx
etag: "62c348e1-ef79"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 61305

Redirect headers

date: Sun, 07 Jan 2024 16:26:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oG9lICeRF8LVtNx6RJduSTnoyDkbz463ObJovAMFM%2BUfaO%2BwEHqSvHDtINKHlA%2F3%2BcNzuvSLp9sNdWswbvuhbFRXaiHSAu%2BEVAsZ2NDlzNZzXQEnyyzoJ9kdmmad%2BEaj3BxjGxUYJxRwBLTdQ89sGQGKiQreG%2B0w"}],"group":"cf-nel","max_age":604800}
location: https://globalgrasshopper.com/wp-content/uploads/2010/05/Attuya.jpg
cache-control: max-age=3600
cf-ray: 841d8fdf28694db1-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 07 Jan 2024 17:26:21 GMT

GET
H2 200 Thumb-1-day-angkor-discovery-tour-.jpg
angkorfocus.com/backoffice/uploads/thumbs/ 280 KB
280 KB 931ms
346ms Image
image/jpeg 51.79.228.46
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://angkorfocus.com/backoffice/uploads/thumbs/Thumb-1-day-angkor-discovery-tour-.jpg

Requested by

Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.79.228.46 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

sin-02.hcservers.com

Software

Apache /

Resource Hash

f107d3ffba0b9ba6cfe2d40e6700723c3b6ac18c5dd799b5dda7aa71eb13fd66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 Feb 2019 08:58:46 GMT
server: Apache
etag: "45fa3-5814a0ccedd80"
content-type: image/jpeg
accept-ranges: bytes
content-length: 286627

GET
H2 200 pexels-photo-4502064.jpeg
images.pexels.com/photos/4502064/ 88 KB
89 KB 44ms
18ms Image
image/jpeg 2606:4700::6810:ea0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.pexels.com/photos/4502064/pexels-photo-4502064.jpeg?auto=compress&cs=tinysrgb&fit=crop&w=1000&h=500

Requested by

Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ea0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1f89522c0127658cc61f55f4d009ae529c0b03bbec3ba0e1d4c6e9768afb67d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1958773
cf-polished: status=not_needed
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
x-imgix-id: 8626ffa3a5ff780d970fb0e4538544022162dc31
alt-svc: h3=":443"; ma=86400
content-length: 89917
x-served-by: cache-sjc1000091-SJC, cache-fra-eddf8230127-FRA
x-imgix-render-farm: 01.140328
cf-bgj: imgq:85,h2pri
last-modified: Thu, 14 Dec 2023 13:27:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 841d8fdf081bbbe3-FRA
expires: Mon, 06 Jan 2025 16:26:21 GMT

GET
H/1.1 200
OK unnamed-4.webp
sifetbabo.com/wp-content/uploads/2023/05/ 13 KB
14 KB 837ms
233ms Image
image/webp 209.59.169.245
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sifetbabo.com/wp-content/uploads/2023/05/unnamed-4.webp
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.59.169.245 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.smarthealthshopforum.com
Software: nginx /
Resource Hash: 7a565302a3a3f3aa7b77d849fe10429f56f745ed32e62d04646127a134607b88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Sun, 07 Jan 2024 16:26:22 GMT
last-modified: Mon, 22 May 2023 06:32:21 GMT
Server: nginx
vary: User-Agent,User-Agent
Content-Type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13682
expires: Sun, 14 Jan 2024 16:26:22 GMT

GET
H2 200 IMG_0533-1.jpg
travelbabbo.com/wp-content/uploads/2015/05/ 676 KB
678 KB 45ms
16ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travelbabbo.com/wp-content/uploads/2015/05/IMG_0533-1.jpg
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2b6422a1abd73d3b9a39e2275f2b214a56f46f65f9c50dc3d417ba399620d33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
cf-cache-status: HIT
age: 858453
cf-polished: origSize=787241
alt-svc: h3=":443"; ma=86400
content-length: 692645
cf-bgj: imgq:100,h2pri
last-modified: Thu, 25 Aug 2016 20:57:22 GMT
server: cloudflare
etag: "57bf5bb2-c0329"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 841d8fdf2b072c1c-FRA

GET
H2 200 167411980jaipur_6.jpg
northindiatourism.com/admin/package/ 105 KB
106 KB 1167ms
117ms Image
image/jpeg 103.212.121.91
MWNASHIK-AS Miles...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://northindiatourism.com/admin/package/167411980jaipur_6.jpg

Requested by

Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.212.121.91 , India, ASN135222 (MWNASHIK-AS MilesWeb Internet Services Pvt Ltd, IN),

Reverse DNS

zest.herosite.pro

Software

LiteSpeed /

Resource Hash

f58a1be0f1c0b9d1eced192f063e5f373de62b956c312a6dbd77ac7cb45432bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:23 GMT
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 18 Aug 2021 03:22:36 GMT
server: LiteSpeed
etag: "1a56e-611c7cfc-8f783f1e501fa364;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 107886
expires: Sun, 14 Jan 2024 16:26:23 GMT

GET
H2 200 artikelbild-laos-video.jpg
homeiswhereyourbagis.com/wp-content/uploads/2018/08/ 203 KB
204 KB 62ms
38ms Image
image/webp 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://homeiswhereyourbagis.com/wp-content/uploads/2018/08/artikelbild-laos-video.jpg
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 558077985dce606f1f70ca06a419a12e7553de48497d3d6b593b6d7efe593667

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;323ea9dabdb3796c755f613de83ce77c;2-373135-81;493ef1f3-15d9-4bd9-5920-412d884906be
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-ezoic-excludewebp: false
response: 200
last-modified: Tue, 21 Aug 2018 12:29:20 GMT
server: Apache
x-ez-proxy-out: true 2.4
etag: "4565d-573f12ce393af-gzip"
x-origin-cache-control
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
content-type: image/webp
cache-control: public, max-age=31536000

GET
H2 200 India-travel-1-2048x1360.jpg
touristjourney.com/wp-content/uploads/2020/08/ 612 KB
613 KB 91ms
31ms Image
image/jpeg 2606:4700:3030::ac43:8a88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://touristjourney.com/wp-content/uploads/2020/08/India-travel-1-2048x1360.jpg
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8a88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dda99e87ecde9a2aa99339bf08a9834a4d4bd3f0269e901cbce18034fde23455

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1909038
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400
content-length: 626371
last-modified: Mon, 26 Apr 2021 10:53:18 GMT
server: cloudflare
etag: "60869b9e-98ec3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQnNQ6Aq6WCksFGhH9hUQydh0n1VYEarZxpanzdX84RYgtP1i5qFjb7uuRBKeDlsbp9qrct56et6%2F2ZwQIb%2BGArQFTNAKe5ghsRSmrS2rzWzfW%2FS7hIMRhFpEcQGCQJyNAfizDc6cRi0kiYJ531JGvA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 841d8fdf9df43c9b-CDG
expires: Sun, 15 Dec 2024 14:09:04 GMT

GET
H2 200 h8xad4.jpg
img.theculturetrip.com/450x/smart/wp-content/uploads/2020/03/ 61 KB
61 KB 103ms
15ms Image
image/webp 2600:9000:225b:5400:1:f545:d900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.theculturetrip.com/450x/smart/wp-content/uploads/2020/03/h8xad4.jpg

Requested by

Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:5400:1:f545:d900:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1173cab76c151842c2500cdad0794dc333b06afa486941b23656b58c045fcfd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 10:34:54 GMT
via: 1.1 878a01abbb158ab50d28bd4e882dc33a.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P1
age: 2008288
etag: "77bf0d68b3f1607c831e66ad19f6eb894b76d69d"
vary: Accept, Origin
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=15552000
content-length: 62124
x-amz-cf-id: WiOtnYd2srZ7twtJl4zYxLNk_Rm2_4JE7wYQGo5H5ReSI0UA5LVDJw==
expires: Sat, 14 Dec 2024 10:34:54 GMT

GET
H2 200 fonts.css
androidfly.com/skins/news/css/ 1 KB
614 B 22ms
22ms Stylesheet
text/css 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/skins/news/css/fonts.css
Requested by: Host: androidfly.com
URL: https://androidfly.com/skins/news/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29287bc9a0656f3896c331347c557f71e42a7b7d40eaee1d67041c566f46d6fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/skins/news/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Aug 2018 14:27:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5349
etag: W/"4d1-5736600de9980-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXN7QQcjRD7PjKEqFmRYerh73R2XEcbsJmDL5gqGddz%2Bf%2BW4Z8cZ7qB4%2ByznRItUtl4IKqq81nNyeBLYIA5GxDyeeLuLQ3rr779BpvlpTatieVC7ZxE7q7wsPjj3DvQECtyqjamTs%2BK%2F1k52ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 841d8fdea987922f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 3 KB
3 KB 23ms
10ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js

Requested by

Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6d51797fdb7fec8a16a8779b7491eadbe3a7bb2f93d4ba82524ec4c24c7817b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 07 Jan 2024 16:26:21 GMT
content-md5: MP6X3Sp8L20T+64n2Ku8Lw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints
x-fb-debug: OFf4AuQEkgD7PUesjYMiJEoY75UOzXRv10qaLMIzJeO/ccE5gxz8yHFtjDxsKwsIJJde+mE/ToEYYeW5KThNiQ==
x-fb-content-md5: 2deadbeb66a31d1648e67dbb0cda56c9
cross-origin-opener-policy: same-origin-allow-popups
etag: "8d012744f2c5b315113be90368a666e6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 07 Jan 2024 16:32:02 GMT

GET
H2 200 Yen-Tu-Pagoda-600x400.jpeg
www.indochinatravelpackages.com/wp-content/uploads/2015/06/ 55 KB
56 KB 567ms
187ms Image
image/jpeg 2606:4700:3035::6815:3899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.indochinatravelpackages.com/wp-content/uploads/2015/06/Yen-Tu-Pagoda-600x400.jpeg
Requested by: Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81a2182cdbd48668fe27cbaf5c1bcb8ff1636799c02a9ab86042c364868dca41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 95842
alt-svc: h3=":443"; ma=86400
content-length: 56287
last-modified: Fri, 19 Jun 2015 03:31:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vv7yfoTj6%2BPB1NexZP6DErycvc8ZnKGZ0TrZwkXxE16Q6MpB%2BEzLzPMocDsgWsw7MgQSzsG4LcTMiGl%2FNdbRwT49Fw5oMovq%2FBww7PoHVJqrjfDxKA3VVo7Afd76n6ZF26aGIeOPPyPkikyxMnkjmrI0AFzaQbUoRyXETAc4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 841d8fe22f2791a5-SIN
expires: Sat, 13 Jan 2024 13:49:00 GMT

GET
H3 200 Roboto-Medium.ttf
androidfly.com/skins/news/fonts/roboto/ 157 KB
158 KB 30ms
29ms Font
application/x-font-ttf 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/skins/news/fonts/roboto/Roboto-Medium.ttf
Requested by: Host: androidfly.com
URL: https://androidfly.com/skins/news/css/fonts.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02868d6a7e80d4e7836b6263dd50d26a63e923a1223c9e027aad6dc2501c27cc

Request headers

Referer: https://androidfly.com/skins/news/css/fonts.css
Origin: https://androidfly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Nov 2011 15:16:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2309
etag: W/"273b8-4b2ccfe65ce80-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFGSbTYtgWCTl9qB7PfVttHU2JXDT8MqDbY6p8JC7%2BrETGGINIl5FI9NOaS5nGmjBXAOtQq0KpCeRLhKk1iFysT0i8%2BzIieZ6%2Bt4VPdfvs36F9Nwd%2B70NbRxMjBgRhi4rLmaeL3vWAbETMhXgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-ttf
cache-control: max-age=14400
cf-ray: 841d8fdefe16f180-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 fontawesome-webfont.woff2
androidfly.com/skins/default/font/fonts/ 55 KB
56 KB 90ms
90ms Font
application/octet-stream 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/skins/default/font/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: androidfly.com
URL: https://androidfly.com/skins/default/font/css/font-awesome.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://androidfly.com/skins/default/font/css/font-awesome.css
Origin: https://androidfly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
cf-cache-status: HIT
last-modified: Thu, 22 Jan 2015 06:52:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2309
etag: W/"ddcc-50d381dbfec00-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtx7w8jvuIDY%2BsK1WGHr4YsvXtIExA8PH6kV%2FbjyGgVJAkmsgOOfspwHHuRQxdUPW3R5xhuUu%2BmL8pkhguvKrd83LxAT%2BS8OyJJDMQrO8LnlpkTaGmr22tM33oDMEi1I15q07CPwnSzRyAmPZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 841d8fdefe1ef180-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 Roboto-BoldCondensed.ttf
androidfly.com/skins/news/fonts/roboto/ 158 KB
158 KB 92ms
92ms Font
application/x-font-ttf 2606:4700:3030::6815:47cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://androidfly.com/skins/news/fonts/roboto/Roboto-BoldCondensed.ttf
Requested by: Host: androidfly.com
URL: https://androidfly.com/skins/news/css/fonts.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c9245c0246a9c745793c7eaa9cc1fc964a12570009031ea0223115bec6e9426

Request headers

Referer: https://androidfly.com/skins/news/css/fonts.css
Origin: https://androidfly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:21 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Nov 2011 15:16:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2309
etag: W/"2761c-4b2ccfe474a00-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfSB84OPNHO%2F5ANPUF9POTt8FDBBqOryd15v%2B02t3%2B0%2BxT8ZL%2FXixF737qy1muhAJqeKBYV%2BMbSKp386XtLeCEDY7wcGbQyxdle%2F%2BVWfLiYkEZn8NJ2AvgaclB8JzizbimMAMipYA%2BHVCW83sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-ttf
cache-control: max-age=14400
cf-ray: 841d8fdefe21f180-CDG
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
244 B 51ms
20ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-R47QC7DB6V&gtm=45je4130v9138608497&_p=1704644781901&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1545642016.1704644782&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704644781&sct=1&seg=0&dl=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&dt=Title%20Exploring%20the%20Enchanting%20Beauty%20of%20Bai%20Chay%2C%20Ha%20Long%20A%20Traveler%27s%20Paradise%20-%20Vietnam&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=663
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R47QC7DB6V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 16:26:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://androidfly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/vi_VN/ 297 KB
85 KB 15ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js?hash=ab88ab1c3c5ab63856a370d4a07e22cd

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

efcdbfda7a4486e760baf34c66f031a186c0c569833e3af457e8694a273d12ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://androidfly.com/
Origin: https://androidfly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 07 Jan 2024 16:26:22 GMT
content-md5: RlVpaYQy5y/+cu09uf9FLg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86996
reporting-endpoints
x-fb-debug: LH35R+bLDXQULkAZfFOQ8w42PmUYCDj+VA7DpmJauESHf0T6l8xxapr++UXJuRNK4tvlG/17DYTnkq+HzTOEMQ==
x-fb-content-md5: 06460ff42ca4fc275c7fa522c210dbbf
cross-origin-opener-policy: same-origin-allow-popups
etag: "76e4a876791e2b5388159298afe20adf"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Mon, 06 Jan 2025 15:51:11 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 403 KB
136 KB 95ms
81ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4637775374382699&plah=androidfly.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4637775374382699

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bea81766fd646e0840f2855f8dcb5e9e61b1ab502923513cde89dfb6a456b44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139435
x-xss-protection: 0
server: cafe
etag: 16580549511268331550
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 16:26:22 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/ Frame 753B 9 KB
4 KB 27ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4637775374382699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidfly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 48046
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 03:05:36 GMT
etag: 9219409622527106327
expires: Sun, 21 Jan 2024 03:05:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5B23 397 KB
85 KB 971ms
970ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&adk=1812271804&adf=3025194257&lmt=1704644782&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644782076&bpp=3&bdt=245&idt=185&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7086655669164&frm=20&pv=2&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=204

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4637775374382699&plah=androidfly.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb3306811c84bc0f4404d77a5e0e663ae91c910d0154cd54bfb56c6129656bfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidfly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 86912
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 16:26:23 GMT
expires: Sun, 07 Jan 2024 16:26:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C1A6 129 KB
43 KB 1007ms
1007ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&h=280&slotname=3351301778&adk=1023056894&adf=1723785077&pi=t.ma~as.3351301778&w=730&fwrn=4&fwrnh=100&lmt=1704644782&rafmt=1&format=730x280&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644782079&bpp=1&bdt=248&idt=204&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7086655669164&frm=20&pv=1&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=208

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e452e7702bc8e601dc3607cd3286aa1b06f6dacc9fce76148bd4677dc3746ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidfly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43575
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 16:26:23 GMT
expires: Sun, 07 Jan 2024 16:26:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3679 118 KB
41 KB 628ms
628ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&h=280&slotname=3351301778&adk=1023056894&adf=1468745917&pi=t.ma~as.3351301778&w=730&fwrn=4&fwrnh=100&lmt=1704644782&rafmt=1&format=730x280&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644782080&bpp=1&bdt=250&idt=210&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=7086655669164&frm=20&pv=1&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=212

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74b6321b8ac516cf94a7dac1d525969572f08bb23947205b8ab1f2804234127c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidfly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41870
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 16:26:22 GMT
expires: Sun, 07 Jan 2024 16:26:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 9814204942924879925
tpc.googlesyndication.com/daca_images/simgad/ Frame 3679 80 KB
81 KB 41ms
13ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/9814204942924879925

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&h=280&slotname=3351301778&adk=1023056894&adf=1468745917&pi=t.ma~as.3351301778&w=730&fwrn=4&fwrnh=100&lmt=1704644782&rafmt=1&format=730x280&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644782080&bpp=1&bdt=250&idt=210&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=7086655669164&frm=20&pv=1&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba15d398154c0ebee11afa06206c1be1b8a38da758c23e6b4d964d34b4cc99be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 16:31:42 GMT
date: Thu, 04 Jan 2024 16:31:42 GMT
x-content-type-options: nosniff
age: 258880
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82235
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 19:17:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame 3679 23 KB
9 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 14:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 14:37:27 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 31B0 143 B
166 B 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&h=280&slotname=3351301778&adk=1023056894&adf=1468745917&pi=t.ma~as.3351301778&w=730&fwrn=4&fwrnh=100&lmt=1704644782&rafmt=1&format=730x280&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644782080&bpp=1&bdt=250&idt=210&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=7086655669164&frm=20&pv=1&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=212
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 15:38:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-bxjwhhrlct2ya-rirgzwy2edyxkvye-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame CB29 247 B
870 B 50ms
15ms Document
text/html 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-bxjwhhrlct2ya-rirgzwy2edyxkvye-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

50883536282ad464f54d3b42d09e7df63b1f13f886d58811af83f81055ceb225

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 205
content-security-policy-report-only: script-src 'nonce-4CZ_GyVrbDHOQtKf27bpOw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 16:26:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 3679 3 KB
1 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 15:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 15:36:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 3679 20 KB
9 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 10:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 10:12:40 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3679 204 KB
65 KB 90ms
62ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jan 2024 16:26:23 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 3679 36 KB
15 KB 34ms
11ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e73556347f061bcbefdd907b2a377220818ea0c32808ca19c50ab2181df7a9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 15:03:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4967
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14809
x-xss-protection: 0
server: cafe
etag: 6453211018870451496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 15:03:35 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 31B0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

79ms
78ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 16:26:23 GMT
expires: Sun, 07 Jan 2024 16:26:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 16:26:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3679 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdebe90d69cdbe16baf4d0b32e4715cffea4abe542d98049e4d454a6bca5d546

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 iframe.html Show response
p4-bxjwhhrlct2ya-rirgzwy2edyxkvye-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame CB29 5 KB
2 KB 15ms
14ms Document
text/html 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-bxjwhhrlct2ya-rirgzwy2edyxkvye-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-bxjwhhrlct2ya-rirgzwy2edyxkvye-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-bxjwhhrlct2ya-rirgzwy2edyxkvye-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

9f464313260274ebb7705b76630ea33e5c5c5b685d44c0979b20e1a7264d07a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-bxjwhhrlct2ya-rirgzwy2edyxkvye-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1985
content-security-policy-report-only: script-src 'nonce-S9ZaiGa6krFDblAJ-AwXhQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 16:26:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 3679
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CMz3grtCaZbzrHJ_cs8IPv5aRoAWA_MaRdYmBhZv2DoiQlJhDEAEg3eukKmCV4pCCoAegAZju6qEDyAECqQITD9A53FuyPqgDAcgDyQSqBMICT9ByXeIdifzeU1Ca-2DeRCRvKByY4WprVUv...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22121908502045368891%22,%22debug_reporting%22:true,%22destination%22:%22https://detomaso-watches.com%22,%22event_report_wind...

0
0

57ms
42ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22121908502045368891%22,%22debug_reporting%22:true,%22destination%22:%22https://detomaso-watches.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22876263192%22],%2222%22:[%22true%22],%224%22:[%2201-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217515720148045224017%22}&andc=true

Requested by

Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:23 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"121908502045368891","debug_reporting":true,"destination":"https://detomaso-watches.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["876263192"],"22":["true"],"4":["01-07"],"6":["true"]},"priority":"500","source_event_id":"17515720148045224017"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Jan 2024 16:26:23 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 07 Jan 2024 16:26:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"121908502045368891","debug_reporting":true,"destination":"https://detomaso-watches.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["876263192"],"22":["true"],"4":["01-07"],"6":["true"]},"priority":"500","source_event_id":"17515720148045224017"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 0DC5 50 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 441427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Jan 2025 13:49:16 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 76ms
41ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 07 Jan 2024 16:26:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame C1A6 9 KB
4 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&h=280&slotname=3351301778&adk=1023056894&adf=1723785077&pi=t.ma~as.3351301778&w=730&fwrn=4&fwrnh=100&lmt=1704644782&rafmt=1&format=730x280&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644782079&bpp=1&bdt=248&idt=204&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7086655669164&frm=20&pv=1&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 487324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 01 Apr 2024 01:04:19 GMT

GET
H2 200 eca8f43f04ace2cb887c6c133446ca43.js Show response
www.gstatic.com/mysidia/ Frame C1A6 11 KB
5 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eca8f43f04ace2cb887c6c133446ca43.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&h=280&slotname=3351301778&adk=1023056894&adf=1723785077&pi=t.ma~as.3351301778&w=730&fwrn=4&fwrnh=100&lmt=1704644782&rafmt=1&format=730x280&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644782079&bpp=1&bdt=248&idt=204&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7086655669164&frm=20&pv=1&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2366f8ceefa49f15dbf946bb02a4cf52b6d2999f71712d3f52e8bd5f56e1988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 17:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4745
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Mar 2024 17:33:57 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C1A6 14 KB
2 KB 38ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&h=280&slotname=3351301778&adk=1023056894&adf=1723785077&pi=t.ma~as.3351301778&w=730&fwrn=4&fwrnh=100&lmt=1704644782&rafmt=1&format=730x280&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644782079&bpp=1&bdt=248&idt=204&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7086655669164&frm=20&pv=1&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 07 Jan 2024 16:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 07 Jan 2024 14:37:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 07 Jan 2024 16:26:23 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame C1A6 2 KB
822 B 10ms
10ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&h=280&slotname=3351301778&adk=1023056894&adf=1723785077&pi=t.ma~as.3351301778&w=730&fwrn=4&fwrnh=100&lmt=1704644782&rafmt=1&format=730x280&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644782079&bpp=1&bdt=248&idt=204&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7086655669164&frm=20&pv=1&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=208

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 14:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 14:37:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame C1A6 23 KB
9 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&h=280&slotname=3351301778&adk=1023056894&adf=1723785077&pi=t.ma~as.3351301778&w=730&fwrn=4&fwrnh=100&lmt=1704644782&rafmt=1&format=730x280&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644782079&bpp=1&bdt=248&idt=204&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7086655669164&frm=20&pv=1&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=208

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 14:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 14:37:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame C1A6 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&h=280&slotname=3351301778&adk=1023056894&adf=1723785077&pi=t.ma~as.3351301778&w=730&fwrn=4&fwrnh=100&lmt=1704644782&rafmt=1&format=730x280&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644782079&bpp=1&bdt=248&idt=204&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7086655669164&frm=20&pv=1&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=208

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 15:22:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3808
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 15:22:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame C1A6 20 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&h=280&slotname=3351301778&adk=1023056894&adf=1723785077&pi=t.ma~as.3351301778&w=730&fwrn=4&fwrnh=100&lmt=1704644782&rafmt=1&format=730x280&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644782079&bpp=1&bdt=248&idt=204&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7086655669164&frm=20&pv=1&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 10:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 10:12:40 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C1A6 204 KB
64 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&h=280&slotname=3351301778&adk=1023056894&adf=1723785077&pi=t.ma~as.3351301778&w=730&fwrn=4&fwrnh=100&lmt=1704644782&rafmt=1&format=730x280&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644782079&bpp=1&bdt=248&idt=204&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7086655669164&frm=20&pv=1&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jan 2024 16:26:23 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame C1A6 37 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&h=280&slotname=3351301778&adk=1023056894&adf=1723785077&pi=t.ma~as.3351301778&w=730&fwrn=4&fwrnh=100&lmt=1704644782&rafmt=1&format=730x280&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644782079&bpp=1&bdt=248&idt=204&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7086655669164&frm=20&pv=1&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Mar 2024 13:56:43 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 161 KB
55 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

396d1a2496877a742319606833563379e33598377a28e1e12b733dc6ab6608e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56259
x-xss-protection: 0
server: cafe
etag: 9616344031703032809
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 16:26:23 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B97B 430 B
228 B 648ms
647ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&h=280&adk=3282774983&adf=1030347576&pi=t.aa~a.182839455~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1704644783&rafmt=1&to=qs&pwprc=8259955455&format=360x280&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644783333&bpp=1&bdt=1502&idt=-M&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd2e0dfd6a6cdfebf%3AT%3D1704644782%3ART%3D1704644782%3AS%3DALNI_MbOfvMqEcLGTK-ypDnmvCgT7g8yDw&gpic=UID%3D00000d3c14206b48%3AT%3D1704644782%3ART%3D1704644782%3AS%3DALNI_MaBre1u3CCraNCp0jhatqPLVOCxwA&prev_fmts=0x0%2C730x280%2C730x280&nras=2&correlator=7086655669164&frm=20&pv=1&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1589&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&psts=AOrYGsnoeakJG0zb9d9LhXqxo6xwoiwgyKdoAEczrXNaZ5-mfh4rce5JapqdbwRg_RaUeBGEDIzRJHRBooT2zYbp4Bh-tQ&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

261fdb080a004a1f5476ea57832cc7437b736654c88e66d00f6bf25fad04dd12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidfly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 16:26:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C615 430 B
228 B 981ms
980ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&h=280&adk=207852320&adf=1197070778&pi=t.aa~a.2379756499~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1704644783&rafmt=1&to=qs&pwprc=8259955455&format=360x280&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644783333&bpp=1&bdt=1502&idt=0&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd2e0dfd6a6cdfebf%3AT%3D1704644782%3ART%3D1704644782%3AS%3DALNI_MbOfvMqEcLGTK-ypDnmvCgT7g8yDw&gpic=UID%3D00000d3c14206b48%3AT%3D1704644782%3ART%3D1704644782%3AS%3DALNI_MaBre1u3CCraNCp0jhatqPLVOCxwA&prev_fmts=0x0%2C730x280%2C730x280%2C360x280&nras=3&correlator=7086655669164&frm=20&pv=1&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1252&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&psts=AOrYGsnoeakJG0zb9d9LhXqxo6xwoiwgyKdoAEczrXNaZ5-mfh4rce5JapqdbwRg_RaUeBGEDIzRJHRBooT2zYbp4Bh-tQ&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1e2c12745619ab0265c110630ba8d1166770c407b17c57e3b6256b4c287930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidfly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 16:26:24 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 82C7 143 B
166 B 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&h=280&slotname=3351301778&adk=1023056894&adf=1723785077&pi=t.ma~as.3351301778&w=730&fwrn=4&fwrnh=100&lmt=1704644782&rafmt=1&format=730x280&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644782079&bpp=1&bdt=248&idt=204&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7086655669164&frm=20&pv=1&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=208

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&h=280&slotname=3351301778&adk=1023056894&adf=1723785077&pi=t.ma~as.3351301778&w=730&fwrn=4&fwrnh=100&lmt=1704644782&rafmt=1&format=730x280&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644782079&bpp=1&bdt=248&idt=204&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7086655669164&frm=20&pv=1&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=208
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 15:38:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C1A6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6545b57a8cb45974e0308b92fd36a9666ddbce95e267b99273130020502da91

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 82C7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

21ms
21ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&h=280&slotname=3351301778&adk=1023056894&adf=1723785077&pi=t.ma~as.3351301778&w=730&fwrn=4&fwrnh=100&lmt=1704644782&rafmt=1&format=730x280&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644782079&bpp=1&bdt=248&idt=204&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7086655669164&frm=20&pv=1&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=208

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 16:26:23 GMT
expires: Sun, 07 Jan 2024 16:26:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 16:26:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/ Frame FF0E 9 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidfly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59766
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 23:50:17 GMT
etag: 9219409622527106327
expires: Sat, 20 Jan 2024 23:50:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/ Frame D00C 9 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidfly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59766
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 23:50:17 GMT
etag: 9219409622527106327
expires: Sat, 20 Jan 2024 23:50:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame FF0E 4 KB
745 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 07 Jan 2024 16:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 07 Jan 2024 14:45:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 07 Jan 2024 16:26:23 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FF0E 205 B
229 B 7ms
6ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 22:20:28 GMT
x-content-type-options: nosniff
age: 237955
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 03 Jan 2025 22:20:28 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FF0E 604 B
628 B 8ms
7ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 22:26:16 GMT
x-content-type-options: nosniff
age: 237607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 03 Jan 2025 22:26:16 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/ Frame FF0E 16 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 15:36:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 15:36:58 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/ Frame FF0E 22 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 14:50:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 14:50:18 GMT

GET
H3 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame D00C 9 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 487324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 01 Apr 2024 01:04:19 GMT

GET
H3 200 eca8f43f04ace2cb887c6c133446ca43.js Show response
www.gstatic.com/mysidia/ Frame D00C 11 KB
5 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eca8f43f04ace2cb887c6c133446ca43.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2366f8ceefa49f15dbf946bb02a4cf52b6d2999f71712d3f52e8bd5f56e1988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 17:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4745
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Mar 2024 17:33:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D00C 14 KB
1 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 07 Jan 2024 16:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 07 Jan 2024 14:42:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 07 Jan 2024 16:26:23 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame D00C 2 KB
822 B 10ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 14:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 14:37:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame D00C 23 KB
9 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 14:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 14:37:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame D00C 3 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 15:22:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3808
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 15:22:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame D00C 20 KB
8 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 10:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 10:12:40 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D00C 204 KB
64 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jan 2024 16:26:23 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame D00C 37 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Mar 2024 13:56:43 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame C1A6 33 KB
34 KB 30ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 04:01:15 GMT
x-content-type-options: nosniff
age: 476708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 04:01:15 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame C1A6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CoEoBrtCaZd7YHPers8IP0rKg8A3_zrX_ct6Ry5qiEvK8goHABRABIN3rpCpgleKQgqAHoAG8ob2lAsgBAakCEw_QOdxbsj6oAwHIA8sEqgTWAk_Qyx0MwMwgeMGm3zIywA0xmvqFQf3pQzb...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227588421591831755984%22,%22debug_reporting%22:true,%22destination%22:%22https://1905zinospalace.com%22,%22event_report_wind...

0
0

42ms
42ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227588421591831755984%22,%22debug_reporting%22:true,%22destination%22:%22https://1905zinospalace.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22615469244%22],%2222%22:[%22true%22],%224%22:[%2201-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213899833479151371729%22}&andc=true

Requested by

Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:23 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"7588421591831755984","debug_reporting":true,"destination":"https://1905zinospalace.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["615469244"],"22":["true"],"4":["01-07"],"6":["true"]},"priority":"500","source_event_id":"13899833479151371729"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Jan 2024 16:26:23 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 07 Jan 2024 16:26:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7588421591831755984","debug_reporting":true,"destination":"https://1905zinospalace.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["615469244"],"22":["true"],"4":["01-07"],"6":["true"]},"priority":"500","source_event_id":"13899833479151371729"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 07D5 50 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4637775374382699&output=html&h=280&slotname=3351301778&adk=1023056894&adf=1723785077&pi=t.ma~as.3351301778&w=730&fwrn=4&fwrnh=100&lmt=1704644782&rafmt=1&format=730x280&url=https%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704644782079&bpp=1&bdt=248&idt=204&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7086655669164&frm=20&pv=1&ga_vid=1545642016.1704644782&ga_sid=1704644782&ga_hid=302653945&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C44798934&oid=2&pvsid=3542156557584187&tmod=301197741&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=208

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 441427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Jan 2025 13:49:16 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 428F 2 KB
480 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 07 Jan 2024 16:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 07 Jan 2024 14:45:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 07 Jan 2024 16:26:23 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 428F 2 KB
822 B 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 14:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 14:37:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame 428F 23 KB
9 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 14:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 14:37:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 428F 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 15:22:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3808
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 15:22:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 428F 20 KB
8 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 10:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 10:12:40 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 428F 204 KB
64 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jan 2024 16:26:23 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 428F 37 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Mar 2024 13:56:43 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B22B 143 B
166 B 7ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 15:38:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D00C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0322af843c797aaee963600b3a92a512678ff84c9ed14771b91e117b090f731

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
41ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 07 Jan 2024 16:26:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B22B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

20ms
20ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 16:26:23 GMT
expires: Sun, 07 Jan 2024 16:26:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 16:26:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame D00C 33 KB
33 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 04:01:15 GMT
x-content-type-options: nosniff
age: 476708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 04:01:15 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame D00C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CWMkNrtCaZZ2zHbrx7OsPpJuHkA7uh56vcI_jndGJCcCNtwEQASDd66QqYJXikIKgB6ABuen4hwPIAQGoAwHIA8MEqgTVAk_QYnroYzc6zcn5bTed24ftubWqQ3GRFlCw-cPTNl__6ptYXas...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223487285709741259223%22,%22debug_reporting%22:true,%22destination%22:%22https://uprisetravel.com%22,%22event_report_window%...

0
0

42ms
41ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223487285709741259223%22,%22debug_reporting%22:true,%22destination%22:%22https://uprisetravel.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22821966009%22],%2222%22:[%22true%22],%224%22:[%2201-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227839100517795986801%22}&andc=true

Requested by

Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:23 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3487285709741259223","debug_reporting":true,"destination":"https://uprisetravel.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["821966009"],"22":["true"],"4":["01-07"],"6":["true"]},"priority":"500","source_event_id":"7839100517795986801"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Jan 2024 16:26:23 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 07 Jan 2024 16:26:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3487285709741259223","debug_reporting":true,"destination":"https://uprisetravel.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["821966009"],"22":["true"],"4":["01-07"],"6":["true"]},"priority":"500","source_event_id":"7839100517795986801"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 04A0 50 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: androidfly.com
URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 441427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Jan 2025 13:49:16 GMT

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 0E22 50 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 441427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Jan 2025 13:49:16 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
42ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 07 Jan 2024 16:26:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C1A6 42 B
174 B 46ms
45ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvws6h0Cd7DVRhXPhTICcsnLvJTI4EzFiguYTGmhSW6KT1XetHm-oCGIGe3wIfqHjN0fpJbzhaVabqFdlxMZ0yZd4C_i_dwTI8UOR4UcFulwqo2NIDM-S6oFyqlBZydryHMWtkPWDzRaGGm7ooIO_U5J_bM&sai=AMfl-YQ6FcE2EyGUY-12fKKB2lmmdiEFGmf0LWrHsob1TE8AqJEcC15dTvgIa9TGT-ugmCToUjhsTzlfIwhaigmiPtuyRQXEhanvWwqeNVBWtfwIfbBR0k68Mv4OGBcVLVh72x_ydp9Yc2PlrKInRDNhIA&sig=Cg0ArKJSzJvVjFEC3r1lEAE&cid=CAQSTwAvHhf_CRk0-346C1IBZ_rgVziUqLdEn-19pTGw4f71euP_Ph3YQZqZ90j6s_i10kQAnEOi8JsKuN6JArH1tb8NxQGawoNShvPbOVIzPBsYAQ&id=lidar2&mcvt=1000&p=0,0,280,730&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1023056894&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704644782287&rpt=1218&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 16:26:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D00C 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0vIm-kMmkXfscKpVlCK9pvHEcSia9d-6uYRGycItgbuYid85oa47EcFg7BQkPhoV8HBy33hkR-s6XFVyKG2ZUnDHBvFqMzlMtorHjpsZralxRSQUmjEH5m0S4Fp69-9V_ELAl7A_4y0019d4jcqtSRUjg&sai=AMfl-YQrAf4lWPaVfHU5pWKLTlvNJYevbkC_Tl-BANaerfRn7x_vWjkzFzP4L8tYBXEN8GaPhNqDoM7CYMN909LIBCJgD-2cIt4QzDwivajlxPUyXr9ebuNgs9-aPlCjY2vrpAiN75X70-IIGBC-LMkQcA&sig=Cg0ArKJSzB9ex6OJ3YuDEAE&cid=CAQSTwAvHhf_bjX0eJLZBxpngeqWVdemlredYGY-piFEt1QMuE6b_NzEg-GyoCc-Wrze_o6BMK1_ECDaaWChWgC4_r5YkBtsC1p0m7uK2p_Ym0gYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=83,766,1000,1108,1139&tos=83,683,234,108,31&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704644783412&rpt=254&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 16:26:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 like.php Show response
www.facebook.com/v2.11/plugins/ Frame B809 0
118 B 59ms
37ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.11/plugins/like.php?app_id=308966749604846&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c94fb86c551c8%26domain%3Dandroidfly.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fandroidfly.com%252Ff12dc43a5fb9244%26relation%3Dparent.parent&container_width=750&href=http%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&layout=button_count&locale=vi_VN&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js?hash=ab88ab1c3c5ab63856a370d4a07e22cd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidfly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 07 Jan 2024 16:26:25 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: CFoQtdIM4NyUSwInvEXQIYjHPfZHurTBzlSxWsuF1n5SxsW6PIdsurQfeZJDhRWqojnHHEIeu8k3krKOIR0Yew==
x-xss-protection: 0

GET
H2 200 share_button.php Show response
www.facebook.com/v2.11/plugins/ Frame 1C43 39 KB
13 KB 210ms
190ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.11/plugins/share_button.php?app_id=308966749604846&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df391f5f593d5704%26domain%3Dandroidfly.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fandroidfly.com%252Ff12dc43a5fb9244%26relation%3Dparent.parent&container_width=750&href=http%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&layout=button_count&locale=vi_VN&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js?hash=ab88ab1c3c5ab63856a370d4a07e22cd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a1fbf926c6721692446223cd354f9e490a9ff2073c6bb57df4c74360ce3db4da

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidfly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 16:26:25 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), keyboard-map=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: K44+Zje6XwuLl23S5B2sMwZSBVrIwPb+lONRfWeG1D45pjJ07yYpFisi6gSihX31541SpLJ0zIxyD5oxZ4673A==
x-xss-protection: 0

GET
H2 200 comments.php
www.facebook.com/v2.11/plugins/ Frame 0112 0
0 54ms
37ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.11/plugins/comments.php?app_id=308966749604846&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c300cd3057b5%26domain%3Dandroidfly.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fandroidfly.com%252Ff12dc43a5fb9244%26relation%3Dparent.parent&container_width=750&height=100&href=http%3A%2F%2Fandroidfly.com%2F%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&locale=vi_VN&numposts=5&sdk=joey&version=v2.11&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js?hash=ab88ab1c3c5ab63856a370d4a07e22cd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://androidfly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 07 Jan 2024 16:26:25 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: jRYO0EJTvKln+ZY4lQgbJPD/C4a6Q05iMz0CrLxVrxVDAm0ST6xbwuHoPCKZOLZmLIud7c4WZQARa37e4fagOQ==
x-frame-options: DENY
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 57ms
57ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240103&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cea7764731c9ff35e08f1921cd0062cbcdf02defd44198821b8c28ed4c1f55e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12188
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 16:26:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1CD2 13 KB
5 KB 9ms
9ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidfly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 15:59:51 GMT
expires: Mon, 06 Jan 2025 15:59:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F1A4 829 B
559 B 17ms
17ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0e32c6d92d3457f6cec6b875a1d7ae32821ccec399e128a88db50cfbd236437d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZYUi0C207waSQkA28KSYug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://androidfly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ZYUi0C207waSQkA28KSYug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 16:26:25 GMT
expires: Sun, 07 Jan 2024 16:26:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F1A4 0
0 42ms
41ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240103&jk=3542156557584187&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1CD2 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 15:36:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jan 2025 15:36:46 GMT

GET
H2 200 GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 1C43 272 B
665 B 14ms
7ms Image
image/png 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.11/plugins/share_button.php?app_id=308966749604846&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df391f5f593d5704%26domain%3Dandroidfly.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fandroidfly.com%252Ff12dc43a5fb9244%26relation%3Dparent.parent&container_width=750&href=http%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&layout=button_count&locale=vi_VN&sdk=joey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sun, 07 Jan 2024 16:26:25 GMT
x-content-type-options: nosniff
content-md5: lIjeC3eJAboxVqIOEs/Auw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 272
reporting-endpoints
x-fb-debug: VqhujTEHj7gQ8re5952xxK4JXhb/f4PGVJQo2rEB1wCk74JEE33LFhLN0U2jz3tH/pLTCXrNyaFDez9HChxuGQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 26 Dec 2024 05:50:58 GMT

GET
H2 200 PFHD3KeL3JS.js Show response
static.xx.fbcdn.net/rsrc.php/v3iSa94/yE/l/vi_VN/ Frame 1C43 527 KB
136 KB 10ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iSa94/yE/l/vi_VN/PFHD3KeL3JS.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f40771e3ca7532a6eb97ad04ca684c553a8c27a7fd120f89c23d6a00b6c9f8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sun, 07 Jan 2024 16:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DVouEoqER2jrwGh+1UZ93g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 139238
reporting-endpoints
x-fb-debug: pHCvYr8DxDXPuZ6x7sNyUnanhU/93e3/IQ9/T/gSkBKA82oBnC6URciQayeLnI40QlLGKqZBUhCb99255rCsWw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 01 Jan 2025 22:29:50 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1CD2 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?48XDvw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:26:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240103&jk=3542156557584187&bg=!FxSlFFvNAAY3kmNgF5I7ADQBe5WfODanHE3QSf1AuOqY3qLLpcKpxpB-8UbgK_1jl3N4gFrL-B9JHn4a2qRzGvyny_NYAgAAAEpSAAAAAWgBBwoAT7T7c6NSpOJfo1eLO98yH85vnHfZ7fyWZoW1PyPriuRH98q312XNPwXCFVrBx7Kri04WZKg4bD9drtIab3lR-L2ySZFviwZe0FfeEhUhV9eZAq3Cj5_sYMCis63Ei19I3ySf_E5rRTuDQ7NSArBzCIi7t8bq4NXdDk8LShuRpAA4vrG1lF3d_TBpHvtVBbaou9E59Mf59KEmkFFydD3D_DsBQfbXHwNifyCnT0fkwRru7yBCmEwkbnjmqM58S3w32P9T3ozkGrwZ_IzXSpnAPKUfoYlLVgKyQUiwFGPjz4-zGAUek7F81tAOjD1mcsiuvHePwEpbLWPQVIsERAI1vLA-R7cAu43LLma2h20uIa0GT_4TIynT80dDgVdRc1JlLOf9xn_AIITINtiCW3ZUen52pF2WFU0VWLxPnT02wpnDXqrgGgLIcG_lD6L-YgTuKA4iGXbtIDy2VHq0mNBI7PA4dQWsTZYPEUCYGUCBO8vUDYSnEum3b-0sFP29YyY-xo1jgRFSnyNhL5qW-dRWzz7lf5NfDd-6ooqYfMEtZW08fOxS4yEYpY0xW4WLxPEkQuy0Qn99A9T5yUP19y8Zr8SNw9DoWVGpvbnyiZAws26P_NMMNc-cH8e4QV1pR0IPML4pcnbEjOyRiVKjYkF9arsj7grgc97B5uNjUCwuIX82MMQkly0tJmAYoWT8vc2UlFEBOhUrBPDE314fATBjBdJtpaeMGIgmpUiM9dzHSdCQSmVdUe3XjuoB39gzNXcTuIvxX_MyIemCAe8HtfSPg0P7I_ZP9tNXJSyx_zt_WpBM9Fsh14HW6TgCD3DjEWM-BodxGkhYcmzBGdj5_wubI_vGuCXcjhEHXlO6KUnEOEO4fuEn4oHeEaUgQ6q6tArGZqhmuXWI7rzOXGuUKR8jlC_6dFjisg29shL3JBO_f7J_fjjGFHitHEmZJZu-zBhowgHFiBwv8FI1GY_Lx0aoBdfVFFLSSImegL1UBK1P3viSiVUoVtfxpmVFG9Cy87PJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
androidfly.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0pg1jq8ekg7grh7he1e4fg4fn7
.pexels.com/	1970-01-20 17:30:46	Name: __cf_bm Value: eTgNwr3qa60cnWmB.i3St8rah14dmRHaftrbpHuZ984-1704644781-1-ASOlVLGzlKrYOxRQdNIv83uebjylotgGTX1L8zlc34MU8hHyWjCrXsy4d8ZMbifc6ANL63HPRaxmLc4Gk1cDtrc=
.travelbabbo.com/	1970-01-20 17:30:46	Name: __cf_bm Value: yDQvOd02bu4Odvm_texORnePENcd5eVCJz0bENGFugY-1704644781-1-ATfbgkAaikfsRiNeT5x+6tvfwSRjtff6lyHVtOoYDQsxQs3nixVgwwu4As7Yrk5xi+s2UmghIn/eR3Z8w8tnTOo=
.androidfly.com/	1970-01-21 03:06:44	Name: _ga_R47QC7DB6V Value: GS1.1.1704644781.1.0.1704644781.0.0.0
.androidfly.com/	1970-01-21 03:06:44	Name: _ga Value: GA1.1.1545642016.1704644782
.androidfly.com/	1970-01-21 02:52:20	Name: __gads Value: ID=d2e0dfd6a6cdfebf:T=1704644782:RT=1704644782:S=ALNI_MbOfvMqEcLGTK-ypDnmvCgT7g8yDw
.androidfly.com/	1970-01-21 02:52:20	Name: __gpi Value: UID=00000d3c14206b48:T=1704644782:RT=1704644782:S=ALNI_MaBre1u3CCraNCp0jhatqPLVOCxwA
.doubleclick.net/	1970-01-20 17:30:48	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 02:52:20	Name: IDE Value: AHWqTUmFbLYKcdPtuoMS0Jw_mCzW_ckOEREm7AbMVfjwkI3kpRZkGpTsBsaWmCOpTGs
.doubleclick.net/	1970-01-20 17:30:45	Name: test_cookie Value: CheckForPermission
.googleadservices.com/	1970-01-20 19:40:20	Name: ar_debug Value: 1

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html Message: Mixed Content: The page at 'https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html' was loaded over HTTPS, but requested an insecure element 'http://tourdulichhalonggiare.com/wp-content/uploads/2020/04/Bai-Bien-ha-long.jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html Message: Mixed Content: The page at 'https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html' was loaded over HTTPS, but requested an insecure element 'http://www.globalgrasshopper.com/wp-content/uploads/2010/05/Attuya.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html(Line 705) Message: Mixed Content: The page at 'https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html' was loaded over HTTPS, but requested an insecure element 'http://tourdulichhalonggiare.com/wp-content/uploads/2020/04/Bai-Bien-ha-long.jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html(Line 1282) Message: Mixed Content: The page at 'https://androidfly.com/vietnam/title-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html' was loaded over HTTPS, but requested an insecure element 'http://www.globalgrasshopper.com/wp-content/uploads/2010/05/Attuya.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other	warning	URL: https://www.facebook.com/v2.11/plugins/share_button.php?app_id=308966749604846&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df391f5f593d5704%26domain%3Dandroidfly.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fandroidfly.com%252Ff12dc43a5fb9244%26relation%3Dparent.parent&container_width=750&href=http%3A%2F%2Fandroidfly.com%2Fvietnam%2Ftitle-exploring-the-enchanting-beauty-of-bai-chay-ha-long-a-traveler-s-paradise-139.html&layout=button_count&locale=vi_VN&sdk=joey Message: The page did not request an origin-keyed agent cluster, but was put in one anyway because the origin 'https://www.facebook.com' had previously been placed in an origin-keyed agent cluster. Update your headers to uniformly request origin-keying for all pages on the origin.
security	warning	URL: https://static.xx.fbcdn.net/rsrc.php/v3iSa94/yE/l/vi_VN/PFHD3KeL3JS.js?_nc_x=Ij3Wp8lg5Kz(Line 438) Message: document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

androidfly.com
angkorfocus.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
globalgrasshopper.com
googleads.g.doubleclick.net
homeiswhereyourbagis.com
image.arrivalguides.com
images.pexels.com
img.theculturetrip.com
media-cdn.tripadvisor.com
northindiatourism.com
p4-bxjwhhrlct2ya-rirgzwy2edyxkvye-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
region1.google-analytics.com
sifetbabo.com
static.xx.fbcdn.net
tourdulichhalonggiare.com
touristjourney.com
tpc.googlesyndication.com
travelbabbo.com
www.facebook.com
www.globalgrasshopper.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.indochinatravelpackages.com
www.travelinsured.co.uk
103.101.163.236
103.212.121.91
141.193.213.11
142.250.184.227
142.250.186.130
144.202.89.196
151.101.66.38
2001:4860:4802:32::36
209.59.169.245
2600:9000:225b:5400:1:f545:d900:93a1
2600:9000:269b:d600:a:2e9c:6840:93a1
2606:4700:3030::6815:47cb
2606:4700:3030::ac43:8a88
2606:4700:3035::6815:3899
2606:4700::6810:ea0a
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a05:d014:776:a63e:931e:6ac2:944b:f27e
2a06:98c1:3121::3
51.79.228.46
52.212.20.240
013d958045ceb7dd26a259de01b1016ee47b9fbc8e884c56b7ed9573ac042c14
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
02868d6a7e80d4e7836b6263dd50d26a63e923a1223c9e027aad6dc2501c27cc
0bea81766fd646e0840f2855f8dcb5e9e61b1ab502923513cde89dfb6a456b44
0e32c6d92d3457f6cec6b875a1d7ae32821ccec399e128a88db50cfbd236437d
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1173cab76c151842c2500cdad0794dc333b06afa486941b23656b58c045fcfd6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a6a957f0f98db4f975cd20c340d4ffc080d5b0f09f23fab2a8f0e4f372a6bc9
23f8d893cf04d599f581087623ac1f1a21f346817f177da41b184a480da3ca53
261fdb080a004a1f5476ea57832cc7437b736654c88e66d00f6bf25fad04dd12
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
286450fd86f5586c8880a42ed803326da595f169bf305c09235ce596e5990e2b
29287bc9a0656f3896c331347c557f71e42a7b7d40eaee1d67041c566f46d6fc
29ea8f5397b5d2dc5e0524f24c68130d0fa926d87df7ed18632e7845d643719f
2c9245c0246a9c745793c7eaa9cc1fc964a12570009031ea0223115bec6e9426
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
396d1a2496877a742319606833563379e33598377a28e1e12b733dc6ab6608e0
3aa60f55d0e1e9e9a21c74fb338db50d8befccd2e6b95621cd342abc88749d59
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
50883536282ad464f54d3b42d09e7df63b1f13f886d58811af83f81055ceb225
50bd0f708512076e7d0fb769280d25c40b21fb7e418aa59fb1950d7a6e3547bf
558077985dce606f1f70ca06a419a12e7553de48497d3d6b593b6d7efe593667
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57d77c8ca1ef7313363b200848555760678e8e85cf356248f5c67180212022c5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cd5e9727bb6efe4b3c8e14f7bcd707bc47ca5f9f143f5c75270e642716de07c
6007b2a39424fc3418bf30ffb01ebe6ba9974acd5e5582b8a5a98d9ae621fc36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
621341a96156c4446e0c5d1e09d665dbbffe014a541d66766acf7f5ea65a33d4
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67352a9258fb5621269f16f8a7f1d7da0ffbdfbee3790752f6a2fdd8c3de9825
69e15fcb6bd7600dab7700e5e6941d7b28b59abad78d57b2e7b820a929513ef7
6aff31ea304b7bc3012737681c0ac2a83f8b0712c6d901ba8572e8b1d862aade
6b7cdab5aad34832dbfe90f95a7382ac78d908c69db19a4af7f5e477928c2999
6d51797fdb7fec8a16a8779b7491eadbe3a7bb2f93d4ba82524ec4c24c7817b2
74b6321b8ac516cf94a7dac1d525969572f08bb23947205b8ab1f2804234127c
765ea96d5d11be769cf8364b3df56f5dd920b421d75155dab6d5d838a9ced529
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7a565302a3a3f3aa7b77d849fe10429f56f745ed32e62d04646127a134607b88
7d08bb9cc9ffedbd8d43b9ac65932e5f6b45c5df12a561887c87119a86f55171
7f81e62d2930815d56b52bcd66e8591698d5bc7d2331c952dff5d789bf38775f
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
81a2182cdbd48668fe27cbaf5c1bcb8ff1636799c02a9ab86042c364868dca41
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
9f464313260274ebb7705b76630ea33e5c5c5b685d44c0979b20e1a7264d07a3
a0322af843c797aaee963600b3a92a512678ff84c9ed14771b91e117b090f731
a0d1f1a280871e7e80f10bd671248ff3ec035c48382919092297736d5d0bb9ab
a1fbf926c6721692446223cd354f9e490a9ff2073c6bb57df4c74360ce3db4da
a2366f8ceefa49f15dbf946bb02a4cf52b6d2999f71712d3f52e8bd5f56e1988
a462da7bd355856fd2b98cef1e3b57e43743a4b8e9fac3d8136b8fcdd862da17
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b1f89522c0127658cc61f55f4d009ae529c0b03bbec3ba0e1d4c6e9768afb67d
b2806f206b2660cc644bc15ef42e131015cf0ea786b81a06195083374d7d60ab
b6545b57a8cb45974e0308b92fd36a9666ddbce95e267b99273130020502da91
b8f9015b4e76948492f6cfe69a66206678474065d0ba791ad3b6966c63060436
ba15d398154c0ebee11afa06206c1be1b8a38da758c23e6b4d964d34b4cc99be
bbbb44b73eb4c11f052ca3d8b9935c80b5b37eca165048c402c5413d126b93df
bdebe90d69cdbe16baf4d0b32e4715cffea4abe542d98049e4d454a6bca5d546
cea7764731c9ff35e08f1921cd0062cbcdf02defd44198821b8c28ed4c1f55e8
d164a71e13ac98acf5e89d5641152835322b4e784a7e0e9dd1c4cbba3724d0a5
d84768c516f12a49da48f88cf42d278d188c3f79df4f3b52e21dba576ff54049
dda99e87ecde9a2aa99339bf08a9834a4d4bd3f0269e901cbce18034fde23455
e3aaf9fc29938e4721f3800ba5c6f4abeacf1401acd5b8c24950f8c69b2d150d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e452e7702bc8e601dc3607cd3286aa1b06f6dacc9fce76148bd4677dc3746ccc
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
e73556347f061bcbefdd907b2a377220818ea0c32808ca19c50ab2181df7a9d9
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb3306811c84bc0f4404d77a5e0e663ae91c910d0154cd54bfb56c6129656bfc
ec1e2c12745619ab0265c110630ba8d1166770c407b17c57e3b6256b4c287930
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efcdbfda7a4486e760baf34c66f031a186c0c569833e3af457e8694a273d12ad
f107d3ffba0b9ba6cfe2d40e6700723c3b6ac18c5dd799b5dda7aa71eb13fd66
f2b6422a1abd73d3b9a39e2275f2b214a56f46f65f9c50dc3d417ba399620d33
f40771e3ca7532a6eb97ad04ca684c553a8c27a7fd120f89c23d6a00b6c9f8fb
f58a1be0f1c0b9d1eced192f063e5f373de62b956c312a6dbd77ac7cb45432bb
fea414456bef6c71f28e47040668585f17f07bf5ab76c9511a14317422e46514
ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce

androidfly.com Open in urlscan Pro 2606:4700:3030::6815:47cb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

127 Requests

96 %HTTPS

67 %IPv6

27 Domains

31 Subdomains

30 IPs

6 Countries

4989 kBTransfer

8365 kBSize

11 Cookies

0 Outgoing links

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

androidfly.com Open in urlscan Pro
2606:4700:3030::6815:47cb Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

96 %
HTTPS

67 %
IPv6

27
Domains

31
Subdomains

30
IPs

6
Countries

4989 kB
Transfer

8365 kB
Size

11
Cookies

127 HTTP transactions
2 data transactions