dualeotruyenkq.com Open in urlscan Pro
2606:4700:3033::6815:3ecd  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

• https://t7cp4fldl.com/sn/pr/2020620?zoneid=2020620&jp=_clkj3ssg5gb3f44ahb0m5y&nojs=0&abvar=0&febuild=1.0.221&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=7430613979675648&eclog=0&im=0&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22123%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22123%22&chf=%22Google%20Chrome%22;v=%22123.0.6312.122%22,%20%22Not:A-Brand%22;v=%228.0.0.0%22,%20%22Chromium%22;v=%22123.0.6312.122%22&chm=false&chmd=&chp=Win32&chv=10.0.0&freq=0&uf=0 HTTP 302
• https://coosync.com/sn/c?zoneid=2020620&freq=0&srp=13Rl_dOyY88Ulx3dNhfTmZyHdXLkbdfOVIPhUNWjbrpDPnu3gHvxj5L33tqPzBNK8qdQYhg0D--3DOX373nZ2kmt9cWFUmy3uSGNwQoo9Fo= HTTP 302
• https://t7cp4fldl.com/sn/ps/2020620?freq=0&puid=0&so=1

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response dualeotruyenkq.com/	104 KB 19 KB	766ms 704ms	Document text/html	2606:4700:3033::6815:3ecd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:3ecd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash 3f4dc6c1d2f3fa0e4ea0df8831f25d6f956eb9022dbcce4413cbc361d8f8a534 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 873c7098bd6819b3-FRA content-encoding br content-type text/html; charset=UTF-8 date Sat, 13 Apr 2024 15:20:23 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YWr1HPAigfk5Rk%2BSuqHj8cxDi0AzdmRMlNjx7DnBxHqkSoZ42TTgcvBaqU0vHbvXp6fr63RUrLlVtpAa277Qp5aij0oJ3QwyEiVcDOQBvcs4CEn%2FnvnTPLnAPiBL3DSbhCzISqVEEuKjJt0ktVjcKBM%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.4.30 x-turbo-charged-by LiteSpeed
GET H2	200	css fonts.googleapis.com/	34 KB 3 KB	95ms 32ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:100:300,400,500,700,900|Material+Icons|Open%20Sans:bold,regular|Tinos:bold,regular|Cormorant%20Upright:bold,regular|Roboto:bold,regular|Baloo%20Bhaina:bold,regular|Lobster:bold,regular&display=swap Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 428529828465613d2abeff9b15be836d663f98f43d01f74e89d0c5fc4e17d393 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Sat, 13 Apr 2024 15:20:23 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 13 Apr 2024 15:20:23 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 13 Apr 2024 15:20:23 GMT
GET H2	200	font-awesom.css dualeotruyenkq.com/skin/css/	37 KB 8 KB	69ms 66ms	Stylesheet text/css	2606:4700:3033::6815:3ecd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dualeotruyenkq.com/skin/css/font-awesom.css Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:3ecd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d16c6f0b6f959c7dcde9ac4a80a0112b1760134f7ff1bdc0112bb803858703b1 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:23 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4248 alt-svc h3=":443"; ma=86400 last-modified Sat, 24 Feb 2024 16:42:28 GMT server cloudflare etag W/"922a-65da1c74-5005ace;br" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WAm2MazFhn5L28jIKzeCAL6xXeVyKZCdE9HJb57%2F6hnrx%2FeU%2FlSsNXj9IfmlWO2HKG5eXkk5ZjXftX476GXWMNOq36axc5fw1%2Fl6Fj5JRwuUOeYhgBwVAyGmZnSAT09xJzYRI3DNNzRnY1ZDF6OXm4s%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 873c709d3ace19b3-FRA expires Sat, 13 Apr 2024 11:01:29 GMT
GET H2	200	codechuan-icon.css dualeotruyenkq.com/skin/css/	8 KB 2 KB	40ms 38ms	Stylesheet text/css	2606:4700:3033::6815:3ecd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dualeotruyenkq.com/skin/css/codechuan-icon.css Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:3ecd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed9a15202fc5e69be922fb9ee4b8fdd7a566ff236a8488566d12da8fcd8d593e Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:23 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4248 alt-svc h3=":443"; ma=86400 last-modified Sat, 12 Feb 2022 10:57:20 GMT server cloudflare etag W/"200f-62079290-5005acd;br" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XFTYBszui%2Fl1S7z0yqLNoEtYBYA8ElSACuJ8uxqhjwtIK1O2S8xq6WKVlw4UHHKCYgoYL0oH7%2Bk7UwjTvi79pG6qwf43%2FcGyJjBiUprgKANrbvYCCrQ6AvTfFC0csJO9E%2ByEi17h0HyRXB5d9IZH9WA%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 873c709d3ad319b3-FRA expires Sat, 13 Apr 2024 11:01:29 GMT
GET H2	200	icofont.min.css dualeotruyenkq.com/fonts/icofont/icofont/	90 KB 16 KB	68ms 66ms	Stylesheet text/css	2606:4700:3033::6815:3ecd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dualeotruyenkq.com/fonts/icofont/icofont/icofont.min.css Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:3ecd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c5ad8b399b615ecfc8f63628c1bad71cf11477002a51390fd1dcca1f2b34381e Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:23 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4248 alt-svc h3=":443"; ma=86400 last-modified Tue, 05 Oct 2021 11:29:50 GMT server cloudflare etag W/"16830-615c372e-12000f52;br" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bKFIpdWsqpyLPw30VtfzuoXcHgffxftBkP66d6duH%2FN8UrrXYGptXbrh5lkRScK2sdxKnFKW7UXywdIkGAErp1eg3cXxMK4i27cdZDCxhqTAMeeij6MMy43SVO07sOBqkGirG7von3L0AK0ki3kYZg0%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 873c709d3ad419b3-FRA expires Sat, 13 Apr 2024 11:01:29 GMT
GET H2	200	icomoon.min.css dualeotruyenkq.com/skin/css/	55 KB 9 KB	37ms 35ms	Stylesheet text/css	2606:4700:3033::6815:3ecd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dualeotruyenkq.com/skin/css/icomoon.min.css Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:3ecd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ff1a3c3121277660e3bbeae5a0f8762d249eda6f8acb41ff4252ff877157d65 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:23 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4247 alt-svc h3=":443"; ma=86400 last-modified Sat, 12 Feb 2022 10:57:20 GMT server cloudflare etag W/"dd4c-62079290-5005acf;br" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VvNYkzBt8MbbBI5CCVpP%2Fvj5Or4c%2FuUCvLkUhes21YcKMwAFObB372Nhwtbpd5%2FTmhBvIAv5SUMCguhMSqJkhbXsVLNRGpjLu4DScSCU%2FcWuRnoZyQcfhsazJSbaXMRZOyKBDvQ2tn19%2BQkkW6DiNB8%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 873c709d3ad719b3-FRA expires Sat, 13 Apr 2024 11:01:29 GMT
GET H2	200	swiper.min.css dualeotruyenkq.com/swiper/	13 KB 4 KB	38ms 36ms	Stylesheet text/css	2606:4700:3033::6815:3ecd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dualeotruyenkq.com/swiper/swiper.min.css Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:3ecd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 906ba97c9e3365be3f9b418f3d56349e0ec5c128d99b5134c0c586d5a4586f09 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:23 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4247 alt-svc h3=":443"; ma=86400 last-modified Tue, 05 Oct 2021 11:40:40 GMT server cloudflare etag W/"356d-615c39b8-840166b;br" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B5wSqenzRcyboUNXJQZ443wI3U1Sr%2BjJqy2O85ps3TsI3XNwoHISamm12emmmE%2FnTna%2Bqad%2BADxFNAWiRT1YwcRY5GqEt%2B3lLzTV4w1pr58%2B9DEiS3DH5V2wIaNV0njSCFXseuzCCzQiNg4XSkstmo0%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 873c709d3ad919b3-FRA expires Sat, 13 Apr 2024 11:01:29 GMT
GET H2	200	style.css dualeotruyenkq.com/skin/css/	198 KB 15 KB	742ms 740ms	Stylesheet text/css	2606:4700:3033::6815:3ecd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dualeotruyenkq.com/skin/css/style.css?t=1713021623 Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:3ecd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f545e19cb7dc952380d727ddd38882e25081a101e2f86572650c459f787f5b00 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT content-encoding br cf-cache-status MISS last-modified Tue, 05 Mar 2024 04:33:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"31767-65e6a098-5005ad0;br" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bgTOX0hBwoaJtxqmM3HTmKFdtMg%2BFTeZYLHmzYPvQDwpBnnikKCC3P33Ypic2sd3in5eESxQ5CumM6tbXiH9DC6krxB2Od8TdlaxHzXHUfRxhIbmnGsrwRcrA%2BLEC3nZ8mtYZ%2BjgrqXGOxU5kSv5O0U%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 873c709d3ada19b3-FRA alt-svc h3=":443"; ma=86400 expires Sat, 20 Apr 2024 15:20:24 GMT
GET H2	200	jquery-3.2.1.min.js Show response dualeotruyenkq.com/js/	85 KB 31 KB	64ms 62ms	Script application/x-javascript	2606:4700:3033::6815:3ecd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dualeotruyenkq.com/js/jquery-3.2.1.min.js Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:3ecd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:23 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4246 alt-svc h3=":443"; ma=86400 last-modified Tue, 05 Oct 2021 11:28:24 GMT server cloudflare etag W/"15283-615c36d8-3400418;br" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aHt0B21aIGGMj7Q24bNM4M8tWUK4udp%2Fc0KWBHTN9B3NRC1%2Fkobw1DfFfUWNuIBZaQsefZoUj3RoWN%2FGL2TrRtjw78GZezRW1WTQQaE%2FFpr795M7Ydw4tAu7hm5t2i8MzStmA1pDkpUyQe3pflPuIk4%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 873c709d3adc19b3-FRA expires Sat, 13 Apr 2024 11:01:29 GMT
GET H3	200	jquery.cookie.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/	1 KB 1 KB	63ms 36ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 155167 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 591 last-modified Mon, 04 May 2020 16:11:45 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec1-514" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fWKvwOFmeKMOlPj3lqutlWFXELp2g1P00OwaKwi9e6W1n3S7c33hVXufBJhfcuAmgP%2BE%2B5z44KY1sxwLZk4CP8mqe7ffHRcgwk1r2Z%2FifX8y4sIbuRrlg1rQzA0wOyeXgEKau%2FDl"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 873c709d5fe93617-FRA expires Thu, 03 Apr 2025 15:20:23 GMT
GET H2	200	lazy.js Show response dualeotruyenkq.com/js/	8 KB 4 KB	40ms 39ms	Script application/x-javascript	2606:4700:3033::6815:3ecd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dualeotruyenkq.com/js/lazy.js Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:3ecd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 678d8939722a3a477adf146780b32650e7ef13b2be47f278918349dfa1239b40 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:23 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4245 alt-svc h3=":443"; ma=86400 last-modified Tue, 05 Oct 2021 11:28:22 GMT server cloudflare etag W/"1ed3-615c36d6-3400440;br" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6eO6%2BBnwZOll0G2NXsTzZTnEJrgn%2BgLzgIZP566H7JLt8aXky%2FUyPZSbSn%2B5cguIYeHMtL83BcXzvESGmsKunSxA05FtXCjZOoRkgCuBm77NENMP6W5fmTh4o3mAa34Ou9lxY6LGMdJPCE7SHMRLtqQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 873c709d3ade19b3-FRA expires Sat, 13 Apr 2024 11:01:29 GMT
GET H2	200	socket.io.js Show response dualeotruyenkq.com/js/	60 KB 19 KB	42ms 41ms	Script application/x-javascript	2606:4700:3033::6815:3ecd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dualeotruyenkq.com/js/socket.io.js Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:3ecd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash efb10a51082ecd975645974bdb9cc366574ba2b9ae3ca90319feff9a305a7ecf Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:23 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4245 alt-svc h3=":443"; ma=86400 last-modified Tue, 05 Oct 2021 11:28:22 GMT server cloudflare etag W/"eef4-615c36d6-3400447;br" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hX4Z9vrkFjDZcnaa8IBLy%2FvLkMObDT4YodY69kQZo8ecs6SEIqBOq%2Bs5Du0b2h%2BmbJ%2BeGJ%2BaT5kY1Em%2Bfa8l5VxtjsXA8mMkzypljZcuiP8XAgwZzKSf8plxr49J520bL%2BYJQ0wcHs6xA0T41jv3nOM%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 873c709d3ae319b3-FRA expires Sat, 13 Apr 2024 11:01:29 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	289 KB 97 KB	89ms 41ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-9GN0NB8WPK Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ef3a8c3c18d1e8d9ff1fca25ee2a80ed6510974fb44e700962ea9f8555f1f5bf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 99291 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 13 Apr 2024 15:20:24 GMT
GET H2	200	b909cbf9.js Show response ku42hjr2e.com/aas/r45d/vki/2020616/	103 KB 40 KB	128ms 58ms	Script application/javascript	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://ku42hjr2e.com/aas/r45d/vki/2020616/b909cbf9.js Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 560ec2cf7930e339c1e2cc30057aa3f6281b5f37e3b2c95bdaa8210211e26308 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 13:20:20 GMT server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data etag W/"6613ef14-19e1e" vary Accept-Encoding content-type application/javascript x-js-ab2 current timing-allow-origin *
GET H2	200	dualeotruyen.png dualeotruyenkq.com/skin/css/images/	25 KB 25 KB	41ms 40ms	Image image/png	2606:4700:3033::6815:3ecd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dualeotruyenkq.com/skin/css/images/dualeotruyen.png Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:3ecd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d3e78e6b466e5a2e897712a9d01859b7a4c1dcfd5bd34e31ab6a8c16e44a734 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:23 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4245 alt-svc h3=":443"; ma=86400 content-length 25403 last-modified Sat, 12 Feb 2022 10:57:22 GMT server cloudflare etag "633b-62079292-5800496;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z5u5ENm10m3aeXL76O9%2Fv%2FtUSUsB6Z%2FZcNCOr%2BJ5jAMQt9z7xvKaM4zi2DJCE87307qs3Q2hki3WLyfez%2F200yEqEbzNkob9jdRCtKiScN2VYUIarz6twQQiNZ1nVD4%2BBAUeDG53IbUWhp%2Bp0%2FF48%2Bg%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c709d3ae519b3-FRA expires Sat, 13 Apr 2024 11:01:31 GMT
GET H2	200	code.js Show response t7cp4fldl.com/lv/esnk/2020621/	112 KB 43 KB	161ms 96ms	Script application/javascript	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://t7cp4fldl.com/lv/esnk/2020621/code.js Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 748f1c261646b9489aaa5b4bde44c0e06a7d2ca3321d92b673eaac4ef0c2ca26 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 13:20:20 GMT server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data etag W/"6613ef14-1c050" vary Accept-Encoding content-type application/javascript x-js-ab2 current timing-allow-origin *
GET H2	200	code.js Show response t7cp4fldl.com/lv/esnk/2020620/	112 KB 43 KB	123ms 58ms	Script application/javascript	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://t7cp4fldl.com/lv/esnk/2020620/code.js Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 18d40ac07747660d60431f537ca7baadc1ca83e0bdc48dda5b47ab46fe9fd1f5 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 13:20:20 GMT server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data etag W/"6613ef14-1c050" vary Accept-Encoding content-type application/javascript x-js-ab2 current timing-allow-origin *
GET H3	200	-1713019514.jpg img.imgdualeo.com/avata/	434 KB 434 KB	92ms 31ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/avata/-1713019514.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd031537bb53c0884aa4477ba161a90c7c83d6736588516c783c75fd2e9c4435 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:23 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1184 cf-polished origSize=444384 alt-svc h3=":443"; ma=86400 content-length 443971 cf-bgj imgq:100,h2pri last-modified Sat, 13 Apr 2024 14:45:14 GMT server cloudflare etag "6c7e0-661a9a7a-4d0574c;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nbka4VdIdBa2o7d3R01Z8%2FaCTb1ExFUGFhRUg79UT%2FRDlSLRO5QbJU3bAgIeArIdPteFNuZItB7T0b%2BrExL6a19jT9FvkdnertGU%2FX2gyJxNVR3eMc7cRt4%2BHiXA6PF2MtEu"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c709d9be61ac7-FRA expires Sat, 20 Apr 2024 14:45:44 GMT
GET H2	200	KKhjUS0m.jpg i.imgur.com/	21 KB 21 KB	121ms 38ms	Image image/jpeg	146.75.120.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/KKhjUS0m.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 4805602728cf2993807868b41c7beb9cb7eeaa649502365e55844d8cfd57024e Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT strict-transport-security max-age=300 x-content-type-options nosniff age 514531 x-cache HIT, HIT content-length 21275 x-served-by cache-iad-kiad7000160-IAD, cache-fra-etou8220020-FRA last-modified Sun, 07 Apr 2024 16:24:52 GMT server cat factory 1.0 x-timer S1713021624.010354,VS0,VE2 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 3, 1
GET H2	200	ib95Xjkm.jpg i.imgur.com/	16 KB 16 KB	35ms 35ms	Image image/jpeg	146.75.120.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/ib95Xjkm.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash bf2e5adc36166b9b90750c83322970dd551aa52347422c0de5b3a79bbdc9148d Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT strict-transport-security max-age=300 x-content-type-options nosniff age 2092948 x-cache HIT, HIT content-length 16046 x-served-by cache-iad-kiad7000082-IAD, cache-fra-etou8220020-FRA last-modified Wed, 20 Mar 2024 09:57:55 GMT server cat factory 1.0 x-timer S1713021624.056545,VS0,VE1 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 64, 1
GET H3	200	-1710765332.jpg img.imgdualeo.com/avata/	164 KB 165 KB	28ms 28ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/avata/-1710765332.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d227e476c69c745966686b152a005b0ae05a1e886691c2681dd79dffe8312938 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 145942 cf-polished origSize=171378 alt-svc h3=":443"; ma=86400 content-length 167876 cf-bgj imgq:100,h2pri last-modified Mon, 18 Mar 2024 12:35:32 GMT server cloudflare etag "29d72-65f83514-4c06b32;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QyxKF8yc8MMy%2B2wVQnSyHn60Aa61cED3lc4ZfuvRQegiELp3E0FyCwzVJ5mwXapsHN%2BdkR3A%2FWBwwyjxRJjOtRP459v9qgvZue3VOyKr%2B2wD3OXPklq0fgVy9Ue4S16KyQsE"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a1f89b1ac7-FRA expires Tue, 09 Apr 2024 17:16:27 GMT
GET H3	200	-1712503959.jpg img.imgdualeo.com/avata/	60 KB 60 KB	295ms 295ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/avata/-1712503959.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d2fac6081eee1fec8323602e1529c60bc9b58730eebf8d6db2bf50ca654b01e2 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=61456 alt-svc h3=":443"; ma=86400 content-length 61086 cf-bgj imgq:100,h2pri last-modified Sun, 07 Apr 2024 15:32:39 GMT server cloudflare etag "f010-6612bc97-4ca944a;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TBM1iyXaxz5dARfdnEd1%2Fe3DgGVidclOSKMPANYofa7JRJ8qOF5Tp%2BFWfbu9Jj%2B221Tl72pbF9r0K0hMKWRbeXXRfMglophPUbYEMoTmnu8gcIoYX0i8EKUXfPjKvAtJiFns"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a1f89c1ac7-FRA expires Sat, 20 Apr 2024 12:02:20 GMT
GET H3	200	icon-stars.png dualeotruyenkq.com/skin/css/images/	3 KB 3 KB	57ms 56ms	Image image/png	172.67.139.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dualeotruyenkq.com/skin/css/images/icon-stars.png Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5c195ac8f9823d33198a419c5f1c3e754ac14abc133298a99a2fd5a4133f095 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3590 alt-svc h3=":443"; ma=86400 content-length 2861 last-modified Sat, 12 Feb 2022 10:57:22 GMT server cloudflare etag "b2d-62079292-5800498;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RIY5t9x015n9KGFwc2PXPCmeOC1zwqLH9RBREoTG2wWIuQJuZI5JZ9tqpn%2BWChVDT6W%2Fpi9mx7Lubc9BaxNY%2BfYEuce%2FGNi%2BOletBBwSgmIJbYsb%2BNX92EuF%2FaHi90xdVs79WTU%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a1fe813738-FRA expires Sat, 13 Apr 2024 11:00:47 GMT
GET H3	200	prod_loading.gif dualeotruyenkq.com/images/	28 KB 28 KB	58ms 57ms	Image image/gif	172.67.139.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dualeotruyenkq.com/images/prod_loading.gif Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 345f083b478ad64d4344cfac51f742faeafda999f79922dde47f4d97bbc985f2 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3590 alt-svc h3=":443"; ma=86400 content-length 28633 last-modified Tue, 05 Oct 2021 11:28:26 GMT server cloudflare etag "6fd9-615c36da-2c07c9e;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sl8aICtrvaO7dwHWpzVzSWLYksPnXGv5pjL2DQH7aZPv8ijDDod1AhS0G75z4ZwkoKJLPoboKtjtYZ9GVdFAzcq%2B8Oiidt5xdaZc3iXCCA9V7shmUG3sJdLNFUqVSsuQ7JpR%2Fos%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a1fe8a3738-FRA expires Sat, 13 Apr 2024 11:00:48 GMT
GET H3	200	email-decode.min.js Show response dualeotruyenkq.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	28ms 28ms	Script application/javascript	172.67.139.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dualeotruyenkq.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 05 Apr 2024 17:26:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6610342c-4d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tW2P99FRVmeF7OhxGqQsfr8%2BCFzmLkMQmEt%2F1FHKsQp3yiA7vNEW3UGXTQ%2F3hj7TNFgrJrX9RKs0M0utB5ONhuy2bzlm7CEyN%2BXeXx4VAIs484HeQxosgvV12wSPvamDRxzAx6c%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 873c709f3b1d3738-FRA expires Mon, 15 Apr 2024 15:20:24 GMT
GET H3	200	jquery.countdown.js Show response dualeotruyenkq.com/js/	5 KB 2 KB	42ms 42ms	Script application/x-javascript	172.67.139.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dualeotruyenkq.com/js/jquery.countdown.js Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c9b578966da532a5e8b8610fd9eb8210096e0219a469d06f1ddd656b4ccde01 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 395 alt-svc h3=":443"; ma=86400 last-modified Tue, 05 Oct 2021 11:28:22 GMT server cloudflare etag W/"1220-615c36d6-340041b;br" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4STXEKTzlFEhgHyp1rQlhbz3sO3PnbvCEQY30tLHtnhPwXkbwPh2zMVYpKwtbDOu3JJPfDprKUD9T1Lw7pejrbBmHlcGUgWtPSw499Cg7EniPUAqc9qDGvK9ph9M4oUgnRBojpU%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 873c709f3b1f3738-FRA expires Sat, 13 Apr 2024 10:59:17 GMT
GET H3	200	swiper.min.js Show response dualeotruyenkq.com/swiper/	138 KB 37 KB	34ms 34ms	Script application/x-javascript	172.67.139.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dualeotruyenkq.com/swiper/swiper.min.js Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36231d9ccbf4581029b3733c99c07b587ce56a7113b74ae7c0c0a083aec38029 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5497 alt-svc h3=":443"; ma=86400 last-modified Tue, 05 Oct 2021 11:40:40 GMT server cloudflare etag W/"22681-615c39b8-840166c;br" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qmrIopZaZ2XejerrjPH6cg1Zwj75aMGMYGab1MnzltlAO4qvA2MX75YoXSYty7%2Bmbd7LXrferY2iMT8AltTsF4WRYFLRZxYK7vWvjoMFsj99g%2BVHARNXon2tlJO4rdQ%2Fat5hSU8%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 873c709f6b453738-FRA expires Sat, 13 Apr 2024 10:59:17 GMT
GET H3	200	jquery.priceformat.min.js Show response dualeotruyenkq.com/js/	3 KB 2 KB	64ms 64ms	Script application/x-javascript	172.67.139.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dualeotruyenkq.com/js/jquery.priceformat.min.js Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 114958cd6f5910a46d15c016977c7c967f9a67fdaa8f7d6e20749253537e9b36 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5497 alt-svc h3=":443"; ma=86400 last-modified Tue, 05 Oct 2021 11:28:22 GMT server cloudflare etag W/"c9f-615c36d6-340041e;br" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lNyrZDyUXqpwL5uFr%2F8LQXxvRLT4jSuXxuMfNMkWmem5VscH8y4%2BLlwHJBJejQ2sAygWvZUB08KtDJcF2ViQDB8V8smvUIslNBHz%2FFrrUnR51QzQPsJqR%2FchA1%2B3IUYELCmdfCI%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 873c709f7b5e3738-FRA expires Sat, 13 Apr 2024 10:59:17 GMT
GET H3	200	demo_price.js Show response dualeotruyenkq.com/js/	2 KB 1007 B	33ms 32ms	Script application/x-javascript	172.67.139.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dualeotruyenkq.com/js/demo_price.js Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e25556c03b6803eae2575044cb777f320506f16fbe8adbdc5fef866d82fe8094 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 394 alt-svc h3=":443"; ma=86400 last-modified Tue, 05 Oct 2021 11:28:24 GMT server cloudflare etag W/"8ed-615c36d8-3400416;br" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O7d3J0T1D3qC06ILKcesQNasU5%2B1F1RZUlkhTXTGQ6%2F8BiC6LyLtW6tiSFUgVvMmXzgM2gzPHIlftcknNHG9Tb1hMHuHIBdVQzdwph3BGKBlhwMqvbQQ8jAOcvZAoGJHBfrSou0%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 873c709febf63738-FRA expires Sat, 13 Apr 2024 10:59:17 GMT
GET H3	200	process.js Show response dualeotruyenkq.com/js/	57 KB 8 KB	680ms 680ms	Script application/x-javascript	172.67.139.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dualeotruyenkq.com/js/process.js?t=1713021623 Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ded8fed1404554c354790244a8ce20cfc00b2e6d125ab9c4bda3f7faf46d1eb Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT content-encoding br cf-cache-status MISS last-modified Fri, 03 Nov 2023 03:41:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"e5f3-65446bff-3400444;br" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C1juZk7NoL7n%2FwcK%2FVnQhjtTT8MUDwxtfU3xhXGgwonwPbMuQzs83QAd1%2FFR3ALqkAo4fbObrdCfREjVWPNfHbE5%2B%2FaT4D6cwE0FIc9dpbodSuMj5RytQ8m6FCx%2F9C%2FwFHKSp5w%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 873c709febf73738-FRA alt-svc h3=":443"; ma=86400 expires Sat, 20 Apr 2024 15:20:24 GMT
GET H3	200	chat.js Show response dualeotruyenkq.com/js/	5 KB 1 KB	687ms 687ms	Script application/x-javascript	172.67.139.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dualeotruyenkq.com/js/chat.js?t=1713021623 Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bca303d704b06c958b927a7cb70a6bac006959466f155ee4b279ed3678a6b2cc Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:25 GMT content-encoding br cf-cache-status MISS last-modified Thu, 14 Mar 2024 15:14:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1538-65f3144d-3400415;br" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FrpcgTDxxVu3tpEkTcfCQExtgZ3ceQHWl56hs5sdd5NhAvtCHiO9G1VRCGsLBNKlvpL5dY9kG4%2FwhDZ%2BbzEizwjcjtPAgdBa1BZIip0Fg8lHfnEqIlbqSWvogIBxIaClJrpHTBw%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 873c70a01c2b3738-FRA alt-svc h3=":443"; ma=86400 expires Sat, 20 Apr 2024 15:20:24 GMT
GET H3	200	load.gif dualeotruyenkq.com/images/	45 KB 46 KB	34ms 34ms	Image image/gif	172.67.139.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dualeotruyenkq.com/images/load.gif Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ebe183813dca914d88f8a7b265fa06b6520b13c3b491547ada14e3b3c5e0849c Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 394 alt-svc h3=":443"; ma=86400 content-length 46543 last-modified Tue, 05 Oct 2021 11:28:36 GMT server cloudflare etag "b5cf-615c36e4-2c07c93;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sjbaWjLaq2PxUDXAcRveHBQx8Vf9BYiiXUybGvmtryaFU%2BPUpSgMeWNPkeMQ5KbBe1ABSMFll7XzDWZBNFFf4Fn8iQGyPskbqk5dv95pLMBhggAI7UQX%2Flo6Tn1Sf4J1b5wwXm0%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a1fe8c3738-FRA expires Sat, 13 Apr 2024 10:59:18 GMT
GET H2	200	likebox.php www.facebook.com/plugins/ Frame 5C3B	0 0	226ms 173ms	Document text/html	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/dualeotruyen&colorscheme=light&show_faces=true&stream=false&header=false&width=300 Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://dualeotruyenkq.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-encoding zstd content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests; content-type text/html; charset="utf-8" cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy unsafe-none;report-to="coop_report" cross-origin-resource-policy cross-origin date Sat, 13 Apr 2024 15:20:24 GMT document-policy force-load-at-top expires Sat, 01 Jan 2000 00:00:00 GMT origin-agent-cluster ?0 permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" pragma no-cache report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" strict-transport-security max-age=15552000; preload vary Accept-Encoding x-content-type-options nosniff x-fb-connection-quality EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1294, tbw=2756, tp=-1, tpl=-1, uplat=150, ullat=0 x-fb-debug V2yrAdRPD83dgraZwh7tNKi8DzXBUci+sZqQRYCJ0qq9D2zXjPNg0o+acIWx8p/kXKh+muCGEssL8w+euX/tCA== x-xss-protection 0
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	126ms 75ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100:300,400,500,700,900|Material+Icons|Open%20Sans:bold,regular|Tinos:bold,regular|Cormorant%20Upright:bold,regular|Roboto:bold,regular|Baloo%20Bhaina:bold,regular|Lobster:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://fonts.googleapis.com/ Origin https://dualeotruyenkq.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 03:50:46 GMT x-content-type-options nosniff age 41378 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 13 Apr 2025 03:50:46 GMT
GET H3	200	fontawesome-webfont.woff2 dualeotruyenkq.com/fonts/	75 KB 76 KB	44ms 43ms	Font font/woff2	172.67.139.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dualeotruyenkq.com/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/skin/css/font-awesom.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/skin/css/font-awesom.css Origin https://dualeotruyenkq.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5497 alt-svc h3=":443"; ma=86400 content-length 77160 last-modified Tue, 05 Oct 2021 11:28:38 GMT server cloudflare etag "12d68-615c36e6-118059e3;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9qqwg6Z5xmF3kz15xnZKR7oj2sf8HWx6iFfzQ7VsQcohxq%2B0bAd%2BllMi5iy7zvqG3vHkFvgBg7Sx4DWU1YIuQ8pkYPH1uen6zDvxsx9SzfHrfdK%2BU3SY6W2BSmbkc1VzzOUHDOY%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a23f043738-FRA expires Sat, 13 Apr 2024 11:02:22 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 fonts.gstatic.com/s/roboto/v30/	12 KB 12 KB	82ms 31ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100:300,400,500,700,900|Material+Icons|Open%20Sans:bold,regular|Tinos:bold,regular|Cormorant%20Upright:bold,regular|Roboto:bold,regular|Baloo%20Bhaina:bold,regular|Lobster:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://fonts.googleapis.com/ Origin https://dualeotruyenkq.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Apr 2024 19:07:30 GMT x-content-type-options nosniff age 591174 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11824 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:43 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 06 Apr 2025 19:07:30 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	77ms 27ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100:300,400,500,700,900|Material+Icons|Open%20Sans:bold,regular|Tinos:bold,regular|Cormorant%20Upright:bold,regular|Roboto:bold,regular|Baloo%20Bhaina:bold,regular|Lobster:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://fonts.googleapis.com/ Origin https://dualeotruyenkq.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 00:45:23 GMT x-content-type-options nosniff age 52501 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 13 Apr 2025 00:45:23 GMT
GET H3	200	icomoon.woff dualeotruyenkq.com/fonts/	213 KB 96 KB	59ms 58ms	Font application/font-woff	172.67.139.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dualeotruyenkq.com/fonts/icomoon.woff?3p0rtw Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/skin/css/icomoon.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 657d012c7e3e3bb465f0c70f6088d9844a36835dd74ff9756bac4c78c853b1b3 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/skin/css/icomoon.min.css Origin https://dualeotruyenkq.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT content-encoding br cf-cache-status HIT last-modified Tue, 05 Oct 2021 11:28:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 759 etag W/"354c0-615c36f4-118059ec;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oqtZfpVCsLh%2BvhfoDxqASUOYb9ELQQ%2Bkta%2Fh6hhutXysLdK%2FB6ZqjnFPG1MtdQ45kFBgsBpYQcxrOxRrQ%2FBCvn%2BZPvUglV46JnQCNIQsLZWKDQ%2F%2Bf3js1bdpeXUCBgFKhetTVV8%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 x-turbo-charged-by LiteSpeed cf-ray 873c70a23f063738-FRA alt-svc h3=":443"; ma=86400
GET H2	200	KFOmCnqEu92Fr1Mu7WxKOzY.woff2 fonts.gstatic.com/s/roboto/v30/	5 KB 6 KB	126ms 76ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100:300,400,500,700,900|Material+Icons|Open%20Sans:bold,regular|Tinos:bold,regular|Cormorant%20Upright:bold,regular|Roboto:bold,regular|Baloo%20Bhaina:bold,regular|Lobster:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://fonts.googleapis.com/ Origin https://dualeotruyenkq.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 09 Apr 2024 17:08:58 GMT x-content-type-options nosniff age 339086 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5560 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:41 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 09 Apr 2025 17:08:58 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 fonts.gstatic.com/s/roboto/v30/	5 KB 6 KB	127ms 76ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100:300,400,500,700,900|Material+Icons|Open%20Sans:bold,regular|Tinos:bold,regular|Cormorant%20Upright:bold,regular|Roboto:bold,regular|Baloo%20Bhaina:bold,regular|Lobster:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://fonts.googleapis.com/ Origin https://dualeotruyenkq.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 11 Apr 2024 17:31:57 GMT x-content-type-options nosniff age 164907 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5548 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 11 Apr 2025 17:31:57 GMT
GET H2	200	KFOmCnqEu92Fr1Mu7GxKOzY.woff2 fonts.gstatic.com/s/roboto/v30/	12 KB 12 KB	124ms 74ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100:300,400,500,700,900|Material+Icons|Open%20Sans:bold,regular|Tinos:bold,regular|Cormorant%20Upright:bold,regular|Roboto:bold,regular|Baloo%20Bhaina:bold,regular|Lobster:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://fonts.googleapis.com/ Origin https://dualeotruyenkq.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 09 Apr 2024 03:29:55 GMT x-content-type-options nosniff age 388229 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11872 x-xss-protection 0 last-modified Wed, 11 May 2022 19:25:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 09 Apr 2025 03:29:55 GMT
GET H3	200	bl-ngan-chich-hony-1711552217.jpg img.imgdualeo.com/upbia/	186 KB 186 KB	56ms 54ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/upbia/bl-ngan-chich-hony-1711552217.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0226c2655aa78eeff2db870164ab5b4079836caae4f5806d4d482917eee798b Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 258962 cf-polished origSize=218536 alt-svc h3=":443"; ma=86400 content-length 190023 cf-bgj imgq:100,h2pri last-modified Wed, 27 Mar 2024 15:10:17 GMT server cloudflare etag "355a8-660436d9-2055ee9;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fvHNgBfHrLZbP%2FKIc6Gv0T0Ydtpj9x%2B7lJtD2yl5s51LHXeMSF%2F8Hs2K9IAuX7e06yRdjsdlI42sQWgeccq6E64ObQ%2F6burWBgLEfRLpMxQDF8pokJLWP2sqi%2BJIaAk4ILCW"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a228d71ac7-FRA expires Tue, 09 Apr 2024 21:42:45 GMT
GET H3	200	list-truyenss-ngan-chit-chit-1712423208.jpg img.imgdualeo.com/upbia/	1 MB 1 MB	60ms 58ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/upbia/list-truyenss-ngan-chit-chit-1712423208.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 98d50e53f5d52e17388b3bf4cdb64ef2a089a3a980c50cec7ab6a37c8caf4c3f Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 597618 cf-polished origSize=1629186 alt-svc h3=":443"; ma=86400 content-length 1373349 cf-bgj imgq:100,h2pri last-modified Sat, 06 Apr 2024 17:06:48 GMT server cloudflare etag "18dc02-66118128-206971a;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V6Q8ltu27Tuxu2%2ByjgVWH2AXFt9o4n8Gamy8n8zG9BI1nPnkUNpmwXo%2BJe%2FKf297mZcjO0uKSY4f7izumkYwTaIX6Vpr2BD50g1AtmI7My2aumg3kFxOb37WRkzboM9bAyie"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a228d81ac7-FRA expires Sat, 13 Apr 2024 17:06:49 GMT
GET H3	200	o-day-co-yaoi-hoi-bi-choay-1713013104.jpg img.imgdualeo.com/upbia/	307 KB 308 KB	32ms 30ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/upbia/o-day-co-yaoi-hoi-bi-choay-1713013104.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4833c11898aa72d6b054bded0eb97cd337815c7806d55cdf4410905104aa800d Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8313 cf-polished origSize=320323 alt-svc h3=":443"; ma=86400 content-length 314757 cf-bgj imgq:100,h2pri last-modified Sat, 13 Apr 2024 12:58:24 GMT server cloudflare etag "4e343-661a8170-206956a;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SMKCxbW7u8G28xs1teWyzpa3XmDCc%2FjSFMgp2NEcioe2lIGq0aWqSc5tFlkCJKZXIyOteP0lBtISpMKFYNisPNkks3bz1XTbCD0qLeyAhOKQXKE0Xj%2BtwykHnZIMRZe7zx5U"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a228dc1ac7-FRA expires Sat, 20 Apr 2024 12:58:25 GMT
GET H3	200	o-sin-otp-1712328876.jpg img.imgdualeo.com/upbia/	476 KB 476 KB	170ms 168ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/upbia/o-sin-otp-1712328876.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10aeba914b367b135575315115e15756a0c3f34d44b2400d3f9689dd1472352f Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 83781 cf-polished origSize=508905 alt-svc h3=":443"; ma=86400 content-length 486976 cf-bgj imgq:100,h2pri last-modified Fri, 05 Apr 2024 14:54:36 GMT server cloudflare etag "7c3e9-661010ac-206970a;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QLoBqWl8p6FmIpdmSaqWnqpBpLV5dOkWduAa8MvMijfHWGe2UDP62iTfzPktW52f%2B1p%2F7IukCiJOl0OGleBcSE3NLuxOzcRVbqdISHhB%2BvYxpzzibdFwSVr95hCTrWKcQFs8"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a228dd1ac7-FRA expires Fri, 12 Apr 2024 14:54:39 GMT
GET H3	200	bl-ngan-tuyen-chon-1711243465.jpg img.imgdualeo.com/upbia/	191 KB 191 KB	193ms 192ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/upbia/bl-ngan-tuyen-chon-1711243465.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d09114459c25d168f355a239c114c7cefb02763982877b5197a7f347088a5b93 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 416973 cf-polished origSize=235988 alt-svc h3=":443"; ma=86400 content-length 195404 cf-bgj imgq:100,h2pri last-modified Sun, 24 Mar 2024 01:24:25 GMT server cloudflare etag "399d4-65ff80c9-204981a;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OLXtE9CPpSnWe%2BueewmK%2BV6sOWvqhWyHkhb5k0Q9YK3CLmsPvFtl5XcNdcvhJhUULMyCb46pazbFNrs%2FEKFQouZ9RCojDwXMQ0Vv5EKqOWgPtn5FHP5U6zoiJoQpbUr7TfwA"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a228de1ac7-FRA expires Tue, 09 Apr 2024 19:10:02 GMT
GET H3	200	tinh-yeu-hoa-le-no-1695808702.png img.imgdualeo.com/upload/	30 KB 31 KB	211ms 210ms	Image image/png	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/upload/tinh-yeu-hoa-le-no-1695808702.png Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3314a38b038372b7a36e9d22428e8431b4a95fd9cf91a1e415db23e48b55bf23 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 395372 cf-polished origSize=32188 alt-svc h3=":443"; ma=86400 content-length 31160 cf-bgj imgq:100,h2pri last-modified Wed, 27 Sep 2023 09:58:22 GMT server cloudflare etag "7dbc-6513fcbe-401d54e;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7wOxuoFZksliU30TrA3fd0ihHAJm9ZQXzKhg0skJGpbSB68G99lFX%2FAjquYwGpWNPXOctcs9bO8DOPf8%2BdrndDJWxklr9drRXym07LFKATP1y3SNQ2%2FWEoqCDNcTnPJ%2BLKEy"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a228df1ac7-FRA expires Tue, 09 Apr 2024 20:16:24 GMT
GET H3	200	codename-anastasia-1682862456.jpg img.imgdualeo.com/upload/	24 KB 25 KB	212ms 211ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/upload/codename-anastasia-1682862456.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 299e028c8a6c2f8748a901589390ad502d034eda8dd29458ead42b909d6f8d67 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 419832 cf-polished origSize=26139 alt-svc h3=":443"; ma=86400 content-length 25048 cf-bgj imgq:100,h2pri last-modified Sun, 30 Apr 2023 13:47:36 GMT server cloudflare etag "661b-644e7178-4006f25;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kfqv2aeveZ8nDqFGHX51BuEoM0mX%2FQslPJgpBvKkB5%2BaruJMqWzG7yMnC%2FbElHwrPQcgsoJn82hxqTvJF9nIRK9P9TBEP09ExAZnpGzZBE%2FpAY2AHJAELvQGatJaLkXKc5HN"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a228e11ac7-FRA expires Tue, 09 Apr 2024 17:16:23 GMT
GET H3	200	oneshot-hony-nha-ro-lai-1712629798.png img.imgdualeo.com/upbia/	667 KB 668 KB	212ms 211ms	Image image/webp	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/upbia/oneshot-hony-nha-ro-lai-1712629798.png Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce09d55a1fe588312973d46656b4bc290bd3b25b64205da8cb403fce2c5ed8fa Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 390258 cf-polished origFmt=png, origSize=1128509 content-disposition inline; filename="oneshot-hony-nha-ro-lai-1712629798.webp" alt-svc h3=":443"; ma=86400 content-length 683200 cf-bgj imgq:100,h2pri last-modified Tue, 09 Apr 2024 02:29:58 GMT server cloudflare etag "11383d-6614a826-2069739;;;" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jBQWADfwOz82%2FlBLth%2FmcutG39qflMa3XLxPHR2WYdPFpEI18TjZDzZxH1qrGY%2Bo7uoMatL%2Ffdq2KwFo52IEfVzXld19dXnNuCUCJx8zrGnaBsJN87WlkSi5YiYoWhINE0SZ"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a228e21ac7-FRA expires Tue, 16 Apr 2024 02:29:59 GMT
GET H3	200	khoang-cach-vuot-qua-gioi-han-1694006372.jpg img.imgdualeo.com/upload/	26 KB 26 KB	254ms 252ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/upload/khoang-cach-vuot-qua-gioi-han-1694006372.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d87d92be1b96f68a23294d675dfccf641dbed5ba98c6c2824b6ce0e8b63e7dd0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 416972 cf-polished origSize=27374 alt-svc h3=":443"; ma=86400 content-length 26473 cf-bgj imgq:100,h2pri last-modified Wed, 06 Sep 2023 13:19:32 GMT server cloudflare etag "6aee-64f87c64-40dee5f;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=13LF0ugfN3bpsS4hcDshTURTPFF4S%2Fx0Sl1ie84ERk8LJDUqVzaa4aEKIrewTx2LjUH4u95o2HdxU3vByL%2FR7At7cBZY2P5N%2FHd%2BgWJKDZuHF6LrldDhzFnJgf9OIVAqUzht"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a228e31ac7-FRA expires Tue, 09 Apr 2024 19:10:17 GMT
GET H3	200	tuyen-tap-nhat-thu-da-cong-cua-nha-kim-1711890049.jpg img.imgdualeo.com/upbia/	265 KB 266 KB	255ms 254ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/upbia/tuyen-tap-nhat-thu-da-cong-cua-nha-kim-1711890049.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce84bac24177db6860e9866ca4ef30ab55ce8d6dbf924fb90465dd58280102a3 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 522643 cf-polished origSize=311752 alt-svc h3=":443"; ma=86400 content-length 271785 cf-bgj imgq:100,h2pri last-modified Sun, 31 Mar 2024 13:00:49 GMT server cloudflare etag "4c1c8-66095e81-2055ef7;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oEw%2FfR78yNsD3VPSthYbMsVDIYZC1ya%2FUvhzk46l0ZRXKXcD3l03W0TxyuHrt9EsXIJ7O4lJ7w2t8KngifvvLjun94MfF98AL2j5OgTMVzXsn0kvCstER8PC9%2FkJPXuqeKdW"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a228e51ac7-FRA expires Tue, 09 Apr 2024 20:17:04 GMT
GET H2	200	SOMfbfam.jpg i.imgur.com/	12 KB 12 KB	36ms 35ms	Image image/jpeg	146.75.120.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/SOMfbfam.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 0838f0d87b3022190f154cd85e7bba1cbcb79e08ae461161f2f2728ac3b84d35 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD89-P1 age 2669967 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront, HIT, HIT content-length 12305 x-served-by cache-iad-kcgs7200103-IAD, cache-fra-etou8220020-FRA x-amz-expiration expiry-date="Thu, 21 Mar 2024 00:00:00 GMT", rule-id="Expire Thumbnails" last-modified Wed, 13 Mar 2024 16:11:26 GMT server cat factory 1.0 x-timer S1713021625.676688,VS0,VE1 etag "e35768b764d1da298cb529ea5426a95f" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id D1_WgAApcFBDQy0M4dHCOQSPLl9t9zogs6Z5CyDI4D91dxPqITZw6w== x-cache-hits 268, 0
GET H2	200	HQxIXMrm.jpg i.imgur.com/	17 KB 17 KB	89ms 88ms	Image image/jpeg	146.75.120.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/HQxIXMrm.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash ce4bd549ed9f32818b574db803facbc1beb934fb828c3d48105b572f81e31515 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT strict-transport-security max-age=300 x-content-type-options nosniff age 643840 x-cache HIT, HIT content-length 16912 x-served-by cache-iad-kjyo7100164-IAD, cache-fra-etou8220020-FRA last-modified Sat, 06 Apr 2024 04:29:44 GMT server cat factory 1.0 x-timer S1713021625.677696,VS0,VE1 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 136, 0
GET H3	200	-1710857055.jpg img.imgdualeo.com/avata/	152 KB 152 KB	283ms 282ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/avata/-1710857055.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d63e85bfb375030bc6db6a96f8a262eaa910eeebe83fcbbc0ebffe6dba28aa5c Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 395371 cf-polished origSize=164485 alt-svc h3=":443"; ma=86400 content-length 155545 cf-bgj imgq:100,h2pri last-modified Tue, 19 Mar 2024 14:04:15 GMT server cloudflare etag "28285-65f99b5f-4c3862c;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G0hpeGmU6fXSKGhCe%2BVBOV3kki6NqaSvXRXFDgB4SUxAKGw3CManpuVbjnjwMTeAMWFPUQzRk9BFIYitfvOQIi0CNNjbD9o%2F8c%2Fe%2BKVv4cCG2SNZ6STkh2zr6FI%2BMYNHYjcn"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a228e61ac7-FRA expires Tue, 09 Apr 2024 21:42:47 GMT
GET H2	200	T7v1jZRm.png i.imgur.com/	11 KB 12 KB	88ms 87ms	Image image/jpeg	146.75.120.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/T7v1jZRm.png Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 89c2b0925b1e760708ed8a704cfcd344bcdc57d7052266a0d25ccea1694ddbb9 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD89-P1 age 650386 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront, HIT, HIT content-length 11420 x-served-by cache-iad-kiad7000136-IAD, cache-fra-etou8220020-FRA x-amz-expiration expiry-date="Tue, 30 Jan 2024 00:00:00 GMT", rule-id="Expire Thumbnails" last-modified Mon, 22 Jan 2024 13:39:19 GMT server cat factory 1.0 x-timer S1713021625.677201,VS0,VE1 etag "ff8173842dfe1b989dcca70485ed4a18" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id VYEu66cdGSNbHpJD_g06edYrrTzm_28F7YqiZIRQn6vDRXStoOsnyQ== x-cache-hits 2757, 0
GET H2	200	Zt2Wyeym.jpg i.imgur.com/	12 KB 12 KB	51ms 50ms	Image image/jpeg	146.75.120.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/Zt2Wyeym.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash fa8f88709afab05034004c320bdc94c4b94f3c71f3d82e6437d0f55646e573e5 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT strict-transport-security max-age=300 x-content-type-options nosniff age 725636 x-cache HIT, HIT content-length 12437 x-served-by cache-iad-kjyo7100114-IAD, cache-fra-etou8220020-FRA last-modified Fri, 05 Apr 2024 05:46:28 GMT server cat factory 1.0 x-timer S1713021625.677263,VS0,VE1 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 432, 0
GET H2	200	WYGuBidm.jpg i.imgur.com/	15 KB 15 KB	77ms 76ms	Image image/jpeg	146.75.120.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/WYGuBidm.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash ec91e2ab8e3c7d276dc0191e557ec33754e27fb536780bcb6428516bd71cbc4d Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop MIA3-P5 age 662425 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront, HIT, HIT content-length 15360 x-served-by cache-iad-kjyo7100036-IAD, cache-fra-etou8220020-FRA x-amz-expiration expiry-date="Sat, 30 Mar 2024 00:00:00 GMT", rule-id="Expire Thumbnails" last-modified Fri, 22 Mar 2024 09:17:32 GMT server cat factory 1.0 x-timer S1713021625.677162,VS0,VE1 etag "024fff1a9671b9e8c754d96e35a3e1ba" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id HdwdrO5PupV_qPMn1LRZpeWhXl4CEssBK9Qz26IWwbXVne2OyCNXfQ== x-cache-hits 220, 0
GET H2	200	Ju7dRx0m.jpg i.imgur.com/	27 KB 27 KB	52ms 51ms	Image image/jpeg	146.75.120.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/Ju7dRx0m.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 723b54e67afe91368d93eabbe32bdd9c4b6af7295b4b57677f24077f488b5fdd Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD89-P1 age 549124 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront, HIT, HIT content-length 27578 x-served-by cache-iad-kcgs7200149-IAD, cache-fra-etou8220020-FRA x-amz-expiration expiry-date="Tue, 12 Mar 2024 00:00:00 GMT", rule-id="Expire Thumbnails" last-modified Mon, 04 Mar 2024 06:37:04 GMT server cat factory 1.0 x-timer S1713021625.677154,VS0,VE1 etag "bde798f69327b874e32008150e531469" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id sEX8s8pAEO-C_nSCM3GsGuTeCZjEXv94DtOsnn7XvcagE0Ipe40wJg== x-cache-hits 127, 0
GET H2	200	kmjTsRAm.jpg i.imgur.com/	22 KB 22 KB	40ms 39ms	Image image/jpeg	146.75.120.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/kmjTsRAm.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 2bcefdc50bbd0a5956eded137494b21fcab8bd8c4650a03b7790797f2d88126b Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT strict-transport-security max-age=300 x-content-type-options nosniff age 555529 x-cache HIT, HIT content-length 22105 x-served-by cache-iad-kiad7000129-IAD, cache-fra-etou8220020-FRA last-modified Sun, 07 Apr 2024 05:01:35 GMT server cat factory 1.0 x-timer S1713021625.677156,VS0,VE1 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 18, 0
GET H3	206	chat.mp3 dualeotruyenkq.com/uploads/	27 KB 28 KB	61ms 60ms	Media audio/mpeg	172.67.139.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dualeotruyenkq.com/uploads/chat.mp3 Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 784f03d9bb164d5c18cbb84763b035710d302a82b569039614d0f61175918f58 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Referer https://dualeotruyenkq.com/ Range bytes=0- sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5649 Content-Range bytes 0-27722/27723 alt-svc h3=":443"; ma=86400 Content-Length 27723 last-modified Tue, 05 Oct 2021 11:38:30 GMT server cloudflare etag "6c4b-615c3936-118059f7;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GK4Ft%2BeAEsy73D32oRJRq07T%2B9CpPdDp9uQopp2%2BdL9MywUe8V2kf6V44k7NxoRhngsQuuCKazmSAx1sesCuAY%2B2rFXhcQLgmXFOpCuLH%2FGJQWYEztMDrOT8EpidOAFHTADSWEo%3D"}],"group":"cf-nel","max_age":604800} content-type audio/mpeg cache-control max-age=14400 x-turbo-charged-by LiteSpeed cf-ray 873c70a23efa3738-FRA
GET H3	206	global_message.mp3 dualeotruyenkq.com/uploads/	32 KB 32 KB	37ms 37ms	Media audio/mpeg	172.67.139.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dualeotruyenkq.com/uploads/global_message.mp3 Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ee45cc197de09267ac4d7a1bcef446c039d60e5e7d28b62d1256d7d5abb9c79 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Referer https://dualeotruyenkq.com/ Range bytes=0- sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6139 Content-Range bytes 0-32632/32633 alt-svc h3=":443"; ma=86400 Content-Length 32633 last-modified Tue, 05 Oct 2021 11:38:30 GMT server cloudflare etag "7f79-615c3936-118059f8;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FT%2BppAfJ7mplyntJ0bWZYHuDxNFE29YJYtGKhLstATO1%2FOsVJGbT7G%2FWJbq%2B3FGRSsMqS2MTeIc8rlt2K4i%2BcKsHPV%2FLmfTtVzfQowzVWF1MMGD8RU9v1osXYNOKkrMrlYIj1Sg%3D"}],"group":"cf-nel","max_age":604800} content-type audio/mpeg cache-control max-age=14400 x-turbo-charged-by LiteSpeed cf-ray 873c70a23efb3738-FRA
GET H3	200	user.png dualeotruyenkq.com/images/	9 KB 9 KB	32ms 32ms	Image image/png	172.67.139.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dualeotruyenkq.com/images/user.png Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50eac83c8f3c17c574d2cab04ce0f1eb85f3f9ad91f548d896d81a97f48bfa68 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1082 alt-svc h3=":443"; ma=86400 content-length 8938 last-modified Tue, 05 Oct 2021 11:28:26 GMT server cloudflare etag "22ea-615c36da-2c07ca0;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Aagw2QAxKVEs4wbtlY%2FyGlibInq8e3w%2BQ1ARW7TyvataH3WjQPh1dKEsbqsFnpB5vryD1%2F6KYYl3Io3hG4aqUdH8fCopHbnczeP8RmJaUyDJ2nHhCwI3cvbkeV8tnzvyZPD5kdk%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a23efc3738-FRA expires Sat, 13 Apr 2024 10:59:57 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 256 B	134ms 72ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-9GN0NB8WPK&gtm=45je44a0v9104508192za200&_p=1713021624618&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1364741238.1713021625&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713021624&sct=1&seg=0&dl=https%3A%2F%2Fdualeotruyenkq.com%2F&dt=%C4%90%E1%BB%8Dc%20Truy%E1%BB%87n%20Tranh%20Online%20Mi%E1%BB%85n%20Ph%C3%AD%20Nhanh%20Nh%E1%BA%A5t%20-%20DuaLeoTruyen&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1601 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-9GN0NB8WPK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 13 Apr 2024 15:20:24 GMT server Golfe2 content-type text/plain access-control-allow-origin https://dualeotruyenkq.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	doi-thu-khong-doi-troi-chung-cuoi-cung-cung-pha-san-1702134033.jpg img.imgdualeo.com/upload/	26 KB 26 KB	259ms 259ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/upload/doi-thu-khong-doi-troi-chung-cuoi-cung-cung-pha-san-1702134033.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2bf7ddcda86a126af9e81d2bbc115f5f672ce56aa07e33489c447bd4a23bebc5 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 60403 cf-polished origSize=27343 alt-svc h3=":443"; ma=86400 content-length 26160 cf-bgj imgq:100,h2pri last-modified Sat, 09 Dec 2023 15:00:33 GMT server cloudflare etag "6acf-65748111-404268e;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pFjzFqd4NSyE3RjHwoDHik9avFaOmXvSWUqqM3Wg3Lj1Kw%2BQO1SUtQ5ZQx5ppxbwIkN1DXJKq9fd3gdfU3Z7RzT8mBdCSxp%2FvvbhFhNlR41smj8Bo4OrgnnrF11I2kx6cO0v"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a2692d1ac7-FRA expires Tue, 09 Apr 2024 19:12:06 GMT
GET H3	200	quan-he-cong-sinh-cua-mat-trang-va-mat-troi-1712765553.jpg img.imgdualeo.com/upbia/	301 KB 301 KB	260ms 260ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/upbia/quan-he-cong-sinh-cua-mat-trang-va-mat-troi-1712765553.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c73c3f9e69d3df63e6ceb68acf516bed06219b48556ee2499a3fcb7efcd6acdd Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 255547 cf-polished origSize=314073 alt-svc h3=":443"; ma=86400 content-length 307876 cf-bgj imgq:100,h2pri last-modified Wed, 10 Apr 2024 16:12:33 GMT server cloudflare etag "4cad9-6616ba71-2069550;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dp3giHrLchn5kzesuVtTlg%2Bn85nS3pOW8mh5fZeDTzsk1%2BDxCYas6GVppsWO2r70RlJxpoboAeZvh9vaWnqqITcy6xOMcu%2FDe3uQjTMGWx9Xi5DdbFhINYCuIKc1%2FmNz7hdl"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a2692f1ac7-FRA expires Wed, 17 Apr 2024 16:12:39 GMT
GET H3	200	blaze-ou-1704723694.jpg img.imgdualeo.com/upload/	21 KB 21 KB	282ms 281ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/upload/blaze-ou-1704723694.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1be26bcc0dcb015e2461277ab7b828c4034a165b93375c5179299ae21a23932 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 338822 cf-polished origSize=21884 alt-svc h3=":443"; ma=86400 content-length 21125 cf-bgj imgq:100,h2pri last-modified Mon, 08 Jan 2024 14:21:35 GMT server cloudflare etag "557c-659c04ef-4045efd;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N2MYlakN8EMi%2F%2F80RRp1sNSHecti6Ni8J%2B%2FMNRs3a8JKyxhod5W6dbOAXuoCoQJZCyEanGrkDPDH%2Bk%2FYDN14nOAMseE8%2Bexz1dkSrliehcfRZO%2BhImIts%2Fkis3rKQszNiuy2"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a269311ac7-FRA expires Tue, 09 Apr 2024 21:43:24 GMT
GET H3	200	tuyen-tap-genshin-impact-1691290374.jpg img.imgdualeo.com/upload/	24 KB 24 KB	283ms 282ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/upload/tuyen-tap-genshin-impact-1691290374.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e37ff5671e6a73548dfc13e53709258988bf132d0a27ced5815af89a4213865c Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1182 cf-polished origSize=25482 alt-svc h3=":443"; ma=86400 content-length 24355 cf-bgj imgq:100,h2pri last-modified Sun, 06 Aug 2023 02:52:54 GMT server cloudflare etag "638a-64cf0b06-4016db5;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EsH3NJ7pBfGhVk1DfBOVtL6JREjBztUSQe4fQIbLvZ4%2BrOD0ptFJtL8zMnoVglntSbSpVtwsxZ4%2F%2FX8u2cCmIPqL32Rc3LuKKRCoufV7C2GP6UORWIkEFbkUwJqr156ucpZY"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a269331ac7-FRA expires Tue, 09 Apr 2024 20:18:49 GMT
GET H3	200	cap-tren-1652369571.jpg img.imgdualeo.com/uploads/minh_hoa/	23 KB 24 KB	285ms 284ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/uploads/minh_hoa/cap-tren-1652369571.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 33cf6d624b7dd4748ac8a1ad38844046490e9f9a899eee470514b4053efdcdf3 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 326724 cf-polished origSize=24853 alt-svc h3=":443"; ma=86400 content-length 23983 cf-bgj imgq:100,h2pri last-modified Thu, 12 May 2022 15:32:51 GMT server cloudflare etag "6115-627d28a3-1033c67;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WVSWbCzhVkSUe4YYTLewgc2Vo%2FSgvlBOuhfbeYZMhrC%2FHMyA7uUVE4EAX%2BvdOA0oNalcg37Ljwlw7cYV6HYO4ubfHkLqmoyw3sfrkSNfVeGaVJiHCIy7U%2B%2B2ViONR58jrkd1"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a269341ac7-FRA expires Tue, 09 Apr 2024 17:17:30 GMT
GET H3	200	bang-dang-samgeori-1710169135db6kEYC.jpeg img.imgdualeo.com/bia/	146 KB 146 KB	289ms 288ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/bia/bang-dang-samgeori-1710169135db6kEYC.jpeg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ac8e8fa6511232a7a52ffbc08631e60f84d0f4ec983c5b3a8a5649dc262931a Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 426475 cf-polished origSize=157749 alt-svc h3=":443"; ma=86400 content-length 149039 cf-bgj imgq:100,h2pri last-modified Mon, 11 Mar 2024 14:58:55 GMT server cloudflare etag "26835-65ef1c2f-440629d;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YLWWKbpGbojnghbrqSznZtig1ztF76gWxp5%2BoCtyD0dkhLQocZruNcFuRcX%2BZxNWMbVoJgwiYAJWo86IL5pyR2Ug9JOOelQzE7yvhl%2F6RxoGWqTrAK9PJziEbHUFP6KAbGxR"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a269361ac7-FRA expires Tue, 09 Apr 2024 20:25:17 GMT
GET H3	200	nam-thang-qua-1712321360.jpg img.imgdualeo.com/upbia/	614 KB 614 KB	294ms 294ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/upbia/nam-thang-qua-1712321360.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0417d2f9a643b90078d2cf7ac35858fa490d19f3fdf61200a8eef281cfb346df Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 146919 cf-polished origSize=672410 alt-svc h3=":443"; ma=86400 content-length 628580 cf-bgj imgq:100,h2pri last-modified Fri, 05 Apr 2024 12:49:21 GMT server cloudflare etag "a429a-660ff351-2069706;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PrQoIExI9pZkoDB4zrfe4%2BMG9OPOWiYAadCHTRFfDxhDSt1KxA46R5AXvqlv1jrl2R2Fq4U1PqW2BtaGmmPUlcXSUk4B4bVGDta8z8Ra%2B1aD9T9WiaTmE7BSnVSVUPSkF8zA"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a269371ac7-FRA expires Fri, 12 Apr 2024 12:49:24 GMT
GET H3	200	thang-12-1710775662.jpg img.imgdualeo.com/upbia/	414 KB 414 KB	336ms 335ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/upbia/thang-12-1710775662.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f68e78b93d1eb267baeacb834e26d1d7428b15abfe7a0446a0694813eaaf8f0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 271754 cf-polished origSize=460890 alt-svc h3=":443"; ma=86400 content-length 423716 cf-bgj imgq:100,h2pri last-modified Mon, 18 Mar 2024 15:27:42 GMT server cloudflare etag "7085a-65f85d6e-2000e63;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tG0ICeooqZdDREO2pmm5eC5FpRRCrpDnyY1LoXrhKAn0fxn4zAopoBdR1IYQBJXyqxKcs3jNGNNQbRBELOcbUL1TrRAz4X7ZzMFaJCf%2BuhZVi9ftrmgVOhMde5bqQIkJ0cBL"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a269391ac7-FRA expires Tue, 09 Apr 2024 21:43:16 GMT
GET H2	200	2020620 Show response t7cp4fldl.com/get/	4 KB 2 KB	27ms 26ms	Script text/javascript	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://t7cp4fldl.com/get/2020620?zoneid=2020620&jp=_clkj3ssg5gb3f44ahb0m5y&nojs=0&abvar=0&febuild=1.0.221&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=7430613979675648&eclog=0&im=0&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22123%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22123%22&chf=%22Google%20Chrome%22;v=%22123.0.6312.122%22,%20%22Not:A-Brand%22;v=%228.0.0.0%22,%20%22Chromium%22;v=%22123.0.6312.122%22&chm=false&chmd=&chp=Win32&chv=10.0.0&freq=0&uf=0 Requested by Host: t7cp4fldl.com URL: https://t7cp4fldl.com/lv/esnk/2020620/code.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 9fe9e4e681d2b373958bf8c258e711a24c19832b84bf7236d1c30e6ab8029c24 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT content-encoding gzip server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript; charset=utf-8 x-route-id config timing-allow-origin *
POST H2	200	solid.gif ku42hjr2e.com/	43 B 638 B	30ms 29ms	Ping image/gif	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://ku42hjr2e.com/solid.gif?z=2020616&nojs=0&abvar=0&febuild=1.0.221&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=2364064398899712&eclog=0&im=0&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22123%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22123%22&chf=%22Google%20Chrome%22;v=%22123.0.6312.122%22,%20%22Not:A-Brand%22;v=%228.0.0.0%22,%20%22Chromium%22;v=%22123.0.6312.122%22&chm=false&chmd=&chp=Win32&chv=10.0.0 Requested by Host: ku42hjr2e.com URL: https://ku42hjr2e.com/aas/r45d/vki/2020616/b909cbf9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT x-route-id stats.tag.loaded server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 content-type image/gif
GET H2	200	2020616 Show response ku42hjr2e.com/get/	37 B 681 B	30ms 30ms	Script text/javascript	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://ku42hjr2e.com/get/2020616?zoneid=2020616&jp=_cl1mobb053o0w8a7fpb7fj&nojs=0&abvar=0&febuild=1.0.221&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=2364064398899712&eclog=0&im=0&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22123%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22123%22&chf=%22Google%20Chrome%22;v=%22123.0.6312.122%22,%20%22Not:A-Brand%22;v=%228.0.0.0%22,%20%22Chromium%22;v=%22123.0.6312.122%22&chm=false&chmd=&chp=Win32&chv=10.0.0&uf=0 Requested by Host: ku42hjr2e.com URL: https://ku42hjr2e.com/aas/r45d/vki/2020616/b909cbf9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT content-encoding gzip server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript x-route-id config timing-allow-origin *
GET H2	200	2020621 Show response t7cp4fldl.com/get/	4 KB 2 KB	30ms 30ms	Script text/javascript	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://t7cp4fldl.com/get/2020621?zoneid=2020621&jp=_cl222k4ddd94fx422sqn8b&nojs=0&abvar=0&febuild=1.0.221&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=6023239096089088&eclog=0&im=0&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22123%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22123%22&chf=%22Google%20Chrome%22;v=%22123.0.6312.122%22,%20%22Not:A-Brand%22;v=%228.0.0.0%22,%20%22Chromium%22;v=%22123.0.6312.122%22&chm=false&chmd=&chp=Win32&chv=10.0.0&freq=0&uf=0 Requested by Host: t7cp4fldl.com URL: https://t7cp4fldl.com/lv/esnk/2020621/code.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 4ffcd67ba16732f41cc2f552324aea9f31a6791f2269d681cda3289dc24272ad Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:24 GMT content-encoding gzip server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript; charset=utf-8 x-route-id config timing-allow-origin *
GET H2	200	2020620 t7cp4fldl.com/sn/ps/ Frame 89EB Redirect Chain https://t7cp4fldl.com/sn/pr/2020620?zoneid=2020620&jp=_clkj3ssg5gb3f44ahb0m5y&nojs=0&abvar=0&febuild=1.0.221&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::... https://coosync.com/sn/c?zoneid=2020620&freq=0&srp=13Rl_dOyY88Ulx3dNhfTmZyHdXLkbdfOVIPhUNWjbrpDPnu3gHvxj5L33tqPzBNK8qdQYhg0D--3DOX373nZ2kmt9cWFUmy3uSGNwQoo9Fo= https://t7cp4fldl.com/sn/ps/2020620?freq=0&puid=0&so=1	0 0	29ms 29ms	Document text/html	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://t7cp4fldl.com/sn/ps/2020620?freq=0&puid=0&so=1 Requested by Host: t7cp4fldl.com URL: https://t7cp4fldl.com/lv/esnk/2020620/code.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://dualeotruyenkq.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data content-encoding gzip content-type text/html; charset=utf-8 date Sat, 13 Apr 2024 15:20:25 GMT server nginx timing-allow-origin * vary Accept-Encoding x-route-id cookie.user_id.pre_sync.final Redirect headers accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data content-length 85 content-type text/html; charset=utf-8 date Sat, 13 Apr 2024 15:20:25 GMT location https://t7cp4fldl.com/sn/ps/2020620?freq=0&puid=0&so=1 server nginx timing-allow-origin * x-route-id cookie.user_id.sync
GET H2	200	tghr.js Show response jfjle4g5l.com/aas/r45d/vki/1967345/	103 KB 40 KB	98ms 28ms	Script application/javascript	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://jfjle4g5l.com/aas/r45d/vki/1967345/tghr.js Requested by Host: t7cp4fldl.com URL: https://t7cp4fldl.com/lv/esnk/2020620/code.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 1731461ee0dbeff94d64b2013549ca172a1b5bdfb7ee0aa347238da3dc1f6376 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:25 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 13:20:20 GMT server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data etag W/"6613ef14-19e1e" vary Accept-Encoding content-type application/javascript x-js-ab2 current timing-allow-origin *
GET H3	200	eac8e8369f822993a74bcd42cff79241c50fd011.gif cdn.bncloudfl.com/bn/eac/8e8/369/ Frame 17E2	42 KB 43 KB	100ms 31ms	Image image/webp	172.67.214.86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bncloudfl.com/bn/eac/8e8/369/eac8e8369f822993a74bcd42cff79241c50fd011.gif Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.214.86 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36b92415e51bccb974a8b2870d70b5b86072b23e17ad6856eb88b029113b4102 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-proxy-cache HIT date Sat, 13 Apr 2024 15:20:25 GMT x-openstack-request-id txdf5cf0c8059146788e813-0064410ba3 cf-cache-status HIT age 156794 cf-polished origFmt=gif, origSize=59549 content-disposition inline; filename="eac8e8369f822993a74bcd42cff79241c50fd011.webp" alt-svc h3=":443"; ma=86400 content-length 43008 x-trans-id txdf5cf0c8059146788e813-0064410ba3 cf-bgj imgq:100,h2pri last-modified Thu, 20 Apr 2023 09:38:39 GMT server cloudflare etag 8288ed0e1e132023537dfdcdda356cd2 vary Accept access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type image/webp access-control-allow-origin * access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=432000 x-timestamp 1681983518.92304 accept-ranges bytes cf-ray 873c70a49cdd3a9d-FRA access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization expires Sat, 13 Apr 2024 19:47:11 GMT
GET H3	200	eac8e8369f822993a74bcd42cff79241c50fd011.gif cdn.bncloudfl.com/bn/eac/8e8/369/ Frame E183	42 KB 0	77ms 77ms	Image image/webp	172.67.214.86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bncloudfl.com/bn/eac/8e8/369/eac8e8369f822993a74bcd42cff79241c50fd011.gif Requested by Host: t7cp4fldl.com URL: https://t7cp4fldl.com/lv/esnk/2020621/code.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.214.86 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36b92415e51bccb974a8b2870d70b5b86072b23e17ad6856eb88b029113b4102 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-proxy-cache HIT date Sat, 13 Apr 2024 15:20:25 GMT x-openstack-request-id txdf5cf0c8059146788e813-0064410ba3 cf-cache-status HIT age 156794 cf-polished origFmt=gif, origSize=59549 content-disposition inline; filename="eac8e8369f822993a74bcd42cff79241c50fd011.webp" alt-svc h3=":443"; ma=86400 content-length 43008 x-trans-id txdf5cf0c8059146788e813-0064410ba3 cf-bgj imgq:100,h2pri last-modified Thu, 20 Apr 2023 09:38:39 GMT server cloudflare etag 8288ed0e1e132023537dfdcdda356cd2 vary Accept access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type image/webp access-control-allow-origin * access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=432000 x-timestamp 1681983518.92304 accept-ranges bytes cf-ray 873c70a49cdd3a9d-FRA access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization expires Sat, 13 Apr 2024 19:47:11 GMT
GET H2	200	sdk.js Show response connect.facebook.net/vi_VN/	3 KB 3 KB	66ms 22ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/vi_VN/sdk.js Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f5a8a750e18c59cc6a8ea8adeb986ac551deafc93ff9d2ee72e4c4141585aafc Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Sat, 13 Apr 2024 15:20:25 GMT content-md5 2vyZ/Zgw8O7vYZ6INnvXXA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1688 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=20, rtx=0, c=12, mss=1294, tbw=2765, tp=-1, tpl=-1, uplat=0, ullat=-1 x-fb-debug Ttu9LEGmT2ziJxzXTLfJTZCpIEO4jl452BSyNA0mLHRCsLuOlULKprueqFQdH3nhwWtwvWx+wHaZ1P3wCoj7gw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 09227a92b54cae0681a0685b50bcb5f2 cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" etag "a7895234df4a8827f380a75c08ce40f6" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" x-frame-options DENY timing-allow-origin * expires Sat, 13 Apr 2024 15:34:28 GMT
GET H3	200	sdk.js Show response connect.facebook.net/vi_VN/	298 KB 85 KB	42ms 21ms	Script application/x-javascript	157.240.252.13 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/vi_VN/sdk.js?hash=36de4dd7e785c93518380256739ec7dd Requested by Host: connect.facebook.net URL: https://connect.facebook.net/vi_VN/sdk.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-fra3.fbcdn.net Software / Resource Hash c9cbadb1d13f952ce1c236041750e5fed80f5b5d0603a5d7d1a383665b9e3481 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Origin https://dualeotruyenkq.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Sat, 13 Apr 2024 15:20:25 GMT content-md5 rxiD55Xw9FTXl5TojR3zuQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 87364 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=19, rtx=0, c=23, mss=1232, tbw=4278, tp=9, tpl=0, uplat=1, ullat=-1 x-fb-debug zJwTa7X1Hcs5+8urOx5VsD3WacIYpjgLHb51lFUiO5DV3B453uCjOQlevCaEDOlJwUT862yaWnPxj+3lRC2YIA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 81073105bf436fece89a383fc332ca75 cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" etag "a56f90f53d8c8279cb1bb0e3148e0c3a" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" x-frame-options DENY timing-allow-origin * priority u=3,i expires Sun, 13 Apr 2025 13:34:24 GMT
GET H3	200	nguoi-tinh-bi-mat-1712497984.png img.imgdualeo.com/upbia/	539 KB 539 KB	48ms 48ms	Image image/webp	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/upbia/nguoi-tinh-bi-mat-1712497984.png Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51ebf987fde59082a45e687141a34648cc340f9eb3c1701d8cc44426f8fbfa2f Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:25 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 523553 cf-polished origFmt=png, origSize=803140 content-disposition inline; filename="nguoi-tinh-bi-mat-1712497984.webp" alt-svc h3=":443"; ma=86400 content-length 551444 cf-bgj imgq:100,h2pri last-modified Sun, 07 Apr 2024 13:53:04 GMT server cloudflare etag "c4144-6612a540-2069728;;;" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QZGQf6tl5UL%2FR6Xjo8CLsQacBqmKlYou3clVLasuli5Z6VQ0Mc%2FSGats6TcwudftEqbkgHQwShYxS64L1svmoxiYf79bl1f8GcsX4rYL80zDhFV2JrynxGsp2tRv2S2f6zP6"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a4dc6c1ac7-FRA expires Sun, 14 Apr 2024 13:53:05 GMT
GET H3	200	khe-uoc-bi-mat-cua-dai-cong-tuoc-xu-bac-1712672189.jpg img.imgdualeo.com/upbia/	337 KB 337 KB	28ms 28ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/upbia/khe-uoc-bi-mat-cua-dai-cong-tuoc-xu-bac-1712672189.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 691f120efe3f3bf9fd01fe7250259b28ebe5f3f6f4ed6d3fef7dfb35311eef31 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:25 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6755 cf-polished origSize=381833 alt-svc h3=":443"; ma=86400 content-length 344626 cf-bgj imgq:100,h2pri last-modified Tue, 09 Apr 2024 14:16:29 GMT server cloudflare etag "5d389-66154dbd-2069544;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gxR76iH0XP3yiehfotTvUgR%2FICIydmGAd1J1yk1tRU%2Bmkwg0e3i3g3nxnmJGP8jB3G5I3RPBUn44Pzhp6n2Xab92PLweVela%2Bit1bJzK6b3zihv81u6U1tJmhTaTmjv%2FK%2FNf"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a4dc6e1ac7-FRA expires Thu, 18 Apr 2024 23:09:50 GMT
GET H3	200	ngan-nam-co-mot-1681139634.jpg img.imgdualeo.com/upload/	21 KB 22 KB	73ms 73ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/upload/ngan-nam-co-mot-1681139634.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0950a71498bb3091a1b3c2ac6c866ab798c6271fa316ef92e90e74f84265585 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:25 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 352692 cf-polished origSize=22313 alt-svc h3=":443"; ma=86400 content-length 21666 cf-bgj imgq:100,h2pri last-modified Mon, 10 Apr 2023 15:13:54 GMT server cloudflare etag "5729-643427b2-40123ea;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vc5uWrxYzBXI1F%2F8FqnHfQ5gx%2Bpi7vae7rjIDcPKoRLXF7YEausMGVobLmfPToRhqDmGmka7HlnlXmMho4gvH7nvCfSYHHmrkczrgN88Rltquh%2Fo5bihZfqJMnfZ0YjYwdQv"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a4dc6f1ac7-FRA expires Tue, 09 Apr 2024 17:16:28 GMT
GET H2	200	chicken.gif t7cp4fldl.com/ Frame 17E2	43 B 479 B	28ms 26ms	Image image/gif	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://t7cp4fldl.com/chicken.gif?z=2020620&pb=7962fefa545c09b03d8ff81a7e1215881713028824&psp=ZtU6KtkIxw94mAB5UpSEtyNy_yUIUYy0rXRRum3kMnQphb4wGAwa4Wvrb9NulcJeL7I6I6soIC-bmYU6bPD97iZJgavKm2xLQPA0uKGGgIcvCUOs3TJ6nQ2cheFEPMZItoOEkNEdZ5e7Jn4PGUNn_1JGZX_kGE9ip_fiGjUXbKt6HYvKo4pBdUXMk3D2YmGXNP7OsBSVMnvbBzYiLDhhaAgiJTYvbggtfELTEgM3kALGB-_sNI1XqlGsFZ0ESzkTrw4HGxrmja-iqVBoR2V99rRLO1bVre__DTBjuholVs2PALeOu-YUIUJmxk4J1JnO9BNCYhRw0R50zP4oaeJaxi5J_4MyYwMS6zhPaK51T9eeTKEutc_NZHzFHkg8GDluAzxPLBC4eTr_Up4hUSnWBdIODcVb0iMJTrx9Mx9_YzrtVMyIJt1auN6IsxPqBCKrsNd85xaEw7FAPnFO_6XuCp5vxMU8zV7NvUayAJOZJ2L6YIh6TJ4VpTH6MZ-fPyB97yloPUnSKJU7nJB7s8yJQOblPTqTWer-l8qJ2pBlx_w0BDmYTl2BnJ8oHPstHfiWwTARgdU-J1C1WAozD-nc&freq=0&nojs=0&abvar=0&febuild=1.0.221&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=7430613979675648&tuid=7357371852424214022&eclog=0&im=0&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22123%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22123%22&chf=%22Google%20Chrome%22;v=%22123.0.6312.122%22,%20%22Not:A-Brand%22;v=%228.0.0.0%22,%20%22Chromium%22;v=%22123.0.6312.122%22&chm=false&chmd=&chp=Win32&chv=10.0.0&pload=147 Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:25 GMT x-route-id stats.impression server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 content-type image/gif
GET H2	200	chicken.gif t7cp4fldl.com/ Frame E183	43 B 479 B	29ms 29ms	Image image/gif	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://t7cp4fldl.com/chicken.gif?z=2020621&pb=7962fefa545c09b03d8ff81a7e1215881713028824&psp=GDP4rMRGC0cPjPVd0PdHo_qMx_HgHovfDEBJja8-7nKaDVxBAb_fH3FDqGjxvsrIMu5x5OM3FtNRaxJnEBCvjZw58o3MYIoLNeo4qOBIwmvMcaHV1OFns3DzzBgEBcFp-LJq-RHPzwDMDQVlTrWFIq28xP6Qg2McGW9PxImvJogRGW3MPvQSkTta2GqFe_s_pAQTRIjtyCDulN7byRkyGy_EDvmSKrBfhGRNvQhPijbmdCX0yrG8ebeiqOWyAu7buqg-BiWGFR3z9975yfU5E8eoWRylpQLfiOhXq9vjodfUiQm4va-_n3MPcSNnwtfXJAPypIQ7AJc2ydpeObvt4EXh8ffjHtLpoo7wJEdXkiwf7SE88jRPjIuR9xpsnKoAcQmh1IanH08WypL1jmSpxBkwYPZtY2bn5DsrlTyaFgsIFi9Ho56QORF3K7tIBArvnOF7xPsMcOdv1934_iO9Mc9v4aZpJTzkiEUUwtXF4k2BCS1vs33Pyk25FJ1JPqQMawmUe1lZYhoJ5Udniad5muV9W0MmAKco6eFFOwQyn_IrivpoWc0Wf6-lR3kIs45Er_Sq5ciGQ2BFiLE8tHuh&freq=0&nojs=0&abvar=0&febuild=1.0.221&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=6023239096089088&tuid=7357371852424214022&eclog=0&im=0&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22123%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22123%22&chf=%22Google%20Chrome%22;v=%22123.0.6312.122%22,%20%22Not:A-Brand%22;v=%228.0.0.0%22,%20%22Chromium%22;v=%22123.0.6312.122%22&chm=false&chmd=&chp=Win32&chv=10.0.0&pload=125 Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:25 GMT x-route-id stats.impression server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 content-type image/gif
POST H2	200	solid.gif jfjle4g5l.com/	43 B 638 B	28ms 28ms	Ping image/gif	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://jfjle4g5l.com/solid.gif?z=1967345&nojs=0&abvar=0&febuild=1.0.221&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=2645539375638016&tuid=7357371852424214022&eclog=0&im=0&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22123%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22123%22&chf=%22Google%20Chrome%22;v=%22123.0.6312.122%22,%20%22Not:A-Brand%22;v=%228.0.0.0%22,%20%22Chromium%22;v=%22123.0.6312.122%22&chm=false&chmd=&chp=Win32&chv=10.0.0 Requested by Host: jfjle4g5l.com URL: https://jfjle4g5l.com/aas/r45d/vki/1967345/tghr.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:25 GMT x-route-id stats.tag.loaded server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 content-type image/gif
GET H2	200	1967345 Show response jfjle4g5l.com/get/	37 B 682 B	26ms 26ms	Script text/javascript	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://jfjle4g5l.com/get/1967345?zoneid=1967345&jp=_clweubk9et76299l3ooe66&nojs=0&abvar=0&febuild=1.0.221&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=2645539375638016&tuid=7357371852424214022&eclog=0&im=0&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22123%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22123%22&chf=%22Google%20Chrome%22;v=%22123.0.6312.122%22,%20%22Not:A-Brand%22;v=%228.0.0.0%22,%20%22Chromium%22;v=%22123.0.6312.122%22&chm=false&chmd=&chp=Win32&chv=10.0.0&uf=0 Requested by Host: jfjle4g5l.com URL: https://jfjle4g5l.com/aas/r45d/vki/1967345/tghr.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:25 GMT content-encoding gzip server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript x-route-id config timing-allow-origin *
GET H2	200	PicsArt_01-15-10.png 1.bp.blogspot.com/-T81u07vc0kU/YAOHfUkvjuI/AAAAAAAAABY/uv1ieVKXmdQ7ole9kpIzR14ubYxJIv1vgCLcBGAsYHQ/s0/	41 KB 41 KB	77ms 22ms	Other image/png	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://1.bp.blogspot.com/-T81u07vc0kU/YAOHfUkvjuI/AAAAAAAAABY/uv1ieVKXmdQ7ole9kpIzR14ubYxJIv1vgCLcBGAsYHQ/s0/PicsArt_01-15-10.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 7222363d264e1b7d3aa985af305855ae4f89e4c1994e69d38db60a1451114d17 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 13:09:23 GMT x-content-type-options nosniff age 7862 content-disposition inline;filename="PicsArt_01-15-10.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41711 x-xss-protection 0 server fife etag "v17" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Sun, 14 Apr 2024 13:09:23 GMT
GET H3	200	thuoc-doc-1708792660.jpg img.imgdualeo.com/upload/	22 KB 22 KB	33ms 33ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/upload/thuoc-doc-1708792660.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2441fa96721b1d46bfb8614e50c53b2bde337b6de73b47cf88dbf7da2231add3 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:25 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 60422 cf-polished origSize=23363 alt-svc h3=":443"; ma=86400 content-length 22213 cf-bgj imgq:100,h2pri last-modified Sat, 24 Feb 2024 16:37:40 GMT server cloudflare etag "5b43-65da1b54-404e69e;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F9SdUvEBgqMvV05Ai2HQ3gBzrNv5hQnf5Ox1l2p7RTmvXjZssV1IxQrx8MwVT5ecpsDsui8hBMkExmmNwLGKOzGFqETXZ6dHeicuAuH0jyoG%2FoRSklUZBs2f%2BVwulKbh8Uqu"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70a5cd9d1ac7-FRA expires Tue, 09 Apr 2024 20:16:52 GMT
GET H2	200	whob.gif t7cp4fldl.com/ Frame E183	43 B 480 B	27ms 26ms	Image image/gif	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://t7cp4fldl.com/whob.gif?z=2020621&pb=7962fefa545c09b03d8ff81a7e1215881713028824&psp=GDP4rMRGC0cPjPVd0PdHo_qMx_HgHovfDEBJja8-7nKaDVxBAb_fH3FDqGjxvsrIMu5x5OM3FtNRaxJnEBCvjZw58o3MYIoLNeo4qOBIwmvMcaHV1OFns3DzzBgEBcFp-LJq-RHPzwDMDQVlTrWFIq28xP6Qg2McGW9PxImvJogRGW3MPvQSkTta2GqFe_s_pAQTRIjtyCDulN7byRkyGy_EDvmSKrBfhGRNvQhPijbmdCX0yrG8ebeiqOWyAu7buqg-BiWGFR3z9975yfU5E8eoWRylpQLfiOhXq9vjodfUiQm4va-_n3MPcSNnwtfXJAPypIQ7AJc2ydpeObvt4EXh8ffjHtLpoo7wJEdXkiwf7SE88jRPjIuR9xpsnKoAcQmh1IanH08WypL1jmSpxBkwYPZtY2bn5DsrlTyaFgsIFi9Ho56QORF3K7tIBArvnOF7xPsMcOdv1934_iO9Mc9v4aZpJTzkiEUUwtXF4k2BCS1vs33Pyk25FJ1JPqQMawmUe1lZYhoJ5Udniad5muV9W0MmAKco6eFFOwQyn_IrivpoWc0Wf6-lR3kIs45Er_Sq5ciGQ2BFiLE8tHuh&freq=0&nojs=0&abvar=0&febuild=1.0.221&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=6023239096089088&tuid=7357371852424214022&eclog=0&im=0&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22123%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22123%22&chf=%22Google%20Chrome%22;v=%22123.0.6312.122%22,%20%22Not:A-Brand%22;v=%228.0.0.0%22,%20%22Chromium%22;v=%22123.0.6312.122%22&chm=false&chmd=&chp=Win32&chv=10.0.0&pload=125 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:25 GMT x-route-id stats.banner.view server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 content-type image/gif
GET H2	200	whob.gif t7cp4fldl.com/ Frame 17E2	43 B 480 B	27ms 27ms	Image image/gif	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://t7cp4fldl.com/whob.gif?z=2020620&pb=7962fefa545c09b03d8ff81a7e1215881713028824&psp=ZtU6KtkIxw94mAB5UpSEtyNy_yUIUYy0rXRRum3kMnQphb4wGAwa4Wvrb9NulcJeL7I6I6soIC-bmYU6bPD97iZJgavKm2xLQPA0uKGGgIcvCUOs3TJ6nQ2cheFEPMZItoOEkNEdZ5e7Jn4PGUNn_1JGZX_kGE9ip_fiGjUXbKt6HYvKo4pBdUXMk3D2YmGXNP7OsBSVMnvbBzYiLDhhaAgiJTYvbggtfELTEgM3kALGB-_sNI1XqlGsFZ0ESzkTrw4HGxrmja-iqVBoR2V99rRLO1bVre__DTBjuholVs2PALeOu-YUIUJmxk4J1JnO9BNCYhRw0R50zP4oaeJaxi5J_4MyYwMS6zhPaK51T9eeTKEutc_NZHzFHkg8GDluAzxPLBC4eTr_Up4hUSnWBdIODcVb0iMJTrx9Mx9_YzrtVMyIJt1auN6IsxPqBCKrsNd85xaEw7FAPnFO_6XuCp5vxMU8zV7NvUayAJOZJ2L6YIh6TJ4VpTH6MZ-fPyB97yloPUnSKJU7nJB7s8yJQOblPTqTWer-l8qJ2pBlx_w0BDmYTl2BnJ8oHPstHfiWwTARgdU-J1C1WAozD-nc&freq=0&nojs=0&abvar=0&febuild=1.0.221&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=7430613979675648&tuid=7357371852424214022&eclog=0&im=0&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22123%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22123%22&chf=%22Google%20Chrome%22;v=%22123.0.6312.122%22,%20%22Not:A-Brand%22;v=%228.0.0.0%22,%20%22Chromium%22;v=%22123.0.6312.122%22&chm=false&chmd=&chp=Win32&chv=10.0.0&pload=147 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:25 GMT x-route-id stats.banner.view server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 content-type image/gif
GET H3	200	oneshot-ich-ich-1713013472.jpg img.imgdualeo.com/upbia/	301 KB 301 KB	51ms 51ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/upbia/oneshot-ich-ich-1713013472.jpg Requested by Host: dualeotruyenkq.com URL: https://dualeotruyenkq.com/js/lazy.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c74fc91ed649e1bdb66265d9f0a2c894ee54dec7f75a3c8fe944a53361a2edb Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:26 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 7864 cf-polished origSize=313301 alt-svc h3=":443"; ma=86400 content-length 308014 cf-bgj imgq:100,h2pri last-modified Sat, 13 Apr 2024 13:04:33 GMT server cloudflare etag "4c7d5-661a82e1-206956b;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BtR0OXK%2Ft4sNVeXEfc3A9XYeSLJa6gRJ7g1HAHU4dv3d%2BCABNtbnfjqQ4tTpiSKcs0j5Ib6RSpDPWz5FkSrKlwao70ACbXpXTri%2BMaRQVuVZvKWJnmoN1PuCX7qQpjeAYeKS"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70abbcb51ac7-FRA expires Sat, 20 Apr 2024 13:04:37 GMT
GET H3	200	huu-danh-1701858959.jpg img.imgdualeo.com/upload/	25 KB 26 KB	29ms 28ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/upload/huu-danh-1701858959.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 25ee3ead6f1784e299ab4ddeb539ab580418d6ef2ecc41881c8846734e388057 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:26 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 407085 cf-polished origSize=26750 alt-svc h3=":443"; ma=86400 content-length 25601 cf-bgj imgq:100,h2pri last-modified Wed, 06 Dec 2023 10:35:59 GMT server cloudflare etag "687e-65704e8f-404266a;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MG%2BEoTTNT0lpF3xxD3C0lX%2B5N%2FSyr6mtngpe7kkPVYpZc001OE7%2BIXGv21vpA8Xb5gupJHmVmAkhUoH1aIraMiN17jebBexzftFrmehtmQz%2Fed9JtEaG%2FRc2Jy5TB%2BOJKWQG"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70abbcb61ac7-FRA expires Tue, 09 Apr 2024 20:17:48 GMT
GET H3	200	dich-vu-van-chuyen-inma-1709900834u0B8etV.jpeg img.imgdualeo.com/bia/	451 KB 452 KB	32ms 31ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/bia/dich-vu-van-chuyen-inma-1709900834u0B8etV.jpeg Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b49f17ebc3ede9d634021512c1b0c9041fe58bcce317ff5216f04fd747bcc9fc Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:26 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 7864 cf-polished origSize=481886 alt-svc h3=":443"; ma=86400 content-length 461973 cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 12:27:14 GMT server cloudflare etag "75a5e-65eb0422-4406270;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XvRKM88LyJAvyQorgUuUpP6v6x9xCFv34TpS2qBWFT8JCD%2Bk8mJGFf29bR3smJ5RwhA3yXIbfFsOfv5TUJ5sZO%2BQRjXxJh0H5xHgpUTfNS8IKwr5Bp%2BkvPCoD6rH0iEihMbF"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70abbcb71ac7-FRA expires Tue, 09 Apr 2024 17:19:11 GMT
GET H3	200	boy-love-fan-book-1712238896.jpg img.imgdualeo.com/upbia/	812 KB 813 KB	28ms 28ms	Image image/jpeg	172.67.71.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgdualeo.com/upbia/boy-love-fan-book-1712238896.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1bd3a99d9c840cf005ffb4412822bed2e5c30690c934cb732c158e514a24d33c Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://dualeotruyenkq.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 15:20:26 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 60406 cf-polished origSize=868773 alt-svc h3=":443"; ma=86400 content-length 831309 cf-bgj imgq:100,h2pri last-modified Thu, 04 Apr 2024 13:54:56 GMT server cloudflare etag "d41a5-660eb130-2055f1d;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8qpRg4wG%2F6lNMac2qp4cO4vXyBWs8ohQo%2FayuFTXnP6gwNbG3yhpPfUvFLq84WSZYS%2FCnK4Vm7wjtvI%2BJxCuAuOWcfnP6yjXOoBrwCm%2BIrwmwFCNnVk%2F%2BJ1E1TJttV46WOoy"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2678400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 873c70acadba1ac7-FRA expires Thu, 11 Apr 2024 13:55:07 GMT