tinhlinh.com Open in urlscan Pro
2606:4700:3031::ac43:d050 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Submission: On May 19 via api (May 19th 2023, 5:26:05 am UTC) from US — Scanned from DE

Summary HTTP 132 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 34 IPs in 8 countries across 31 domains to perform 132 HTTP transactions. The main IP is 2606:4700:3031::ac43:d050, located in United States and belongs to CLOUDFLARENET, US. The main domain is tinhlinh.com. The Cisco Umbrella rank of the primary domain is 877514.
TLS certificate: Issued by GTS CA 1P5 on May 11th 2023. Valid for: 3 months.

This is the only time tinhlinh.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:303... 2606:4700:3031::ac43:d050	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
14	2606:4700::68... 2606:4700::6812:82e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:303... 2606:4700:3037::ac43:bec0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	67.26.111.249 67.26.111.249	3356 (LEVEL3) (LEVEL3)
1	2a00:1450:400... 2a00:1450:400c:c09::9d	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	78.46.97.249 78.46.97.249	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6812:a14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	8.248.93.249 8.248.93.249	3356 (LEVEL3) (LEVEL3)
1	2606:4700::68... 2606:4700::6812:d2d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	136.243.83.47 136.243.83.47	24940 (HETZNER-AS) (HETZNER-AS)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
17	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
7	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	3.77.69.115 3.77.69.115	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:5a44:5959:c4a0:ed6b	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	27.124.40.253 27.124.40.253	() ()
1	27.124.34.13 27.124.34.13	64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN)
132	34

9 2606:4700:3031::ac43:d050 (United States)

ASN13335 (CLOUDFLARENET, US)

tinhlinh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6812:82e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3037::ac43:bec0 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
exchange.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.26.111.249 (United States)

ASN3356 (LEVEL3, US)

cdn.runative-syndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.97.249 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.249.97.46.78.clients.your-server.de

run-syndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:a14 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.248.93.249 (United States)

ASN3356 (LEVEL3, US)

lcdn.tsyndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d2d (United States)

ASN13335 (CLOUDFLARENET, US)

cl.imghosts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.83.47 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.47.83.243.136.clients.your-server.de

pxl.tsyndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.77.69.115 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-69-115.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:5a44:5959:c4a0:ed6b (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.237 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 27.124.40.253 (None, )

ASN- ()

imgyn.imageshh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 27.124.34.13 (Singapore)

ASN64050 (BCPL-SG BGPNET Global ASN, SG)

pic.picnewss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 tpc.googlesyndication.com — Cisco Umbrella Rank: 132	369 KB
17	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	101 KB
14	adskeeper.com jsc.adskeeper.com — Cisco Umbrella Rank: 35744 c.adskeeper.com — Cisco Umbrella Rank: 27369 servicer.adskeeper.com — Cisco Umbrella Rank: 34982 s-img.adskeeper.com — Cisco Umbrella Rank: 27177 cm.adskeeper.com — Cisco Umbrella Rank: 37999	247 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com	286 KB
9	tinhlinh.com tinhlinh.com — Cisco Umbrella Rank: 877514	530 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	1 KB
6	adtrue.com cdn.adtrue.com — Cisco Umbrella Rank: 307599 exchange.adtrue.com — Cisco Umbrella Rank: 233413 track.adtrue.com — Cisco Umbrella Rank: 231358	105 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	318 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2230	41 KB
3	tsyndicate.com lcdn.tsyndicate.com — Cisco Umbrella Rank: 14362 pxl.tsyndicate.com — Cisco Umbrella Rank: 17204	13 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431	2 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 562	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	106 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 9037 www.google.de — Cisco Umbrella Rank: 6080	986 B
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 13287	3 KB
1	picnewss.com pic.picnewss.com
1	imageshh.com imgyn.imageshh.com
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 315	459 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 423	713 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 306	265 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 482	875 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	22 KB
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 492	63 KB
1	imghosts.com cl.imghosts.com — Cisco Umbrella Rank: 11871	289 KB
1	adskeeper.co.uk cdn.adskeeper.co.uk — Cisco Umbrella Rank: 37295	1 KB
1	run-syndicate.com run-syndicate.com — Cisco Umbrella Rank: 43464	4 KB
1	runative-syndicate.com cdn.runative-syndicate.com — Cisco Umbrella Rank: 42223	3 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 902	605 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 875	7 KB
132	31

	Domain	Requested by
17	tpc.googlesyndication.com	googleads.g.doubleclick.net tinhlinh.com tpc.googlesyndication.com pagead2.googlesyndication.com
13	pagead2.googlesyndication.com	tinhlinh.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	fonts.gstatic.com	fonts.googleapis.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googletagmanager.com googleads.g.doubleclick.net tinhlinh.com
9	tinhlinh.com	tinhlinh.com static.cloudflareinsights.com
7	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	www.google.com	1 redirects tinhlinh.com googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.googletagmanager.com	tinhlinh.com www.googletagmanager.com track.adtrue.com
4	jsc.adskeeper.com	tinhlinh.com jsc.adskeeper.com
3	s-img.adskeeper.com	tinhlinh.com
3	c.adskeeper.com	jsc.adskeeper.com tinhlinh.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	cdn.adtrue.com	tinhlinh.com exchange.adtrue.com
3	fonts.googleapis.com	tinhlinh.com googleads.g.doubleclick.net tpc.googlesyndication.com
2	ssum-sec.casalemedia.com	2 redirects
2	c1.adform.net	2 redirects
2	x.bidswitch.net	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net
2	cm.adskeeper.com	jsc.adskeeper.com
2	lcdn.tsyndicate.com	tinhlinh.com
2	servicer.adskeeper.com	jsc.adskeeper.com
2	exchange.adtrue.com	tinhlinh.com cdn.adtrue.com
2	images.dmca.com	tinhlinh.com
1	pic.picnewss.com
1	imgyn.imageshh.com
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	sync.mathtag.com	1 redirects
1	s0.2mdn.net	tpc.googlesyndication.com
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	ads.pubmatic.com	jsc.adskeeper.com
1	pxl.tsyndicate.com	run-syndicate.com
1	cl.imghosts.com	tinhlinh.com
1	cdn.adskeeper.co.uk	tinhlinh.com
1	run-syndicate.com	cdn.runative-syndicate.com
1	www.google.de	tinhlinh.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.runative-syndicate.com	exchange.adtrue.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	track.adtrue.com	exchange.adtrue.com
1	static.cloudflareinsights.com	tinhlinh.com
132	47

This site contains links to these domains. Also see Links.

Domain
anhtinh.com
www.facebook.com
www.i9bet64.com
www.dmca.com

Subject Issuer	Validity	Valid
tinhlinh.com GTS CA 1P5	`2023-05-11` - `2023-08-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-26` - `2024-04-25`	a year	crt.sh
adtrue.com GTS CA 1P5	`2023-05-09` - `2023-08-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
images.dmca.com R3	`2023-05-13` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
cdn.runative-syndicate.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-27` - `2023-07-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
run-syndicate.com R3	`2023-05-12` - `2023-08-10`	3 months	crt.sh
lcdn.tsyndicate.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
tsyndicate.com R3	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
imgyn.imageshh.com Buypass Class 2 CA 5	`2022-12-08` - `2023-06-05`	6 months	crt.sh
pic.picnewss.com Buypass Class 2 CA 5	`2023-04-12` - `2023-10-08`	6 months	crt.sh

This page contains 17 frames:

Primary Page: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Frame ID: 23558E62A4104061E9AE3114D211BF9B
Requests: 65 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=42852&ref=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&cb=1816446520&timeZone=0&adWidth=300&adHeight=250&loc=https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Frame ID: C2FCB3F8AD0DF96A2316B4420D55A249
Requests: 2 HTTP requests in this frame

Frame: https://track.adtrue.com/track/request?pzoneid=42852&domain=tinhlinh.com&ref=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&loc=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338
Frame ID: FCE5CCFC9E4D793E24727D6DB7AB6A70
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html
Frame ID: 60917C18237A829E48127D639541B33D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: D7E5246A63CCAC515F474094A9C6E25C
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769985121555172&output=html&h=600&slotname=4871745977&adk=3634746047&adf=4055985674&pi=t.ma~as.4871745977&w=263&fwrn=4&fwrnh=100&lmt=1684473956&rafmt=1&format=263x600&url=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684473956014&bpp=6&bdt=329&idt=275&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&correlator=5671118038179&frm=20&pv=2&ga_vid=1062980496.1684473956&ga_sid=1684473956&ga_hid=1660820557&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=479&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31074602%2C31074718%2C44772269%2C44785292%2C44788441%2C44792089&oid=2&pvsid=279692053522632&tmod=18473906&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xxYP0kVxeE&p=https%3A//tinhlinh.com&dtd=292
Frame ID: 911EAD73A149763CC0BA3999AF5C584D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769985121555172&output=html&h=200&slotname=7244969317&adk=3892851548&adf=816512716&pi=t.ma~as.7244969317&w=848&fwrn=4&lmt=1684473956&rafmt=11&format=848x200&url=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684473956020&bpp=1&bdt=335&idt=313&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=263x600&correlator=5671118038179&frm=20&pv=1&ga_vid=1062980496.1684473956&ga_sid=1684473956&ga_hid=1660820557&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=523&ady=728&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31074602%2C31074718%2C44772269%2C44785292%2C44788441%2C44792089&oid=2&pvsid=279692053522632&tmod=18473906&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ouqcxlh3eh&p=https%3A//tinhlinh.com&dtd=316
Frame ID: 55524AA479E19DF038D1C2658AB84F6C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769985121555172&output=html&adk=1812271804&adf=3025194257&lmt=1684473956&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684473956044&bpp=2&bdt=359&idt=306&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=263x600%2C848x200&nras=1&correlator=5671118038179&frm=20&pv=1&ga_vid=1062980496.1684473956&ga_sid=1684473956&ga_hid=1660820557&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31074602%2C31074718%2C44772269%2C44785292%2C44788441%2C44792089&oid=2&pvsid=279692053522632&tmod=18473906&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=318
Frame ID: 8E2F16573878CB171A08FDFA8B275053
Requests: 1 HTTP requests in this frame

Frame: https://run-syndicate.com/iframes2/e259ae948f60469ea618297f84fe446a.html?&adb=0&clientjs=1&w=1600&h=1200
Frame ID: A58AA327AB7ED33C3D056DB02EDB0251
Requests: 4 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1684473956849444526665
Frame ID: 4B90626FE090F868CE182E5C23217577
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/993174632274146617/index.html
Frame ID: F7FBD8D589A2800193E2F9B850DE6B39
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CnOtPZAhnZISqF_LDxtYPtYym6A7Ki5GrcN-Z-rqNEcCNtwEQASCd0MR6YJXikIKgB6ABxvrSuQPIAQmpAsba8cf4DbI-qAMByANIqgTmAU_QiBO8p09BQg012PA2-wYuCkrbnDm55u30sFCveKBX8gTYgWkS8pynSiJrST8GV3phZGQMMUGer1Tc_bQa5wrDA2iOdsA1-AXy3DerzRNj-r5eDoPrV4KJNpmapcH6x9j-EeU1a9JomM1lsQiqLnYWldl6i2nwjx_He9NxiFN8XGqDIFvxsLoPj3e1VQ_lP2Q7JUqBgXHkQYQ6RZXXcZoadVARGD9KcsODnSXEyfbToy5GD9FDioPbMAJcLRp5xeW4PU_gNa-cGpAheWAxGs-x-pWlupc8y9nVpfadVxFBdAgAYR3YwAS3mam5owSSBQQIBBgBkgUECAUYBKAGLoAHusffIKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEODqKdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItOTc2OTk4NTEyMTU1NTE3MhgA&sigh=Vt4bpRMq1sE&uach_m=[UACH]&cid=CAQSKQBygQiDW1LKUEHYstv7VIbRwrdDXvQZ0Bmps-eugwp-IJ48vV_qwVKoGAE&template_id=419
Frame ID: 0AE7477A098B5F29C5A39A11AB007454
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 13B010ACDEF5D8BB3707F19878244076
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 245A44A4FDDA75636BF2734CA568A002
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Frame ID: FED1FE96DCBDB505E1CEC955C4F5E537
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5F4E439953BA9E69E369A9F3F68CF3AA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 660D2C918346B34D76E6E80C80BAFE97
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Khôn Ninh - Chương 168: Công chúa cải biến

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

132
Requests

91 %
HTTPS

62 %
IPv6

31
Domains

47
Subdomains

34
IPs

8
Countries

2514 kB
Transfer

5646 kB
Size

25
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://anhtinh.com/?utm_source=partner&utm_medium=tinhlinh&utm_campaign=header
Title: Truyện tranh

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/tinhlinh/
Title: Tham gia group thảo luận về truyện

Search URL Search Domain Scan URL

URL: https://www.i9bet64.com/Register?a=155

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=779fa025-f444-420e-b222-1f65ef84a1a3&refurl=https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 103

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 104

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENxzM27KWDN-GN0f6rY5c5I&google_cver=1&google_push=ATf1kGOlCDHx6D47PUB20BBHDbmhr2lMR9pfuWzjvazW_BNOxhNhiZ5wW8Ji8PPvpO_sbMOPeUTXVTdzey2fZ7_hqfWE6yvvzfRmIw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOlCDHx6D47PUB20BBHDbmhr2lMR9pfuWzjvazW_BNOxhNhiZ5wW8Ji8PPvpO_sbMOPeUTXVTdzey2fZ7_hqfWE6yvvzfRmIw

Request Chain 106

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELnZTI6nELt-ur4yKacMPi8&google_cver=1&google_push=ATf1kGOZkg9iX3suinjRvENR5BSxYPS2BMbLTDImPMT3WA_NC0JkjZF2ySi4V6ESmV_Gd6uacOFDTRO8IxGoDG-_hVS0hljHw22xVA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELnZTI6nELt-ur4yKacMPi8&google_cver=1&google_push=ATf1kGOZkg9iX3suinjRvENR5BSxYPS2BMbLTDImPMT3WA_NC0JkjZF2ySi4V6ESmV_Gd6uacOFDTRO8IxGoDG-_hVS0hljHw22xVA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOZkg9iX3suinjRvENR5BSxYPS2BMbLTDImPMT3WA_NC0JkjZF2ySi4V6ESmV_Gd6uacOFDTRO8IxGoDG-_hVS0hljHw22xVA&google_hm=gHK5iWCoR3uX8mfHvvJDcg==

Request Chain 107

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEP-w0qcFpRFPri0xKAMfnKY&google_cver=1&google_push=ATf1kGOn00HryTWuat4iJnWvClzV7PAm7i44gmdsp5E2k5tDQN8TPGGpImI7BNFpHF064GsCyoGC6NSyOebxOjXO2B7LR01gf2tFIA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOn00HryTWuat4iJnWvClzV7PAm7i44gmdsp5E2k5tDQN8TPGGpImI7BNFpHF064GsCyoGC6NSyOebxOjXO2B7LR01gf2tFIA&google_hm=eS1PNGlXdVp0RTJwRjJZd2tQRFRvSlBoOTd6d204bHdkc35B

Request Chain 108

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIx0SChkVzRjZYRUAMzjKos&google_cver=1&google_push=ATf1kGNgn4nU71OxevDh2xxGbiYVQ9Hi7yZ2uzO9YRVteyj4aKzxEHXTeGHRCJAryP-6MR3hRec4DkMhV9CSzioYZa81jaCtG67xeQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIx0SChkVzRjZYRUAMzjKos&google_cver=1&google_push=ATf1kGNgn4nU71OxevDh2xxGbiYVQ9Hi7yZ2uzO9YRVteyj4aKzxEHXTeGHRCJAryP-6MR3hRec4DkMhV9CSzioYZa81jaCtG67xeQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE4MzY4NTMyMTI3NTA4NTMyMA&google_push=ATf1kGNgn4nU71OxevDh2xxGbiYVQ9Hi7yZ2uzO9YRVteyj4aKzxEHXTeGHRCJAryP-6MR3hRec4DkMhV9CSzioYZa81jaCtG67xeQ

Request Chain 109

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKfNpaPO5lEHKde2Rqy3_OY&google_cver=1&google_push=ATf1kGMoGO-4cfH4VuYmfk6csXCB_78Axq27wKXGXhLpGeAyhRpJiFaIdxBbqxShedusTWAyOsFhm9GSjLF8MwJHv7hedKHEMW53HA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhVNEFWVzAtSi1GVEYw&google_push=ATf1kGMoGO-4cfH4VuYmfk6csXCB_78Axq27wKXGXhLpGeAyhRpJiFaIdxBbqxShedusTWAyOsFhm9GSjLF8MwJHv7hedKHEMW53HA

Request Chain 110

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENFUb_xj73TapftiLXflyoM&google_cver=1&google_push=ATf1kGPo6OD2Zp7NetY3MGsUzkCq1ch4sbo9asrKomy9md2FjX4mVA3JJvNqFePlzGvtItLZsneX-U_qN6yD74lCIJS0KrfLzfkrbg HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENFUb_xj73TapftiLXflyoM&google_push=ATf1kGPo6OD2Zp7NetY3MGsUzkCq1ch4sbo9asrKomy9md2FjX4mVA3JJvNqFePlzGvtItLZsneX-U_qN6yD74lCIJS0KrfLzfkrbg&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENFUb_xj73TapftiLXflyoM&google_hm=ZGcIZSVDIgc1s_O7imntVwAACJwAAAIB&google_nid=index&google_push=ATf1kGPo6OD2Zp7NetY3MGsUzkCq1ch4sbo9asrKomy9md2FjX4mVA3JJvNqFePlzGvtItLZsneX-U_qN6yD74lCIJS0KrfLzfkrbg

132 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 6b373538343338 Show response
tinhlinh.com/truyen/khon-ninh/chuong-168/ 49 KB
12 KB 416ms
363ms Document
text/html 2606:4700:3031::ac43:d050
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d050 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ff3bdd90149c1c708fe3438b3500125256c27111477426eba2abbd6387bac75

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7c99ec0cbd90bb9e-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 19 May 2023 05:25:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fdPu38iXlJPspsT61zLifcsU6F9kIWq0DC68ebZ7B8xP8qbKkziHYYjLToF06%2Fokrm0n%2Fez09T%2Byx%2FHCevao6MSX6Wdht%2Fhj9QdCUINvmovM10T31HRh%2FiQs99u%2BNTadbaorHbe5VeHods%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 136ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,400;0,500;0,700;1,400&display=swap

Requested by

Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99fb608d2a1518e7f97fb29af98274e8778ed73f18cb8dca72f1e3f750a11295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tinhlinh.com/
Origin: https://tinhlinh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 May 2023 05:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 May 2023 05:25:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 May 2023 05:25:55 GMT

GET
H2 200 main.min.css
tinhlinh.com/static/css/ 323 KB
47 KB 42ms
39ms Stylesheet
text/css 2606:4700:3031::ac43:d050
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhlinh.com/static/css/main.min.css?v=1.5
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d050 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01a3658e7676f1c3d4dd6c862015edc8636759c0b2f72796c9aa30cd3db3263a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 27 Aug 2022 09:50:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 551505
etag: W/"6309e8d8-50aa0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEbjgVAcVnALjqSWtRACXdva5KZxvPKdUFi3Z7R%2FyISu3GDy7NjBGDp1e9OsaRyZt5j%2Bw%2F2j77VVtKsrtLiygcgrqFTfr%2BOBHl1taDZYVT00%2B00X3FYQ9QUvInznLd315ofVmrhHwT%2Bmtkc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7c99ec0f1fdbbb9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 11 May 2024 20:14:10 GMT

GET
H2 200 fontawesome-webfont.ttf
tinhlinh.com/static/fonts/ 162 KB
162 KB 39ms
37ms Font
application/octet-stream 2606:4700:3031::ac43:d050
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhlinh.com/static/fonts/fontawesome-webfont.ttf?v=4.7.0
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d050 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8

Request headers

Referer: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Origin: https://tinhlinh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 402479
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 165548
last-modified: Thu, 30 Dec 2021 17:33:58 GMT
server: cloudflare
etag: "61cded86-286ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkAE%2F5D4MxyCWqBwN3qKBKMvih6spP9IZWZuEzYyJMKv9DL%2B6Xgi45auwdE%2FMWmvDk9DcVbVp4sL6EII2qff6mwXZoP7ZGGVrBrzMqArHzhyDH2Pz2khR7sadU2XSt%2FFkentLax7GoiY5QI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c99ec0f1fdebb9e-FRA
expires: Mon, 13 May 2024 13:37:56 GMT

GET
H2 200 fontawesome-webfont.woff
tinhlinh.com/static/fonts/ 96 KB
96 KB 38ms
36ms Font
font/woff 2606:4700:3031::ac43:d050
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhlinh.com/static/fonts/fontawesome-webfont.woff?v=4.7.0
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d050 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Origin: https://tinhlinh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1499670
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 98024
last-modified: Thu, 30 Dec 2021 17:33:58 GMT
server: cloudflare
etag: "61cded86-17ee8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6W1Z5KzuzDcYGkZ3CMWUaPJv0MGqZMQkAXVv9IL1xJUvoOpPgAL8EMJASACWWROn7gSD5HkSlFal6LczpBHHmqVGEWRjs2hIds3xovXWru1aO0%2FSxmx1wv%2FqiJpkPtMyYFbkw439AMMq%2BmM%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c99ec0f1fdfbb9e-FRA
expires: Tue, 30 Apr 2024 20:51:25 GMT

GET
H2 200 fontawesome-webfont.woff2
tinhlinh.com/static/fonts/ 75 KB
76 KB 23ms
21ms Font
font/woff2 2606:4700:3031::ac43:d050
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhlinh.com/static/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d050 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Origin: https://tinhlinh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1499670
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Thu, 30 Dec 2021 17:33:58 GMT
server: cloudflare
etag: "61cded86-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUsKuhaHgWU9l1O1W%2Bd%2F37jAIpBoUZcjKpbVQqTcvjOBNKBAU%2BhZQjYG%2FglQOMblA1avjRvjL92jgaQyJFQG83hiIzHq1mok8q0%2FmV0tHhn7RYaqUXJIMfPMaLmHpILw9R8ILI9Pw9u2Wfg%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c99ec0f1fe0bb9e-FRA
expires: Tue, 30 Apr 2024 20:51:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 120 KB
47 KB 139ms
53ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-152638533-1

Requested by

Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

74afa359b8556b0a3ad19d1432663549c3b6d7ed8a79aa3cdccc892820f0df68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47579
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 19 May 2023 05:25:55 GMT

GET
H3 200 logo.png
tinhlinh.com/static/images/ 3 KB
4 KB 15ms
14ms Image
image/png 2606:4700:3031::ac43:d050
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinhlinh.com/static/images/logo.png
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d050 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63aa0ad4540bd47d0549899212b27ea59ae3d90787caf1d8a13474b63ba718ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121864
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3351
last-modified: Thu, 30 Dec 2021 17:33:58 GMT
server: cloudflare
etag: "61cded86-d17"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLAdUZkjI6rzJps7zsHftrEedOqblMGh1nU5SbxxX6ZtdbtjGjsF6f9HZqEbDymmjDoHBA%2F5CDx987VzrkAX5f8NXrRf0BQYrX389zAOjwr354bQ2Pp70lHTIYQ7QvpWgt0ju2gV6ynZweE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c99ec0f9afb920b-FRA
priority: u=3,i
expires: Thu, 16 May 2024 19:34:51 GMT

GET
H2 200 tinhlinh.com.1391118.js Show response
jsc.adskeeper.com/t/i/ 3 KB
1 KB 252ms
216ms Script
text/javascript 2606:4700::6812:82e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/t/i/tinhlinh.com.1391118.js
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7a12d8e7d177f90be724413a1e459b635e25879b1267acb3717fd2b0db5b8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
content-encoding: gzip
x-amz-version-id: VTa4cIzrrGaKeuvMcjE4yp7GTAcX3Q.g
cf-cache-status: REVALIDATED
x-amz-request-id: AWS0M5A7H42MVMKK
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1020
x-amz-id-2: Haw1Hfgu+fRyqWleqPwdKSh6vQPLVjJ1VPusopZf1TQwbAGYHNrua1Fuc0Te5Ska10vp86ehz7o=
last-modified: Thu, 11 May 2023 11:56:26 GMT
server: cloudflare
etag: "4837f8fc2d4a0e8081421a154342827d"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7c99ec0fdbd09137-FRA
expires: Fri, 19 May 2023 09:25:56 GMT

GET
H2 200 async.js Show response
cdn.adtrue.com/rtb/ 7 KB
3 KB 67ms
22ms Script
application/javascript 2606:4700:3037::ac43:bec0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/async.js
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bec0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14614432
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
server: cloudflare
etag: W/"5fb1d3ed-1c9f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xRW7zHvtAKUXdQtwaF2vznyovvAAHJ1G1GwCM2gpyB58Kp0oAYiys8SxS87NFZqKTxORyTkBADIrBv87dj3H2AcctYDGgUcc1LvVTk24bViCkbp%2BpCvvVRaE%2FlQBdbAcLuAODlnA5MIBQh4yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31104000
cf-ray: 7c99ec0fedcd697f-FRA
expires: Sun, 26 Nov 2023 01:52:03 GMT

GET
H2 200 tinhlinh.com.1391649.js Show response
jsc.adskeeper.com/t/i/ 3 KB
1 KB 266ms
230ms Script
text/javascript 2606:4700::6812:82e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/t/i/tinhlinh.com.1391649.js
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2fda30b4e941c0aa0a0f50e67e7d717ec4672582ca4dd3dd2b645a6ef3c4d4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
content-encoding: gzip
x-amz-version-id: Bf7qw0sv_2xFZSAl3XI9l1Bljx_HmsFd
cf-cache-status: REVALIDATED
x-amz-request-id: E7XTBT7K1FSHB1R6
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1020
x-amz-id-2: r/u3FBsU8g49A+htLonubQm/tCvO+F4tDgjdyMWlSalPoQATcxdXXChd54scKvWeoLLRhuPz1P0=
last-modified: Thu, 11 May 2023 11:58:17 GMT
server: cloudflare
etag: "f48a039938960e15f7f120e1285bb34c"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7c99ec0fdbd19137-FRA
expires: Fri, 19 May 2023 09:25:56 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
47 KB 173ms
87ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6dd5ecadccee176ede6978c7d9022c2517789e88051b9aeb13c06bdc1bc6bd48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47590
x-xss-protection: 0
server: cafe
etag: 9325911374406084117
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 May 2023 05:25:55 GMT

GET
H2 200 dmca_protected_sml_120n.png
images.dmca.com/Badges/ 2 KB
2 KB 57ms
16ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/dmca_protected_sml_120n.png?ID=779fa025-f444-420e-b222-1f65ef84a1a3
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 45ec09974d948120c9f97cbedd141f4fa8df876bd2206f0c41133ae3a13fdf13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:55 GMT
last-modified: Tue, 04 May 2010 23:19:10 GMT
server: Microsoft-IIS/10.0
etag: "a7af7333e0ebca1:0"
x-powered-by: ASP.NET
x-hw: 1684473955.cds291.am5.hn,1684473955.cds265.am5.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/dmca_protected_sml_120n.png>; rel="canonical"
content-length: 2060

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
585 B 58ms
18ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:55 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: Microsoft-IIS/10.0
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1684473955.cds291.am5.hn,1684473955.cds117.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 395

GET
H3 200 main.min.js Show response
tinhlinh.com/static/js/ 466 KB
131 KB 26ms
26ms Script
application/javascript 2606:4700:3031::ac43:d050
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhlinh.com/static/js/main.min.js?v=1.5
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d050 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e13d8fea7d93316cab725dee5e005995595797b3c48cf0e88d01c70a295c47cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 129413
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 30 Dec 2021 17:33:58 GMT
server: cloudflare
etag: W/"61cded86-748bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROjdKhpT5TmuyRSF3Skzp%2Fhiobrm89SI0JhIX6%2F8chGQiJHdYKbEHb9BvxoSEP7aBAHhwVYREd5%2BtWyfGMFv4wOFuNkA%2Ff%2BAaUP4CUzTlGSyajnRd04YwTxykPAggKu1ZgloYVod1yytzIw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 7c99ec0f8af2920b-FRA
priority: u=2,i=?0
expires: Thu, 16 May 2024 17:29:02 GMT

GET
H3 200 new.js Show response
tinhlinh.com/static/js/ 3 KB
2 KB 37ms
36ms Script
application/javascript 2606:4700:3031::ac43:d050
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tinhlinh.com/static/js/new.js?v=1.9
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d050 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf04f997802e3be6c3ce23cab7a5f70ee00403b418c435fe1333615752d51df0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 129413
cf-polished: origSize=2719
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 01 Apr 2023 13:07:20 GMT
server: cloudflare
etag: W/"64282c88-a9f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7uSf2H1nEtZvlg5tvlDYhUZVvhkFt6F8sKqGZwc8HMJp8YFmj0lkb4lwRo3LRws36QuvGMio5uzIrxCXKychJLbAiDpMCXT2HjnJ37%2B5zOQz0vyZRZNYIH4jxo6OUWzOUa9NyVOk7ie%2FRg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 7c99ec0f9afd920b-FRA
priority: u=3,i=?0
expires: Thu, 16 May 2024 17:29:02 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 89ms
63ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://tinhlinh.com/
Origin: https://tinhlinh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:55 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7c99ec0fccdc9183-FRA

GET
H2 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 24 KB
25 KB 125ms
39ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,400;0,500;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tinhlinh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:25:51 GMT
x-content-type-options: nosniff
age: 514804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24964
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 06:25:51 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnLK3eSRf6TF0.woff2
fonts.gstatic.com/s/firasans/v17/ 9 KB
9 KB 239ms
153ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnLK3eSRf6TF0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,400;0,500;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24c6b71c2c83664639c52d975c111afda22df32d4b81b98829a9a9237bd8581d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tinhlinh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 22:33:20 GMT
x-content-type-options: nosniff
age: 456755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8820
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 22:33:20 GMT

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
23 KB 160ms
77ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,400;0,500;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tinhlinh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:57:51 GMT
x-content-type-options: nosniff
age: 520084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23880
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 04:57:51 GMT

GET
H2 200 va9E4kDNxMZdWfMOD5VvmYjLeTY.woff2
fonts.gstatic.com/s/firasans/v17/ 42 KB
42 KB 219ms
136ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5VvmYjLeTY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,400;0,500;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ebb17b677b918c4153233c0e8a5f52882642fba0625aacc80477c2891e21914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tinhlinh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 11:53:30 GMT
x-content-type-options: nosniff
age: 495145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42736
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 11:53:30 GMT

GET
H2 200 va9E4kDNxMZdWfMOD5VvmIjLeTY.woff2
fonts.gstatic.com/s/firasans/v17/ 8 KB
8 KB 235ms
152ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5VvmIjLeTY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,400;0,500;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4ab47d9e7e3932f7cf71b3807798b82c5a902b5c2bf934d95969b0796d746bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tinhlinh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 09:33:17 GMT
x-content-type-options: nosniff
age: 503558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8424
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 09:33:17 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
24 KB 175ms
102ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,400;0,500;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52b9a30cb5d84dcfb2a4f9967f37abd86c3e709554ed4f168a03222e033bb93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tinhlinh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 00:39:06 GMT
x-content-type-options: nosniff
age: 535609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24020
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 00:39:06 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveSRf6TF0.woff2
fonts.gstatic.com/s/firasans/v17/ 8 KB
8 KB 167ms
94ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnZKveSRf6TF0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,400;0,500;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

610d1ecc8f70593f708b86befebeeae894c97d8d92464c8b01c137fd9ed6badc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tinhlinh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 12:06:16 GMT
x-content-type-options: nosniff
age: 494379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8444
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 12:06:16 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveSBf6TF0.woff2
fonts.gstatic.com/s/firasans/v17/ 43 KB
43 KB 190ms
119ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnZKveSBf6TF0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,400;0,500;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a1a6764b52537878a97e349438b16125f213c10707d6e7823ff1c05a77c5ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tinhlinh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 14:30:08 GMT
x-content-type-options: nosniff
age: 485747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43572
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 14:30:08 GMT

GET
H2 200 impress Show response
exchange.adtrue.com/delivery/ Frame C2FC 4 KB
2 KB 48ms
31ms Script
application/javascript 2606:4700:3037::ac43:bec0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/delivery/impress?pzoneid=42852&ref=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&cb=1816446520&timeZone=0&adWidth=300&adHeight=250&loc=https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bec0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0bd5ae790ad6ad2ee071f10a3e5490c8e708d80a643adf1389ccc2a8298ff4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-adtrue-instance: adt-backend-1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYCo%2FKKDzhdJVWUfRXknydHbFv7hWNv7vzjD2zPLYMQt8fcs2MNaZ3fCMCehOiTlqoHmC5Dpl1vkp74YXbG3adHzkhX6IngtBQLQ4L0J%2BS3NlSPcZo1v%2FUjv3V6MpTebAvl5oLQQyKFxaYc2rSZmBHgj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7c99ec109e5c697f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 prebid.js Show response
cdn.adtrue.com/pb/ Frame C2FC 309 KB
98 KB 28ms
27ms Script
application/javascript 2606:4700:3037::ac43:bec0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/pb/prebid.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=42852&ref=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&cb=1816446520&timeZone=0&adWidth=300&adHeight=250&loc=https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bec0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 825d5cd71dbdd99c5c8181e2e88e24573f837019cc0b15a6a15fa98bdffc506e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19009706
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 11 Oct 2022 04:44:29 GMT
server: cloudflare
etag: W/"6344f4ad-4d256"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mXwaP%2F11rGuBWHSR7RoX0NERY2hm9Hsl7OQ4%2FBAUfEszaHgh%2BviWYJiX4S561yKuEV8UbROwuObCLKvptGdyi7OXIeP2F3vEtv0Ab3gJiwvA1FIHR8hv2LrCqGygVS1XwziQSZmjQobKFvS%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31104000
cf-ray: 7c99ec10ce96697f-FRA
expires: Fri, 06 Oct 2023 04:57:29 GMT

GET
H2 200 request Show response
track.adtrue.com/track/ Frame FCE5 377 B
546 B 83ms
66ms Document
text/html 2606:4700:3037::ac43:bec0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adtrue.com/track/request?pzoneid=42852&domain=tinhlinh.com&ref=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&loc=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=42852&ref=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&cb=1816446520&timeZone=0&adWidth=300&adHeight=250&loc=https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bec0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4e125313753d65db851e4b47334123f4f71ac3ee6e28f3c87ee5264a874da78

Request headers

Referer: https://tinhlinh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7c99ec10eeb4697f-FRA
content-encoding: br
content-type: text/html
date: Fri, 19 May 2023 05:25:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNlwUGgrwSQgenf6BH%2B3WYPtqE2xR0o%2B0u%2FkN7aut7nPEPdooefv7ic1GUXhhKBc9SnEWaET7sLfd90CeWAGDRXdvvbrzGmwgnpBjCqrMjfY%2FnxMWHPL2CY%2BocgcWDyAZknamTiNdQqIM9qeRG92"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-host-name: adt-backend-1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
78 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-29B61D3TRR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152638533-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f222d7e0ed193ff2a8a1839449adeed78bca16166aa6b7cd24d26bc25302d53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79684
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 19 May 2023 05:25:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 116ms
36ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152638533-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 05:05:00 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 19 May 2023 07:05:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 61ms
61ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-344088873&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152638533-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

24e887fa84524183aa607176ff002389a7cc73c773f4e4c7e8c99dc166d18875

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67847
x-xss-protection: 0
last-modified: Fri, 19 May 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 May 2023 05:25:56 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ 355 KB
120 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9769985121555172&plah=tinhlinh.com&bust=31074718

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbe97a15cd09e73dcf5bbb0325f99a0a6bf5c204536afc8bf208db765a7d0466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122658
x-xss-protection: 0
server: cafe
etag: 2662709766095273146
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 19 May 2023 05:25:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/ Frame 6091 10 KB
5 KB 128ms
38ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tinhlinh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33077
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 20:14:39 GMT
etag: 15057649708203361565
expires: Thu, 01 Jun 2023 20:14:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 passback.js Show response
cdn.adtrue.com/rtb/ Frame D7E5 753 B
959 B 21ms
21ms Script
application/javascript 2606:4700:3037::ac43:bec0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/passback.js
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bec0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20050928
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 28 Oct 2020 03:26:52 GMT
server: cloudflare
etag: W/"5f98e4fc-2f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dm6NLL973e4qgV1jDCFwih0kOZMpHVeJGl5CnPOn%2BoYtZj4aq%2B9mftH%2BLYCfieIf%2B32xY1bcLy0zMAbk4B3KI0ol0o30k280XeKgxwHvSxr6e6JwN3RjqbwZSt2Jd6TZYsayervtLoLybHK2XA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31104000
cf-ray: 7c99ec11880a912a-FRA
expires: Sun, 24 Sep 2023 03:43:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame FCE5 127 KB
49 KB 52ms
52ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST

Requested by

Host: track.adtrue.com
URL: https://track.adtrue.com/track/request?pzoneid=42852&domain=tinhlinh.com&ref=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&loc=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a66354a3cd909649eba72e448e9b11866047168fd214f50f2f030168905a9f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://track.adtrue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49888
x-xss-protection: 0
last-modified: Fri, 19 May 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 May 2023 05:25:56 GMT

GET
H2 200 tinhlinh.com.1391118.es6.js Show response
jsc.adskeeper.com/t/i/ 290 KB
92 KB 223ms
221ms Script
text/javascript 2606:4700::6812:82e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/t/i/tinhlinh.com.1391118.es6.js
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/t/i/tinhlinh.com.1391118.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6719f77c861e73f57100b8ddb0956c78c1b70075f101332cc2d94d05de84ad85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
content-encoding: gzip
x-amz-version-id: Tw1qeJOQbJ.jp8ZELFxRHBDRiX81tS14
cf-cache-status: REVALIDATED
x-amz-request-id: CKF45SYZY2EXQRMW
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94397
x-amz-id-2: NSYESlpEwjAddibNw2a15Bs7eNG00bnjy5orTwg1hNtax02b7FbmJLNMZejdIitvB7gi6xL+Xbg=
last-modified: Thu, 11 May 2023 11:56:26 GMT
server: cloudflare
etag: "c51ed33be84553dfec5de97642b40f01"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7c99ec11ee1b9137-FRA
expires: Fri, 19 May 2023 09:25:56 GMT

GET
H2 200 tinhlinh.com.1391649.es6.js Show response
jsc.adskeeper.com/t/i/ 292 KB
91 KB 240ms
239ms Script
text/javascript 2606:4700::6812:82e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/t/i/tinhlinh.com.1391649.es6.js
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/t/i/tinhlinh.com.1391649.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bd56c1d1075f71d84cd684a8293aa4d482307415d77b74005d4c8101f3f47b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
content-encoding: gzip
x-amz-version-id: _aF.e8xy9v0w7sfFh_G0u5ZjLsEj0LUO
cf-cache-status: REVALIDATED
x-amz-request-id: CKFDB5B3ACYAW5VM
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 93115
x-amz-id-2: HMQC2Tyk46YSkRGbgomqDtJ5BFuScXWgRLvO1SOdBMl8G0caBmqL9AUv6oh/fS6q7MlpNRokByA=
last-modified: Thu, 11 May 2023 11:58:17 GMT
server: cloudflare
etag: "583a07a7930e0c977a11028cb02bb049"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7c99ec11ee1c9137-FRA
expires: Fri, 19 May 2023 09:25:56 GMT

GET
H3 200 passback Show response
exchange.adtrue.com/tag/ Frame D7E5 226 B
675 B 38ms
37ms Script
application/javascript 2606:4700:3037::ac43:bec0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=42852&divid=1042075574&ref=undefined
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bec0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b28e784b1bf9f2843e77a7d4bf54c7990573df6086e36c82158782a6ee2def41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9REUAdsz1G2pMOyofcatrvtjQJJ3cmjk4ZLU5uKyG5uDtWh%2FU6TZPItWo41OSZikQ%2FRwP3sx72EJbkW9KABQfk3Jy0UHy0TdWbAi2WmUtuCaL716Vgp18H9b2sACOfM42VkoZhtrMn6or3PStlOzbi1P"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7c99ec1248c3912a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/344088873/ 3 KB
2 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/344088873/?random=1684473956217&cv=11&fst=1684473956217&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&hn=www.googleadservices.com&frm=0&tiba=Kh%C3%B4n%20Ninh%20-%20Ch%C6%B0%C6%A1ng%20168%3A%20C%C3%B4ng%20ch%C3%BAa%20c%E1%BA%A3i%20bi%E1%BA%BFn&auid=927331246.1684473956&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-344088873&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4290c1643634cc97238d6e8725eb23c6c7cb9db324a3e4b91eec0538c29d12f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 05:25:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1284
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
243 B 50ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-29B61D3TRR&gtm=45je35h0&_p=1660820557&cid=1062980496.1684473956&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1684473956&sct=1&seg=0&dl=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&dt=Kh%C3%B4n%20Ninh%20-%20Ch%C6%B0%C6%A1ng%20168%3A%20C%C3%B4ng%20ch%C3%BAa%20c%E1%BA%A3i%20bi%E1%BA%BFn&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-29B61D3TRR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 05:25:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tinhlinh.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 43ms
42ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1660820557&t=pageview&_s=1&dl=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&ul=en-us&de=UTF-8&dt=Kh%C3%B4n%20Ninh%20-%20Ch%C6%B0%C6%A1ng%20168%3A%20C%C3%B4ng%20ch%C3%BAa%20c%E1%BA%A3i%20bi%E1%BA%BFn&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1622918750&gjid=285711033&cid=1062980496.1684473956&tid=UA-152638533-1&_gid=594063070.1684473956&_r=1&gtm=457e35h0&jsscut=1&z=1086859694

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tinhlinh.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 May 2023 05:25:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tinhlinh.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
605 B 138ms
46ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tinhlinh.com&callback=_gfp_s_&client=ca-pub-9769985121555172

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9769985121555172&plah=tinhlinh.com&bust=31074718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0fccf9a7109e2472b8e55abc1757cf33d10c3a49672245ac1103a2f341079cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 134ms
46ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tinhlinh.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 136ms
46ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tinhlinh.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 911E 152 KB
48 KB 671ms
671ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769985121555172&output=html&h=600&slotname=4871745977&adk=3634746047&adf=4055985674&pi=t.ma~as.4871745977&w=263&fwrn=4&fwrnh=100&lmt=1684473956&rafmt=1&format=263x600&url=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684473956014&bpp=6&bdt=329&idt=275&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&correlator=5671118038179&frm=20&pv=2&ga_vid=1062980496.1684473956&ga_sid=1684473956&ga_hid=1660820557&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=479&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31074602%2C31074718%2C44772269%2C44785292%2C44788441%2C44792089&oid=2&pvsid=279692053522632&tmod=18473906&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xxYP0kVxeE&p=https%3A//tinhlinh.com&dtd=292

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cdf2f8efa3230582dd2a8195c050c3ebdb45500477263c605ffd4cfc00b9ef8

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/993174632274146617/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/993174632274146617/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CITstr7SgP8CFfKh0QQdNYYJ7Q&gqi=ZAhnZMHcE93gnsEPodqc4AU&layout=/sadbundle/%24csp%253Der3%24/993174632274146617/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tinhlinh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 49511
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/993174632274146617/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/993174632274146617/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CITstr7SgP8CFfKh0QQdNYYJ7Q&gqi=ZAhnZMHcE93gnsEPodqc4AU&layout=/sadbundle/%24csp%253Der3%24/993174632274146617/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 05:25:56 GMT
expires: Fri, 19 May 2023 05:25:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5552 118 KB
40 KB 615ms
615ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769985121555172&output=html&h=200&slotname=7244969317&adk=3892851548&adf=816512716&pi=t.ma~as.7244969317&w=848&fwrn=4&lmt=1684473956&rafmt=11&format=848x200&url=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684473956020&bpp=1&bdt=335&idt=313&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=263x600&correlator=5671118038179&frm=20&pv=1&ga_vid=1062980496.1684473956&ga_sid=1684473956&ga_hid=1660820557&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=523&ady=728&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31074602%2C31074718%2C44772269%2C44785292%2C44788441%2C44792089&oid=2&pvsid=279692053522632&tmod=18473906&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ouqcxlh3eh&p=https%3A//tinhlinh.com&dtd=316

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9d0a8aa5a826148fd13173ce8806eea832673ab5a2c487bc03860ddd6b2485e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tinhlinh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40771
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 05:25:56 GMT
expires: Fri, 19 May 2023 05:25:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bi.js Show response
cdn.runative-syndicate.com/sdk/v1/ Frame D7E5 6 KB
3 KB 86ms
14ms Script
application/javascript 67.26.111.249
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.runative-syndicate.com/sdk/v1/bi.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=42852&divid=1042075574&ref=undefined
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.26.111.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 48eaccbc19283c6ceca0001c8aeb45e2338957b217228f41a811b782d37bf43c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 15:25:35 GMT
server: nginx
age: 1946131
etag: W/"623b3bef-192a"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2773

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame FCE5 51 KB
20 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://track.adtrue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 05:05:00 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 19 May 2023 07:05:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame FCE5 221 KB
78 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

77465ffd0adb5aae850c69b61a99dd2b77177e5b2d18ffe3e8794aa0b5a710f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://track.adtrue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79690
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 19 May 2023 05:25:56 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
344 B 59ms
18ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-152638533-1&cid=1062980496.1684473956&jid=1622918750&gjid=285711033&_gid=594063070.1684473956&_u=YADAAUAAAAAAACAAI~&z=372522959

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tinhlinh.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 19 May 2023 05:25:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tinhlinh.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/344088873/ 42 B
455 B 137ms
51ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/344088873/?random=1684473956217&cv=11&fst=1684472400000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&frm=0&tiba=Kh%C3%B4n%20Ninh%20-%20Ch%C6%B0%C6%A1ng%20168%3A%20C%C3%B4ng%20ch%C3%BAa%20c%E1%BA%A3i%20bi%E1%BA%BFn&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1318466118&rmt_tld=0&ipr=y

Requested by

Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 05:25:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/344088873/ 42 B
455 B 139ms
53ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/344088873/?random=1684473956217&cv=11&fst=1684472400000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&frm=0&tiba=Kh%C3%B4n%20Ninh%20-%20Ch%C6%B0%C6%A1ng%20168%3A%20C%C3%B4ng%20ch%C3%BAa%20c%E1%BA%A3i%20bi%E1%BA%BFn&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1318466118&rmt_tld=1&ipr=y

Requested by

Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 05:25:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 05:25:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8E2F 10 KB
5 KB 357ms
356ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769985121555172&output=html&adk=1812271804&adf=3025194257&lmt=1684473956&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684473956044&bpp=2&bdt=359&idt=306&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=263x600%2C848x200&nras=1&correlator=5671118038179&frm=20&pv=1&ga_vid=1062980496.1684473956&ga_sid=1684473956&ga_hid=1660820557&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31074602%2C31074718%2C44772269%2C44785292%2C44788441%2C44792089&oid=2&pvsid=279692053522632&tmod=18473906&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=318

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46584e57444a113659d2328765f98ba285c9b169e63fd9e74ee8960a447493db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tinhlinh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4645
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 05:25:56 GMT
expires: Fri, 19 May 2023 05:25:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK 50fd24c3-57d8-42cb-aefe-2eff2390946d
https://tinhlinh.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tinhlinh.com/50fd24c3-57d8-42cb-aefe-2eff2390946d
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK f790d80d-585f-4697-8ce6-534cc9e72450
https://tinhlinh.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tinhlinh.com/f790d80d-585f-4697-8ce6-534cc9e72450
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
BLOB 200
OK 6c760586-8d74-482b-b5f6-a775e9380234
https://tinhlinh.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tinhlinh.com/6c760586-8d74-482b-b5f6-a775e9380234
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 9271b289-4f3c-4192-973b-20301714c1f9
https://tinhlinh.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tinhlinh.com/9271b289-4f3c-4192-973b-20301714c1f9
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 e259ae948f60469ea618297f84fe446a.html Show response
run-syndicate.com/iframes2/ Frame A58A 8 KB
4 KB 163ms
120ms Document
text/html 78.46.97.249
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://run-syndicate.com/iframes2/e259ae948f60469ea618297f84fe446a.html?&adb=0&clientjs=1&w=1600&h=1200
Requested by: Host: cdn.runative-syndicate.com
URL: https://cdn.runative-syndicate.com/sdk/v1/bi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.97.249 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.249.97.46.78.clients.your-server.de
Software: nginx /
Resource Hash: 40f13cbf08094b6768124272e918ba6a111fee3e6686f6a5c351133ca13a5be9

Request headers

Referer: https://tinhlinh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, no-transform, must-revalidate no-transform
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 19 May 2023 05:25:56 GMT
expires: 0
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script, <https://lcdn.tsyndicate.com/images/8/0/82020f8a41077a408c2ec33d61a2be8dfd4c7a/main.jpg>; rel=preload; as=image
pragma: no-cache
report-to: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
server: nginx
vary: Accept-Encoding *
x-api-version: 2
x-request-id: 7976c75905d765de
x-robots-tag: none noindex, nofollow

GET
H2 200 / Show response
c.adskeeper.com/pv/ 0
43 B 42ms
24ms Script
text/plain 2606:4700::6812:82e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adskeeper.com/pv/?scum=%3F0&scuw=%3F0&pv=5&cbuster=168447395655350131981&uniqId=0a36e&lct=1683763200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Ftinhlinh.comhttps%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&lu=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&sessionId=64670865-01d24&pageView=1&pvid=1883278c8c9aaa41a2b&site=847835&implVersion=11&dpr=1&tfre=873
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/t/i/tinhlinh.com.1391118.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7c99ec14991e9137-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content 0c1774ac-f337-4f80-915b-8a574fa08840
https://tinhlinh.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tinhlinh.com/0c1774ac-f337-4f80-915b-8a574fa08840
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 25d1cecb-6f39-44af-935b-27f637190bbf
https://tinhlinh.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tinhlinh.com/25d1cecb-6f39-44af-935b-27f637190bbf
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 4 KB
1 KB 70ms
21ms Image
image/svg+xml 2606:4700::6812:a14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 6CKG29MW1YTRN75E
age: 4555
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: KOxTAbFhzDmxF0sJ6v7mwHgerag0lTtA8w73xPKewr2uqz9JE0WH30FlfIx8n91PQGLP3r6CctUoFIy6uT3pvw==
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 7c99ec14f82d3a86-FRA
expires: Fri, 19 May 2023 09:25:56 GMT

GET
H3 200 widget-ssp-performance
c.adskeeper.com/ 43 B
203 B 25ms
24ms Image
image/gif 2606:4700::6812:82e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/widget-ssp-performance?time=43
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7c99ec14bd346921-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/gif

GET
H2 200 1 Show response
servicer.adskeeper.com/1391118/ 1 KB
935 B 54ms
37ms Script
application/x-javascript 2606:4700::6812:82e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.com/1391118/1?scum=%3F0&scuw=%3F0&pv=5&cbuster=1684473956640254985121&uniqId=0a36e&lct=1683763200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=848&h=482&ident_p=true&sz=839x441&szp=1&szl=1&cols=1&ref=&cxurl=https%3A%2F%2Ftinhlinh.comhttps%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&lu=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&sessionId=64670865-01d24&pageView=1&pvid=1883278c8c9aaa41a2b&implVersion=11&dpr=1&tfre=959
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/t/i/tinhlinh.com.1391118.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb9aa6a07648ccad86c8ccca7360482eb599d071adb3c90f1c1b38df00296dd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7c99ec1529809137-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1 Show response
servicer.adskeeper.com/1391649/ 4 KB
2 KB 50ms
36ms Script
application/x-javascript 2606:4700::6812:82e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.com/1391649/1?scum=%3F0&scuw=%3F0&mp4=1&ap=1&w=848&h=239&sz=201x196&szp=1,2,3,4&szl=1,2,3,4&cols=4&pv=5&cbuster=168447395664240350113&lct=1683763200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Ftinhlinh.comhttps%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&lu=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&sessionId=64670865-01d24&pageView=0&pvid=1883278c8c9aaa41a2b&implVersion=11&dpr=1&tfre=961
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/t/i/tinhlinh.com.1391649.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18024c3dc8de504704c17afc7232a1b14245e3e32ea3575f8070deeaf8503ba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7c99ec1529839137-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 b.b.js Show response
lcdn.tsyndicate.com/sdk/v1/ Frame A58A 8 KB
3 KB 74ms
11ms Script
application/javascript 8.248.93.249
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://lcdn.tsyndicate.com/sdk/v1/b.b.js
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.93.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: b27785e2a9c00f116d653c7dfc36f32c86b0f7bbce5eec0d9ee615cd0b5c73c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://run-syndicate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
content-encoding: gzip
last-modified: Wed, 01 Jun 2022 12:20:19 GMT
server: nginx
age: 29349084
etag: W/"62975983-1ebd"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2813

GET
H2 200 main.jpg
lcdn.tsyndicate.com/images/8/0/82020f8a41077a408c2ec33d61a2be8dfd4c7a/ Frame A58A 10 KB
10 KB 75ms
11ms Image
image/jpeg 8.248.93.249
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lcdn.tsyndicate.com/images/8/0/82020f8a41077a408c2ec33d61a2be8dfd4c7a/main.jpg
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.93.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 16d96cce1d3c59eb5e029ee729faa61c17e82026b3679f35ca3ea13508b2bbd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://run-syndicate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 17:35:25 GMT
server: nginx
age: 21930150
etag: W/"631784dd-276d"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 9993

GET
H3 200 widget-ssp-performance
c.adskeeper.com/ 43 B
167 B 27ms
26ms Image
image/gif 2606:4700::6812:82e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/widget-ssp-performance?time=55
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7c99ec156deb6921-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/gif

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA1LzU5Mzg5Ni83MzRlZ...
s-img.adskeeper.com/g/16161046/492x328/-/ 10 KB
10 KB 60ms
15ms Image
image/webp 2606:4700::6812:82e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/16161046/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA1LzU5Mzg5Ni83MzRlZDUzODE0OTQzYTRkZDM0MzM5ZjM3MjUwMWM0MS5qcGVn.webp?v=1684473956-LYV3uaukO6ZLQCBRpVwhZeflRk17k0P5s8soOySth_o
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4dbefe0dbb9399abab5b412012d88ea843450c72d40ab5f4d58dc29cbe2144

Request headers

Referer: https://tinhlinh.com/
Origin: https://tinhlinh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
cf-cache-status: HIT
last-modified: Thu, 11 May 2023 12:14:19 GMT
x-mg-request-uuid: b40b7254-61ca-465a-8fab-910b4863abf8
server: cloudflare
age: 180119
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7c99ec15c99139d9-FRA
content-length: 9748
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAzLzU5Mzg5Ni9kOTRmZ...
s-img.adskeeper.com/g/15737000/492x328/-/ 25 KB
25 KB 68ms
23ms Image
image/webp 2606:4700::6812:82e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/15737000/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAzLzU5Mzg5Ni9kOTRmZTRkMjZkNDA2N2RkNDdmZmM0NmNkNTZhMmMyMC5qcGVn.webp?v=1684473956-Pg1INc7dMgkkyuz8hI6L5YC3DRh1T2sr0yRWPms5L5U
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0afb95317a1257d2ccd3124932cde42a9ca7ae9335d8ca36586db7a4fac2ad2d

Request headers

Referer: https://tinhlinh.com/
Origin: https://tinhlinh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
cf-cache-status: HIT
last-modified: Sun, 26 Mar 2023 13:24:53 GMT
x-mg-request-uuid: fee85f32-7400-4055-a779-bb1cf2878f8e
server: cloudflare
age: 1511396
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7c99ec15c99439d9-FRA
content-length: 25088
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAyLzU2MTUwOS81NTQ4Y...
s-img.adskeeper.com/g/15323169/492x328/-/ 23 KB
23 KB 63ms
20ms Image
image/webp 2606:4700::6812:82e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/15323169/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAyLzU2MTUwOS81NTQ4YWU1MDYwN2Y0ZTlmMDUzYWY5OWFjN2NiMzFlNS5qcGc.webp?v=1684473956-7Kr07g8M2Dx79A1mSEcAd8jP21M57kQknkNae5b-J-I
Requested by: Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def60bb29a8279216612117b4f13094c5f2d44f7bc9a8390824209a64dcb3d8e

Request headers

Referer: https://tinhlinh.com/
Origin: https://tinhlinh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Feb 2023 08:46:42 GMT
x-mg-request-uuid: e42a21ed-aa1f-4655-8012-386cfd02bc7d
server: cloudflare
age: 8627566
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7c99ec15c99539d9-FRA
content-length: 23596
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 206 35bee398f25da476b8406c3499a5b8c6.mp4
cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2023-05/369403/ 289 KB
289 KB 58ms
17ms Media
video/mp4 2606:4700::6812:d2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2023-05/369403/35bee398f25da476b8406c3499a5b8c6.mp4?v=1684473956-03pMPCPPtFimLr_BKqNW1CtQyryOo2o__MYS3ehwDqQ

Requested by

Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d2d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f735ac8cab44c2a41e690db5789dfdcee90528ce487d8e2b7a00391c22688b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tinhlinh.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 842979
Content-Range: bytes 0-295553/295554
server-timing: cld-fastly;mitm=cpo;dur=79;cpu=0;start=2023-05-09T11:15:40.334Z;desc=miss,rtt;dur=0,cloudinary;dur=68;start=2023-05-09T11:15:40.343Z
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 295554
last-modified: Tue, 09 May 2023 10:17:25 GMT
server: cloudflare
etag: "5e16220e79f9d9c85f8b2b83250c267a"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31536000, no-transform, immutable
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 7c99ec15cdbd1e66-FRA

GET
H2 200 p.js Show response
pxl.tsyndicate.com/api/v1/p/ Frame A58A 24 B
123 B 71ms
34ms Script
text/plain 136.243.83.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WUmVFDjBkzYm60INPRRgsaMWyIaSGmhgwYLWbAiDFmjI0yNm6YuZFDxMMwdcZkFGMjp0ydLRrOKHPSRowcLXKUwQEzYo0cY2SaITOGBgyfEMnYWVgDxwwbMx7CqSNm4QwZDStChANnoYyyMXA8nANnoo4ZOWxcTflwTJu6OmrEiMFRrkEzFB-KcePGrQwZOczaeNjGDUaGb1-q7fz5Mo4aMB7WkcPGLQ0cZmOkFlFHRkY0dOjAmaPjxYs5aTyzKeiGDJo3ctzkceGmDJ0XDXHQmPHix5gwh8OkOeMmCZkebt5QrnOQSx0YMGTYaFOmjRiE3nvccVIlT801d96spDKlSQ4oRNhBhhlLeOeEFm4EEYcdcQSxRhNVIKGGHUngkIUNOehRA195yPEFFXIQMYUcd5DxxRczhIGFHV8YMUYORxQxwxd2LDGDFEJQEYcecCShxRowrCGDHjnIQcMXUzwhgxZmJAdFG0QcAQMecdgwxxtwxFCEGSeeUUUSREhRRRrmoafelauNUUZ8ijGmWJnp2ZBlD4AJlkNKYJHxRhsZ0REcGmz86cIYe4J1nV9boNSFWnII9RdTMGwmgkcLweDCTIXB0cYXcDRa6aVxyiWHHYgx9lAZY2j6KXpp0VZHGhnFQIYMN9iQVQwjwQDSSe_hmkNHNYwUBgw1mPGWGQWdBVYaiImQVw0uwDWDCw1BmxINYHnIbKynRcsYtTVYawO2qoWRURNv6JEGG2yE8QK0MICAwhXB6XnHHCA4QQUIsl26Awj0ujHuv3iMmwIIQdA13BVliLFEGs_VMMMNLpwl7xJIUNEEEyyAEOgaZYBwBKprvHHwEGjIsWcZ0H1raQ05yUCteiBMEYYZYciRxrsTV2yDoY6KQEQRYCH3RU0ZDQ0WG0Er_dBBLMpRRmsM1XCDYmV5NZsc3C2Uww00PF0Gi2LIsZBeIkD9RRtvkGEXDjGEnbbKkYnwhkI6yN3pG3jkQdbTeVSmAx1y1FHGQ1JDpsNAue3W2wt-ugGooIS28QJYd8RqA3pgoRHrS1_tNWpGKtMRBh3ItVCHGxCfFIMLXMVg29NBH_RF7LOLQAefDNkgHQ03AAazRW3Y1vvvwf9alFM_mSg1X1-cTpHvNAAvvKRjRz-cHHTgvcUMNCwKkRh-pV0GznWwMZFaTFda2Gcw9KFAQA%3D%3D&s=b12bad241999bdab9711d84601b871fad580e282113695782bd9fd596c22fbc01684473956&w=t&r=1&d=8&priv=false
Requested by: Host: run-syndicate.com
URL: https://run-syndicate.com/iframes2/e259ae948f60469ea618297f84fe446a.html?&adb=0&clientjs=1&w=1600&h=1200
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.83.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.83.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://run-syndicate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-length: 24
content-type: text/plain; charset=utf-8

GET
H2 200 i.js Show response
cm.adskeeper.com/ 0
37 B 145ms
135ms Script
application/javascript 2606:4700::6812:82e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i.js?&cbuster=1684473956844791949257
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/t/i/tinhlinh.com.1391649.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 05:25:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7c99ec165a4d9137-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.adskeeper.com/ Frame 4B90 0
101 B 130ms
130ms Script
application/javascript 2606:4700::6812:82e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i-noref.js?cbuster=1684473956849444526665
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/t/i/tinhlinh.com.1391649.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 05:25:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7c99ec166a529137-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 207 KB
63 KB 51ms
10ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/t/i/tinhlinh.com.1391649.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:56 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=144791
accept-ranges: bytes
content-length: 63913
expires: Sat, 20 May 2023 21:39:07 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5552 2 KB
566 B 118ms
46ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769985121555172&output=html&h=200&slotname=7244969317&adk=3892851548&adf=816512716&pi=t.ma~as.7244969317&w=848&fwrn=4&lmt=1684473956&rafmt=11&format=848x200&url=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684473956020&bpp=1&bdt=335&idt=313&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=263x600&correlator=5671118038179&frm=20&pv=1&ga_vid=1062980496.1684473956&ga_sid=1684473956&ga_hid=1660820557&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=523&ady=728&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31074602%2C31074718%2C44772269%2C44785292%2C44788441%2C44792089&oid=2&pvsid=279692053522632&tmod=18473906&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ouqcxlh3eh&p=https%3A//tinhlinh.com&dtd=316

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 May 2023 05:25:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 May 2023 05:18:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 May 2023 05:25:57 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 5552 2 KB
819 B 159ms
80ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:05 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/ Frame 5552 22 KB
9 KB 150ms
71ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 5552 3 KB
1 KB 136ms
78ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45683
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 5552 19 KB
8 KB 124ms
45ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5552 0
0 46ms
45ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRuIuL6z1krBvNsXqw76L8PNhmzY8fwWGwiDwrRy2ElzplmLJ_NJTvYqkdBeCIYvoZhUPz5RPYe5PXoKc5XU2QRxh9Wvw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769985121555172&output=html&h=200&slotname=7244969317&adk=3892851548&adf=816512716&pi=t.ma~as.7244969317&w=848&fwrn=4&lmt=1684473956&rafmt=11&format=848x200&url=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684473956020&bpp=1&bdt=335&idt=313&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=263x600&correlator=5671118038179&frm=20&pv=1&ga_vid=1062980496.1684473956&ga_sid=1684473956&ga_hid=1660820557&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=523&ady=728&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31074602%2C31074718%2C44772269%2C44785292%2C44788441%2C44792089&oid=2&pvsid=279692053522632&tmod=18473906&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ouqcxlh3eh&p=https%3A//tinhlinh.com&dtd=316
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5552 170 KB
53 KB 1087ms
1086ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 05:25:58 GMT

GET
H2 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame 5552 32 KB
14 KB 123ms
38ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 20:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Tue, 16 May 2023 20:07:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 20:24:20 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5552 0
0 80ms
79ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CV5vAZAhnZLWGGaj7xtYPkbCe6Avxk5XNcKzq1MGBEbyqs4PSOBABIJ3QxHpgleKQgqAHoAGmuNnXAsgBCakCZO9X33MSsj6oAwHIA8sEqgTkAU_QVCCt7fYmFDDxbRLnG65UwLjkX_eThzcs_ibHu-BDxAzKO3zPP6h2VjFJbpuBKzjBu67qmZieOdDDxPqR5UZvQO-VFTDADL7jjSA1XOYg53nvGwzXV56boSHttx45jL1cK0pljCllJdPmwyTM7LDDKNYujqa9d2qjnZ7mHOFEUlnWev_Ff84jEuDoe-KV4Qjzt6fjykT1iRKlMyqUbtECY19FE0QOW5VL7ahF8X3A02T33zpv0PdA-G-GsSNRznLD9boJYJ7ibxNHXfEZZmvDIuwAGLpN42tRJtZetjlUw3B8S8AE9YPNwpIEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8LHpqgBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEPLiBNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItOTc2OTk4NTEyMTU1NTE3MhgA&sigh=XdyX0TQy5JM&uach_m=[UACH]&cid=CAQSKQBygQiDg5xXi-wu9juI9g3BbNsMgpLMIGbEEtoCWMGUZX9A9n42kQPeGAE&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769985121555172&output=html&h=200&slotname=7244969317&adk=3892851548&adf=816512716&pi=t.ma~as.7244969317&w=848&fwrn=4&lmt=1684473956&rafmt=11&format=848x200&url=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684473956020&bpp=1&bdt=335&idt=313&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=263x600&correlator=5671118038179&frm=20&pv=1&ga_vid=1062980496.1684473956&ga_sid=1684473956&ga_hid=1660820557&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=523&ady=728&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31074602%2C31074718%2C44772269%2C44785292%2C44788441%2C44792089&oid=2&pvsid=279692053522632&tmod=18473906&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ouqcxlh3eh&p=https%3A//tinhlinh.com&dtd=316
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 19 May 2023 05:25:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 5552 17 KB
17 KB 150ms
39ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRP2gq4DLwtMhCocQR70xSShWj7aBCDLNlte-GU9_NJOaAZAe9kArS0KN99aA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

420fefad3bf6dfe443c90d6402f13a8f138cdfef67e0973e9553c576011bdb8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 23:45:13 GMT
x-content-type-options: nosniff
age: 452444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16991
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 15:33:50 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 12 May 2024 23:45:13 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 5552 15 KB
16 KB 121ms
38ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTzNTFTcktg_14y2FJycanx_XUrskWy-7Tyd6aZyCLwtAWcukl2AwQG-8Lpe94&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4fb26d94caab7172fc868e52588e624c64bd6cbe7880faa0be8e2332681fb2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:46:44 GMT
x-content-type-options: nosniff
age: 470353
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15574
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 06:07:28 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 12 May 2024 18:46:44 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/993174632274146617/ Frame F7FB 82 KB
24 KB 104ms
81ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/993174632274146617/index.html

Requested by

Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09f785fefc92bbbc833a3484a71ad55a38e571498500bd3f98d6484bda9f48af

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 534027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 23305
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 01:05:30 GMT
expires: Sun, 12 May 2024 01:05:30 GMT
last-modified: Wed, 29 Mar 2023 06:42:26 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0AE7 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnOtPZAhnZISqF_LDxtYPtYym6A7Ki5GrcN-Z-rqNEcCNtwEQASCd0MR6YJXikIKgB6ABxvrSuQPIAQmpAsba8cf4DbI-qAMByANIqgTmAU_QiBO8p09BQg012PA2-wYuCkrbnDm55u30sFCveKBX8gTYgWkS8pynSiJrST8GV3phZGQMMUGer1Tc_bQa5wrDA2iOdsA1-AXy3DerzRNj-r5eDoPrV4KJNpmapcH6x9j-EeU1a9JomM1lsQiqLnYWldl6i2nwjx_He9NxiFN8XGqDIFvxsLoPj3e1VQ_lP2Q7JUqBgXHkQYQ6RZXXcZoadVARGD9KcsODnSXEyfbToy5GD9FDioPbMAJcLRp5xeW4PU_gNa-cGpAheWAxGs-x-pWlupc8y9nVpfadVxFBdAgAYR3YwAS3mam5owSSBQQIBBgBkgUECAUYBKAGLoAHusffIKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEODqKdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItOTc2OTk4NTEyMTU1NTE3MhgA&sigh=Vt4bpRMq1sE&uach_m=[UACH]&cid=CAQSKQBygQiDW1LKUEHYstv7VIbRwrdDXvQZ0Bmps-eugwp-IJ48vV_qwVKoGAE&template_id=419

Requested by

Host: tinhlinh.com
URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769985121555172&output=html&h=600&slotname=4871745977&adk=3634746047&adf=4055985674&pi=t.ma~as.4871745977&w=263&fwrn=4&fwrnh=100&lmt=1684473956&rafmt=1&format=263x600&url=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684473956014&bpp=6&bdt=329&idt=275&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&correlator=5671118038179&frm=20&pv=2&ga_vid=1062980496.1684473956&ga_sid=1684473956&ga_hid=1660820557&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=479&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31074602%2C31074718%2C44772269%2C44785292%2C44788441%2C44792089&oid=2&pvsid=279692053522632&tmod=18473906&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xxYP0kVxeE&p=https%3A//tinhlinh.com&dtd=292
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 19 May 2023 05:25:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/ Frame 0AE7 22 KB
9 KB 59ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769985121555172&output=html&h=600&slotname=4871745977&adk=3634746047&adf=4055985674&pi=t.ma~as.4871745977&w=263&fwrn=4&fwrnh=100&lmt=1684473956&rafmt=1&format=263x600&url=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684473956014&bpp=6&bdt=329&idt=275&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&correlator=5671118038179&frm=20&pv=2&ga_vid=1062980496.1684473956&ga_sid=1684473956&ga_hid=1660820557&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=479&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31074602%2C31074718%2C44772269%2C44785292%2C44788441%2C44792089&oid=2&pvsid=279692053522632&tmod=18473906&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xxYP0kVxeE&p=https%3A//tinhlinh.com&dtd=292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 0AE7 3 KB
1 KB 96ms
76ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45683
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 0AE7 19 KB
8 KB 54ms
35ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0AE7 0
0 46ms
45ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSk-fmhD8ofHnI-BXYMJT5Q8m08mq3bor71MgawMtat0_C1u4ZnvTvQaVBDHEYRCFuJU7WLeR8zbA1aT2WkeZNzTLWS7g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769985121555172&output=html&h=600&slotname=4871745977&adk=3634746047&adf=4055985674&pi=t.ma~as.4871745977&w=263&fwrn=4&fwrnh=100&lmt=1684473956&rafmt=1&format=263x600&url=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684473956014&bpp=6&bdt=329&idt=275&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&correlator=5671118038179&frm=20&pv=2&ga_vid=1062980496.1684473956&ga_sid=1684473956&ga_hid=1660820557&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=479&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31074602%2C31074718%2C44772269%2C44785292%2C44788441%2C44792089&oid=2&pvsid=279692053522632&tmod=18473906&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xxYP0kVxeE&p=https%3A//tinhlinh.com&dtd=292
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0AE7 170 KB
53 KB 1024ms
1023ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 05:25:58 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 13B0 143 B
166 B 36ms
35ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769985121555172&output=html&h=600&slotname=4871745977&adk=3634746047&adf=4055985674&pi=t.ma~as.4871745977&w=263&fwrn=4&fwrnh=100&lmt=1684473956&rafmt=1&format=263x600&url=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684473956014&bpp=6&bdt=329&idt=275&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&correlator=5671118038179&frm=20&pv=2&ga_vid=1062980496.1684473956&ga_sid=1684473956&ga_hid=1660820557&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=479&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31074602%2C31074718%2C44772269%2C44785292%2C44788441%2C44792089&oid=2&pvsid=279692053522632&tmod=18473906&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xxYP0kVxeE&p=https%3A//tinhlinh.com&dtd=292
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 901
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 05:10:56 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0AE7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e2e550c0558fbe7bb0092334c115e5dcfc2688230c43ce57ff6ad848e06887a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 0AE7 0
20 B 153ms
75ms Other
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CITstr7SgP8CFfKh0QQdNYYJ7Q&gqi=ZAhnZMHcE93gnsEPodqc4AU&layout=/sadbundle/%24csp%253Der3%24/993174632274146617/index.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 19 May 2023 05:25:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 245A 1 KB
643 B 40ms
37ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50889
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 15:17:48 GMT
etag: 48472445140208031
expires: Fri, 19 May 2023 15:17:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame F7FB 4 KB
635 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:regular,700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/993174632274146617/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f780c1c8bc912492a36c1e107a094768ed1fd2c256be4849386893733bcbc3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 May 2023 05:25:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 May 2023 05:12:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 May 2023 05:25:57 GMT

GET
H2 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F7FB 16 KB
6 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/993174632274146617/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 19 May 2023 19:40:18 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F7FB 34 KB
13 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/993174632274146617/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 01:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13092
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 20 May 2023 01:47:45 GMT

GET
H2 200 gsap_3.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame F7FB 54 KB
22 KB 162ms
47ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.0.1_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/993174632274146617/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22005
x-xss-protection: 0
last-modified: Mon, 11 Nov 2019 18:08:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 May 2023 05:25:57 GMT

GET
DATA 200
OK truncated
/ Frame 5552 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e72d552bdf4f550c155dd4a138b3f45bc697e869fecd822fdfc1c95ad814f64

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 13B0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

52ms
50ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 05:25:57 GMT
expires: Fri, 19 May 2023 05:25:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 05:25:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 245A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENxzM27KWDN-GN0f6rY5c5I&google_cver=1&google_push=ATf1kGOlCDHx6D47PUB20BBHDbmhr2lMR9pfuWzjvazW_BNOxhNhiZ5wW8Ji8PPvpO_sbMOPeUTXVTdzey2fZ7_h...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOlCDHx6D47PUB20BBHDbmhr2lMR9pfuWzjvazW_BNOxhNhiZ5wW8Ji8PPvpO_sbMOPeUTXVTdzey2fZ7_hqfWE6yvvzfRmIw

170 B
329 B

87ms
47ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOlCDHx6D47PUB20BBHDbmhr2lMR9pfuWzjvazW_BNOxhNhiZ5wW8Ji8PPvpO_sbMOPeUTXVTdzey2fZ7_hqfWE6yvvzfRmIw

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 05:25:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 19 May 2023 05:25:57 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x35 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOlCDHx6D47PUB20BBHDbmhr2lMR9pfuWzjvazW_BNOxhNhiZ5wW8Ji8PPvpO_sbMOPeUTXVTdzey2fZ7_hqfWE6yvvzfRmIw
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 19 May 2023 05:25:56 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 245A 70 B
265 B 102ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKS5ytzJnjcGLnVY3m3JwEM&google_cver=1&google_push=ATf1kGM8OIp6Ktn4UEDkoAS4vkhvBdi6-3n7szDncauGdeCBApAqyEdcmcKRj66nkPgbZmoe6sAqEgJIZHCAJ1OVX7BHhR4wLjvw2A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769985121555172&output=html&h=200&slotname=7244969317&adk=3892851548&adf=816512716&pi=t.ma~as.7244969317&w=848&fwrn=4&lmt=1684473956&rafmt=11&format=848x200&url=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684473956020&bpp=1&bdt=335&idt=313&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=263x600&correlator=5671118038179&frm=20&pv=1&ga_vid=1062980496.1684473956&ga_sid=1684473956&ga_hid=1660820557&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=523&ady=728&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31074602%2C31074718%2C44772269%2C44785292%2C44788441%2C44792089&oid=2&pvsid=279692053522632&tmod=18473906&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ouqcxlh3eh&p=https%3A//tinhlinh.com&dtd=316
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 19 May 2023 05:25:57 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 245A
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELnZTI6nELt-ur4yKacMPi8&google_cver=1&google_push=ATf1kGOZkg9iX3suinjRvENR5BSxYPS2BMbLTDImPMT3WA_NC0JkjZF2ySi4V6ESmV_Gd6uacOFDTRO8IxGoDG-_hVS0...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELnZTI6nELt-ur4yKacMPi8&google_cver=1&google_push=ATf1kGOZkg9iX3suinjRvENR5BSxYPS2BMbLTDImPMT3WA_NC0JkjZF2ySi4V6ESmV_Gd6uacOFDTRO8IxGoDG...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOZkg9iX3suinjRvENR5BSxYPS2BMbLTDImPMT3WA_NC0JkjZF2ySi4V6ESmV_Gd6uacOFDTRO8IxGoDG-_hVS0hljHw22xVA&google_hm=gHK5iWCoR3uX8mfHvvJDcg==

170 B
232 B

102ms
48ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOZkg9iX3suinjRvENR5BSxYPS2BMbLTDImPMT3WA_NC0JkjZF2ySi4V6ESmV_Gd6uacOFDTRO8IxGoDG-_hVS0hljHw22xVA&google_hm=gHK5iWCoR3uX8mfHvvJDcg==

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 05:25:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOZkg9iX3suinjRvENR5BSxYPS2BMbLTDImPMT3WA_NC0JkjZF2ySi4V6ESmV_Gd6uacOFDTRO8IxGoDG-_hVS0hljHw22xVA&google_hm=gHK5iWCoR3uX8mfHvvJDcg==
date: Fri, 19 May 2023 05:25:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 245A
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEP-w0qcFpRFPri0xKAMfnKY&google_cver=1&google_push=ATf1kGOn00HryTWuat4iJnWvClzV7PAm7i44gmdsp5E2k5tDQN8TPGGpImI7BNFpHF064GsCyoGC6NSyOebxOjXO2B7LR01...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOn00HryTWuat4iJnWvClzV7PAm7i44gmdsp5E2k5tDQN8TPGGpImI7BNFpHF064GsCyoGC6NSyOebxOjXO2B7LR01gf2tFIA&google_hm=eS1PNGlXdVp0RTJwRjJZ...

170 B
232 B

49ms
49ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOn00HryTWuat4iJnWvClzV7PAm7i44gmdsp5E2k5tDQN8TPGGpImI7BNFpHF064GsCyoGC6NSyOebxOjXO2B7LR01gf2tFIA&google_hm=eS1PNGlXdVp0RTJwRjJZd2tQRFRvSlBoOTd6d204bHdkc35B

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 05:25:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 19 May 2023 05:25:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOn00HryTWuat4iJnWvClzV7PAm7i44gmdsp5E2k5tDQN8TPGGpImI7BNFpHF064GsCyoGC6NSyOebxOjXO2B7LR01gf2tFIA&google_hm=eS1PNGlXdVp0RTJwRjJZd2tQRFRvSlBoOTd6d204bHdkc35B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 245A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIx0SChkVzRjZYRUAMzjKos&google_cver=1&google_push=ATf1kGNgn4nU71OxevDh2xxGbiYVQ9Hi7yZ2uzO9YRVteyj4aKzxEHXTeGHRCJAryP-6MR3hRec4DkMh...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIx0SChkVzRjZYRUAMzjKos&google_cver=1&google_push=ATf1kGNgn4nU71OxevDh2xxGbiYVQ9Hi7yZ2uzO9YRVteyj4aKzxEHXTeGHRCJAryP-6MR3hRec...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE4MzY4NTMyMTI3NTA4NTMyMA&google_push=ATf1kGNgn4nU71OxevDh2xxGbiYVQ9Hi7yZ2uzO9YRVteyj4aKzxEHXTeGHRCJAryP-6MR3hRec4Dk...

170 B
232 B

49ms
49ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE4MzY4NTMyMTI3NTA4NTMyMA&google_push=ATf1kGNgn4nU71OxevDh2xxGbiYVQ9Hi7yZ2uzO9YRVteyj4aKzxEHXTeGHRCJAryP-6MR3hRec4DkMhV9CSzioYZa81jaCtG67xeQ

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 05:25:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 May 2023 05:25:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE4MzY4NTMyMTI3NTA4NTMyMA&google_push=ATf1kGNgn4nU71OxevDh2xxGbiYVQ9Hi7yZ2uzO9YRVteyj4aKzxEHXTeGHRCJAryP-6MR3hRec4DkMhV9CSzioYZa81jaCtG67xeQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 245A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKfNpaPO5lEHKde2Rqy3_OY&google_cver=1&google_push=ATf1kGMoGO-4cfH4VuYmfk6csXCB_78Axq27wKXGXhLpGeAyhRpJiFaIdxBbqxShedusTWAyOsF...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhVNEFWVzAtSi1GVEYw&google_push=ATf1kGMoGO-4cfH4VuYmfk6csXCB_78Axq27wKXGXhLpGeAyhRpJiFaIdxBbqxShedusTWAyOsFhm9GSjLF8MwJHv7hedKHEMW53HA

170 B
232 B

87ms
49ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhVNEFWVzAtSi1GVEYw&google_push=ATf1kGMoGO-4cfH4VuYmfk6csXCB_78Axq27wKXGXhLpGeAyhRpJiFaIdxBbqxShedusTWAyOsFhm9GSjLF8MwJHv7hedKHEMW53HA

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 05:25:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhVNEFWVzAtSi1GVEYw&google_push=ATf1kGMoGO-4cfH4VuYmfk6csXCB_78Axq27wKXGXhLpGeAyhRpJiFaIdxBbqxShedusTWAyOsFhm9GSjLF8MwJHv7hedKHEMW53HA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 245A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENFUb_xj73TapftiLXflyoM&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENFUb_xj73TapftiLXflyoM&google_push=AT...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENFUb_xj73TapftiLXflyoM&google_hm=ZGcIZSVDIgc1s_O7imntVwAACJwAAAIB&google_nid=index&google_push=ATf1kGPo6OD2Zp7NetY3MGsUzkCq1ch4sbo9a...

170 B
232 B

70ms
49ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENFUb_xj73TapftiLXflyoM&google_hm=ZGcIZSVDIgc1s_O7imntVwAACJwAAAIB&google_nid=index&google_push=ATf1kGPo6OD2Zp7NetY3MGsUzkCq1ch4sbo9asrKomy9md2FjX4mVA3JJvNqFePlzGvtItLZsneX-U_qN6yD74lCIJS0KrfLzfkrbg

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 05:25:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 19 May 2023 05:25:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENFUb_xj73TapftiLXflyoM&google_hm=ZGcIZSVDIgc1s_O7imntVwAACJwAAAIB&google_nid=index&google_push=ATf1kGPo6OD2Zp7NetY3MGsUzkCq1ch4sbo9asrKomy9md2FjX4mVA3JJvNqFePlzGvtItLZsneX-U_qN6yD74lCIJS0KrfLzfkrbg
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 245A 0
130 B 150ms
45ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L62Mh-TMXPkXdV5O8E3QIfitgce1i-q3Xd6OrxhokrBLEejdhGPgpPVnbu6bYoK6B462aI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:57 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ Frame F7FB 37 KB
37 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:regular,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 09:38:02 GMT
x-content-type-options: nosniff
age: 503275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 09:38:02 GMT

GET
H3 200 b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js Show response
pagead2.googlesyndication.com/bg/ Frame F7FB 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 16:43:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 218544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14738
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 16:43:33 GMT

GET
H3 200 logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/993174632274146617/ Frame F7FB 2 KB
994 B 38ms
37ms Image
image/svg+xml 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/993174632274146617/logo.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72e0aa15abeec3840134d1e2d955fa9b45d7a5098f25eeadc2028269a53e09e4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 May 2023 23:20:09 GMT
age: 453948
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 964
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 06:42:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 May 2024 23:20:09 GMT

GET
H3 200 bg_300x600.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/993174632274146617/ Frame F7FB 27 KB
27 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/993174632274146617/bg_300x600.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e4e4e81fd56302995e9507b1888b7131ba9461f30f2ae32744d96bd48a26832

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 17 May 2023 22:16:26 GMT
x-content-type-options: nosniff
age: 112171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27935
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 06:42:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 16 May 2024 22:16:26 GMT

GET
DATA 200
OK truncated
/ Frame F7FB 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 bg_300x600.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/993174632274146617/ Frame F7FB 27 KB
27 KB 36ms
35ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/993174632274146617/bg_300x600.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e4e4e81fd56302995e9507b1888b7131ba9461f30f2ae32744d96bd48a26832

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 17 May 2023 22:16:26 GMT
x-content-type-options: nosniff
age: 112171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27935
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 06:42:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 16 May 2024 22:16:26 GMT

GET
H3 200 logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/993174632274146617/ Frame F7FB 2 KB
994 B 37ms
36ms Image
image/svg+xml 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/993174632274146617/logo.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72e0aa15abeec3840134d1e2d955fa9b45d7a5098f25eeadc2028269a53e09e4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 May 2023 23:20:09 GMT
age: 453948
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 964
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 06:42:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 May 2024 23:20:09 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 5552 20 KB
20 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:40:42 GMT
x-content-type-options: nosniff
age: 477916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 16:40:42 GMT

GET
H2 200 400x300.jpg
imgyn.imageshh.com/ 16 KB
0 2705ms
1240ms Image
image/jpeg 27.124.40.253

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgyn.imageshh.com/400x300.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

27.124.40.253 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:27:36 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 18 May 2023 16:27:36 GMT
server: nginx
etag: "1684427256"
x-cache: HIT, policy, memory
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 88282
expires: Sat, 17 Jun 2023 16:27:36 GMT

GET
H2 200 728-90.gif
pic.picnewss.com/vn-tu/ 20 KB
0 2525ms
1253ms Image
image/gif 27.124.34.13
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.picnewss.com/vn-tu/728-90.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

27.124.34.13 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 20:57:55 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 18 May 2023 20:58:20 GMT
server: nginx
etag: "1684443500"
x-cache: HIT, policy, disk
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 79408
expires: Sat, 17 Jun 2023 20:57:55 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 55ms
55ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230515&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a096172b4d95a5e8c09b0e90cd3a3a5602cc84fb874d54b92fcfd5f94b4d7eef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11149
x-xss-protection: 0

GET
H3 200 b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js Show response
pagead2.googlesyndication.com/bg/ Frame FED1 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 16:43:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 218545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14738
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 16:43:33 GMT

POST
H3 204 rum Show response
tinhlinh.com/cdn-cgi/ 0
139 B 9ms
9ms XHR
text/plain 2606:4700:3031::ac43:d050
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tinhlinh.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:d050 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

date: Fri, 19 May 2023 05:25:58 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://tinhlinh.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7c99ec1fddd5920b-FRA

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 May 2023 05:25:58 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5F4E 13 KB
5 KB 39ms
36ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tinhlinh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 18:05:24 GMT
expires: Fri, 17 May 2024 18:05:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 660D 783 B
534 B 50ms
49ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bff8e7201ed2129b084faaac0512f3cec5473305c1e6ec02f755bcef9eeea49a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bKbVE61I-GnpmDd78lO9mQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tinhlinh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-bKbVE61I-GnpmDd78lO9mQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 05:25:58 GMT
expires: Fri, 19 May 2023 05:25:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 660D 0
0 72ms
72ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230515&jk=279692053522632&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame 5F4E 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 13:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 May 2024 13:20:23 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5F4E 0
10 B 35ms
35ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OTW8OA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:25:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 74ms
74ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230515&jk=279692053522632&bg=!4uGl4bXNAAYldGN0BXQ7ADkAdvg8WksG89pdGn2frGynwu4jUIayI00ehKBpAX56bE_0alL6N1ObSxvU-ig9EaIVaEw7EDmUN0ICAAAAaFIAAAADaAEHCgDL6UtVC93D37yLkpjmkGE5mWPcZsNgBzJSOEw_zsRbnr86ZEQrSu7WklxJFjJQRzROQfWUTCCfk3lbHMHtsnN_nnX05O1ME9b2eulSwmAmSbKRiNHh_oem4lc_NuZOILtmjYyX18dR3Nkg6H6XvIrG9XI7RO9YplRFlQFNbOK7_pYt0sHPynU098opbGXPWUw6axj-Pvvjn9pVG1yXKdGCufMTIgCU4agGhg6qub0VcP1QuBdGELeAjbjL-fzw1-bCNHqAqlJhAJlQylWZAq1EYsc688CJncdb5Jqy0cqH7aEi95yX4lZ93mHxOyRZfmHvik84QMnaE1DBb4EHvtOvmCmSLvuLB4C47-hZpyLPolbvvR9SkYYyOqVw16f0zi0dAjwqk8cQW0Q3AprsZzFFQGDsHMq_h6Rsh-VNym2pf4BTRTogpoM8l-hHaRPaxrloygmFyUpdLN-GBZSPoBPnZmoKiomfbVbRSpZ9u6PYD_K35GUB_-T3lnqy1KpJTZdrbfmLhum8WeSksBiBbEKW0TtFTVIIgf_FGqEhJoN-vSAzlzrJyZUzFKf_6DevA_iz_kmLPhLWvEpv3Dy1o7S2kHqkO_-ussiMI0aGSR4h3KFwWKIMAZfzmppx5CXDJv7zm4EAD3TTkvQB7LsQN1JDmktmPoZ9NYemMFJDALu9KBQPQ81y7Kd-fLzof0I9QzewIYyumQ2bqMmaDwKVJQZO20b82yvk3g4SvUwCHsExlBjcsaODsFzWGuq6GopnA6alEan6-FVydPsMGxRniG1T9mDBnr1Ebxe8K7njE-TwQGxqqDxmUpqBforoG8tm22C8VUSt_5mqxHrpy8oKuoujRek6qLtDyb6FAEsXIVTZXkUTBfBGfzIvAqmgLeQbaTV9dbyx_iFbAOCGTPuRpzw1NBKMpbOhCIex-l6XslA744xvys4FJ0tF36Ajd0x1Hdh6jkkKvJj7xBonOuAI0U8p_f7MoVi3vVUl9ht45Y20yINq9MKjKIU6Ef7X2p3KGHTYUo3Dj6kP8imbF6lN55gnvSsNxXaApiiQrFfaboVUcMpC8Mny6HxYe8ced0ErIz3Zvyzcf8sLcJQGqiOJt2yfuARt1G3mqYnPKVW4jzEZGaWDn_OxwAHZBpv7SrMhaVwjYt_5zxbuFpGB5s3pPlygZL-QaGDWbVnNL-CO
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinhlinh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0AE7 42 B
64 B 80ms
80ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYpS62bYxWtyHN2LZGVRV_mhJk28DZ7X6gTBAP9KA5FukVQ6WIi_p9nK7cKpLL1NMnKioJ_4IJSRuXQuBroZr-F32ZLEqHC6_zMSsD1MFjIVcIWFuNRj--OYPPDFcDEcJ9UCM0Iw&sai=AMfl-YQyZ937LlP0wG-bWCmiB970GdoYmcVWA0B2B4PRzUXXVsenXuhWoTFq1yrYfRqH2ch7xq4TSvmVLJacGVwYhrmrEMz6ob1uDA0&sig=Cg0ArKJSzKgWJS7Et_yfEAE&cid=CAQSKQBygQiDW1LKUEHYstv7VIbRwrdDXvQZ0Bmps-eugwp-IJ48vV_qwVKoGAE&id=lidar2&mcvt=1000&p=0,1,526,264&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3634746047&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684473957093&rpt=1217&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 05:25:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5552 42 B
64 B 79ms
79ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSBQYo5IVfDjEmk_fBDWq_0lkBgpvb73a1dLpdH15UgVTocfUckldi0CHSYPK5w4JBrXKWQJlbLhwwPTTj_zkyraR6LNgLy3i4CuXJQjRJPc488CDxJ3p-PHRiskHTkaE25aEL6A&sai=AMfl-YTAqJ6FiE_senVuTwhTpviBnKrn_85NqrxFDfPphjrSA5-qqAnrKAopwaEkVczI5fszNwLmxpdwckZ0I173QaSpCW5LJ4ufKwA&sig=Cg0ArKJSzOE9R4BhQRR9EAE&cid=CAQSKQBygQiDg5xXi-wu9juI9g3BbNsMgpLMIGbEEtoCWMGUZX9A9n42kQPeGAE&id=lidar2&mcvt=1000&p=0,0,200,848&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3892851548&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684473956337&rpt=2016&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 05:25:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tinhlinh.com/	1970-01-20 12:37:45	Name: _pbjs_userid_consent_data Value: 3524755945110770
.tinhlinh.com/	1970-01-20 14:04:09	Name: _gcl_au Value: 1.1.927331246.1684473956
.tinhlinh.com/	1970-01-20 21:30:33	Name: _ga_29B61D3TRR Value: GS1.1.1684473956.1.0.1684473956.0.0.0
.tinhlinh.com/	1970-01-20 21:30:33	Name: _ga Value: GA1.2.1062980496.1684473956
.tinhlinh.com/	1970-01-20 11:56:00	Name: _gid Value: GA1.2.594063070.1684473956
.tinhlinh.com/	1970-01-20 11:54:34	Name: _gat_gtag_UA_152638533_1 Value: 1
.tinhlinh.com/	1970-01-20 21:16:09	Name: __gads Value: ID=c9860b3283d3a0c6-22f91e6bdadd0065:T=1684473956:RT=1684473956:S=ALNI_Ma7ib_0hQt9PeGZwzJcOz02DNV3jw
.tinhlinh.com/	1970-01-20 21:16:09	Name: __gpi Value: UID=00000c186485f912:T=1684473956:RT=1684473956:S=ALNI_MaZf_Y7_lPnjnux4SqvVzJhWNOY8A
.run-syndicate.com/	1970-01-20 16:19:31	Name: ts_uid Value: 1d276c31-d0fb-4be1-95b5-da05f32fea36
.run-syndicate.com/	1970-01-20 11:56:00	Name: bfq Value: APeIECNCx5YZMmTkwDHDRhcWIsYU3BLjoYgyE2PYwEGjhg0YMzx26aMg
tinhlinh.com/	1969-12-31 23:59:59	Name: AdskeeperStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1391118%22%3A%7B%22page%22%3A1%2C%22time%22%3A1684473956816%7D%2C%22C1391649%22%3A%7B%22page%22%3A1%2C%22time%22%3A1684473956716%7D%7D
.doubleclick.net/	1970-01-20 21:16:09	Name: IDE Value: AHWqTUlSsRgJoRlZxw449u0o4gKe1TLNduwh_VV_ViJEQNyrakmUGVmfQ5f7fKXBsf0
.bidswitch.net/	1970-01-20 20:40:09	Name: tuuid Value: 8072b989-60a8-477b-97f2-67c7bef24372
.bidswitch.net/	1970-01-20 20:40:09	Name: c Value: 1684473957
.bidswitch.net/	1970-01-20 20:40:09	Name: tuuid_lu Value: 1684473957
.bidswitch.net/	1970-01-20 11:54:34	Name: google_push Value: ATf1kGOZkg9iX3suinjRvENR5BSxYPS2BMbLTDImPMT3WA_NC0JkjZF2ySi4V6ESmV_Gd6uacOFDTRO8IxGoDG-_hVS0hljHw22xVA
.mathtag.com/	1970-01-20 21:20:29	Name: uuid Value: 83566467-0865-4500-8f55-87d28534f59e
.mathtag.com/	1970-01-20 12:37:45	Name: mt_mop Value: 4:1684473957
.casalemedia.com/	1970-01-20 20:40:09	Name: CMID Value: ZGcIZSVDIgc1s-O7imntVwAA
.casalemedia.com/	1970-01-20 14:04:09	Name: CMPS Value: 2204
.casalemedia.com/	1970-01-20 14:04:09	Name: CMPRO Value: 2204
.doubleclick.net/	1970-01-20 11:54:37	Name: DSID Value: NO_DATA
.adform.net/	1970-01-20 12:39:12	Name: C Value: 1
.yahoo.com/	1970-01-20 20:40:31	Name: A3 Value: d=AQABBGUIZ2QCEPj5jEKoFiIL02-LaDkQilUFEgEBAQFZaGRwZAAAAAAA_eMAAA&S=AQAAAjlCq5N2ZcJ6jjz2P4aT56Y
.adform.net/	1970-01-20 13:20:57	Name: uid Value: 8183685321275085320

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769985121555172&output=html&h=600&slotname=4871745977&adk=3634746047&adf=4055985674&pi=t.ma~as.4871745977&w=263&fwrn=4&fwrnh=100&lmt=1684473956&rafmt=1&format=263x600&url=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684473956014&bpp=6&bdt=329&idt=275&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&correlator=5671118038179&frm=20&pv=2&ga_vid=1062980496.1684473956&ga_sid=1684473956&ga_hid=1660820557&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=479&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31074602%2C31074718%2C44772269%2C44785292%2C44788441%2C44792089&oid=2&pvsid=279692053522632&tmod=18473906&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xxYP0kVxeE&p=https%3A//tinhlinh.com&dtd=292 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/993174632274146617/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769985121555172&output=html&h=600&slotname=4871745977&adk=3634746047&adf=4055985674&pi=t.ma~as.4871745977&w=263&fwrn=4&fwrnh=100&lmt=1684473956&rafmt=1&format=263x600&url=https%3A%2F%2Ftinhlinh.com%2Ftruyen%2Fkhon-ninh%2Fchuong-168%2F6b373538343338&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684473956014&bpp=6&bdt=329&idt=275&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&correlator=5671118038179&frm=20&pv=2&ga_vid=1062980496.1684473956&ga_sid=1684473956&ga_hid=1660820557&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=479&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31074602%2C31074718%2C44772269%2C44785292%2C44788441%2C44792089&oid=2&pvsid=279692053522632&tmod=18473906&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xxYP0kVxeE&p=https%3A//tinhlinh.com&dtd=292 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/993174632274146617/index.html".
security	warning	URL: https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338 Message: Mixed Content: The page at 'https://tinhlinh.com/truyen/khon-ninh/chuong-168/6b373538343338' was loaded over HTTPS, but requested an insecure element 'http://imgyn.imageshh.com/400x300.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
adservice.google.com
adservice.google.de
c.adskeeper.com
c1.adform.net
cdn.adskeeper.co.uk
cdn.adtrue.com
cdn.runative-syndicate.com
cl.imghosts.com
cm.adskeeper.com
cm.g.doubleclick.net
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
exchange.adtrue.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.dmca.com
imgyn.imageshh.com
jsc.adskeeper.com
lcdn.tsyndicate.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pic.picnewss.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pxl.tsyndicate.com
region1.google-analytics.com
run-syndicate.com
s-img.adskeeper.com
s0.2mdn.net
servicer.adskeeper.com
ssum-sec.casalemedia.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.mathtag.com
tinhlinh.com
tpc.googlesyndication.com
track.adtrue.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
136.243.83.47
151.139.128.10
172.217.23.98
185.29.134.244
185.80.39.216
2001:4860:4802:34::36
23.35.236.201
2606:4700:3031::ac43:d050
2606:4700:3037::ac43:bec0
2606:4700::6810:3965
2606:4700::6812:82e
2606:4700::6812:a14
2606:4700::6812:d2d
27.124.34.13
27.124.40.253
2a00:1450:4001:800::2002
2a00:1450:4001:801::200e
2a00:1450:4001:803::200e
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:830::2001
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c09::9d
2a05:d018:d29:3605:5a44:5959:c4a0:ed6b
3.77.69.115
35.71.131.137
37.157.6.237
67.26.111.249
69.173.144.165
78.46.97.249
8.248.93.249
01a3658e7676f1c3d4dd6c862015edc8636759c0b2f72796c9aa30cd3db3263a
09f785fefc92bbbc833a3484a71ad55a38e571498500bd3f98d6484bda9f48af
0afb95317a1257d2ccd3124932cde42a9ca7ae9335d8ca36586db7a4fac2ad2d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
16d96cce1d3c59eb5e029ee729faa61c17e82026b3679f35ca3ea13508b2bbd3
18024c3dc8de504704c17afc7232a1b14245e3e32ea3575f8070deeaf8503ba1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a66354a3cd909649eba72e448e9b11866047168fd214f50f2f030168905a9f0
1e4e4e81fd56302995e9507b1888b7131ba9461f30f2ae32744d96bd48a26832
1f735ac8cab44c2a41e690db5789dfdcee90528ce487d8e2b7a00391c22688b1
24c6b71c2c83664639c52d975c111afda22df32d4b81b98829a9a9237bd8581d
24e887fa84524183aa607176ff002389a7cc73c773f4e4c7e8c99dc166d18875
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bd56c1d1075f71d84cd684a8293aa4d482307415d77b74005d4c8101f3f47b2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3a1a6764b52537878a97e349438b16125f213c10707d6e7823ff1c05a77c5ee5
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
40f13cbf08094b6768124272e918ba6a111fee3e6686f6a5c351133ca13a5be9
420fefad3bf6dfe443c90d6402f13a8f138cdfef67e0973e9553c576011bdb8b
4290c1643634cc97238d6e8725eb23c6c7cb9db324a3e4b91eec0538c29d12f7
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
45ec09974d948120c9f97cbedd141f4fa8df876bd2206f0c41133ae3a13fdf13
45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc
46584e57444a113659d2328765f98ba285c9b169e63fd9e74ee8960a447493db
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
48eaccbc19283c6ceca0001c8aeb45e2338957b217228f41a811b782d37bf43c
4f780c1c8bc912492a36c1e107a094768ed1fd2c256be4849386893733bcbc3c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ebb17b677b918c4153233c0e8a5f52882642fba0625aacc80477c2891e21914
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5ff3bdd90149c1c708fe3438b3500125256c27111477426eba2abbd6387bac75
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
610d1ecc8f70593f708b86befebeeae894c97d8d92464c8b01c137fd9ed6badc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63aa0ad4540bd47d0549899212b27ea59ae3d90787caf1d8a13474b63ba718ec
6719f77c861e73f57100b8ddb0956c78c1b70075f101332cc2d94d05de84ad85
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dd5ecadccee176ede6978c7d9022c2517789e88051b9aeb13c06bdc1bc6bd48
6e72d552bdf4f550c155dd4a138b3f45bc697e869fecd822fdfc1c95ad814f64
6f222d7e0ed193ff2a8a1839449adeed78bca16166aa6b7cd24d26bc25302d53
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
72e0aa15abeec3840134d1e2d955fa9b45d7a5098f25eeadc2028269a53e09e4
74afa359b8556b0a3ad19d1432663549c3b6d7ed8a79aa3cdccc892820f0df68
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
77465ffd0adb5aae850c69b61a99dd2b77177e5b2d18ffe3e8794aa0b5a710f5
7cdf2f8efa3230582dd2a8195c050c3ebdb45500477263c605ffd4cfc00b9ef8
8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499
825d5cd71dbdd99c5c8181e2e88e24573f837019cc0b15a6a15fa98bdffc506e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de
8c7a12d8e7d177f90be724413a1e459b635e25879b1267acb3717fd2b0db5b8c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e2e550c0558fbe7bb0092334c115e5dcfc2688230c43ce57ff6ad848e06887a
99fb608d2a1518e7f97fb29af98274e8778ed73f18cb8dca72f1e3f750a11295
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a096172b4d95a5e8c09b0e90cd3a3a5602cc84fb874d54b92fcfd5f94b4d7eef
a0fccf9a7109e2472b8e55abc1757cf33d10c3a49672245ac1103a2f341079cf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b27785e2a9c00f116d653c7dfc36f32c86b0f7bbce5eec0d9ee615cd0b5c73c5
b28e784b1bf9f2843e77a7d4bf54c7990573df6086e36c82158782a6ee2def41
b4fb26d94caab7172fc868e52588e624c64bd6cbe7880faa0be8e2332681fb2f
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bb9aa6a07648ccad86c8ccca7360482eb599d071adb3c90f1c1b38df00296dd6
bbe97a15cd09e73dcf5bbb0325f99a0a6bf5c204536afc8bf208db765a7d0466
bff8e7201ed2129b084faaac0512f3cec5473305c1e6ec02f755bcef9eeea49a
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c52b9a30cb5d84dcfb2a4f9967f37abd86c3e709554ed4f168a03222e033bb93
c9d0a8aa5a826148fd13173ce8806eea832673ab5a2c487bc03860ddd6b2485e
cf04f997802e3be6c3ce23cab7a5f70ee00403b418c435fe1333615752d51df0
d0bd5ae790ad6ad2ee071f10a3e5490c8e708d80a643adf1389ccc2a8298ff4e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def60bb29a8279216612117b4f13094c5f2d44f7bc9a8390824209a64dcb3d8e
e13d8fea7d93316cab725dee5e005995595797b3c48cf0e88d01c70a295c47cc
e2fda30b4e941c0aa0a0f50e67e7d717ec4672582ca4dd3dd2b645a6ef3c4d4b
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4ab47d9e7e3932f7cf71b3807798b82c5a902b5c2bf934d95969b0796d746bb
f4e125313753d65db851e4b47334123f4f71ac3ee6e28f3c87ee5264a874da78
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff4dbefe0dbb9399abab5b412012d88ea843450c72d40ab5f4d58dc29cbe2144

tinhlinh.com Open in urlscan Pro 2606:4700:3031::ac43:d050 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

132 Requests

91 %HTTPS

62 %IPv6

31 Domains

47 Subdomains

34 IPs

8 Countries

2514 kBTransfer

5646 kBSize

25 Cookies

4 Outgoing links

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tinhlinh.com Open in urlscan Pro
2606:4700:3031::ac43:d050 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

91 %
HTTPS

62 %
IPv6

31
Domains

47
Subdomains

34
IPs

8
Countries

2514 kB
Transfer

5646 kB
Size

25
Cookies

132 HTTP transactions
3 data transactions