urlscan.io logo urlscan.io
SecurityTrails logo

www.ntdvn.com Open in urlscan Pro
2606:4700:3031::6815:1b05  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tnews.to/tin-the-gioi
Effective URL: https://www.ntdvn.com/
Submission: On August 18 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 36 IPs in 6 countries across 28 domains to perform 256 HTTP transactions. The main IP is 2606:4700:3031::6815:1b05, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ntdvn.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 31st 2021. Valid for: a year.
This is the only time www.ntdvn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
132 2606:4700:303... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:1901:0:7... 15169 (GOOGLE)
13 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2620:116:800d... 16509 (AMAZON-02)
1 1 99.80.199.35 16509 (AMAZON-02)
11 142.250.185.66 15169 (GOOGLE)
1 34.98.67.61 15169 (GOOGLE)
3 3 35.186.253.211 15169 (GOOGLE)
2 2 79.137.68.187 16276 (OVH)
3 185.29.132.246 30419 (MEDIAMATH...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 3 104.111.239.217 16625 (AKAMAI-AS)
2 2 142.250.185.230 15169 (GOOGLE)
1 148.251.139.77 24940 (HETZNER-AS)
1 138.201.84.244 24940 (HETZNER-AS)
12 34.243.93.43 16509 (AMAZON-02)
1 2.18.233.201 16625 (AKAMAI-AS)
1 5 138.201.63.116 24940 (HETZNER-AS)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2 35.244.174.68 15169 (GOOGLE)
2 2 185.64.189.115 62713 (AS-PUBMATIC)
1 1 69.173.144.165 26667 (RUBICONPR...)
2 88.99.65.215 24940 (HETZNER-AS)
256 36
1    2606:4700:3034::ac43:c7b9 (United States)

ASN13335 (CLOUDFLARENET, US)
tnews.to
132    2606:4700:3031::6815:1b05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.ntdvn.com
static.ntdvn.com
img.ntdvn.com
9    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
12    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
4    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2606:4700:3033::ac43:8bce (United States)

ASN13335 (CLOUDFLARENET, US)
static.ntdvn.com
8    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
15    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
13    2606:4700:3039::6815:c052 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
2    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    99.80.199.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-199-35.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
11    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    79.137.68.187 (France)

ASN16276 (OVH, FR)
PTR: gcm9.host.hit.gemius.pl
googlecm.hit.gemius.pl
3    185.29.132.246 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
1    2606:4700:3032::ac43:aa7a (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
3    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
2    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
ad.doubleclick.net
1    148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de
banner.congstar.de
1    138.201.84.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de
hal9000.redintelligence.net
12    34.243.93.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
s.update.mediamathtag.com
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
5    138.201.63.116 (Lingenfeld, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de
hal90004.redintelligence.net
3    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    88.99.65.215 (Germany)

ASN24940 (HETZNER-AS, DE)
cdn.contentspread.net
Apex Domain
Subdomains		 Transfer
134 ntdvn.com
www.ntdvn.com
static.ntdvn.com
img.ntdvn.com
2 MB
26 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
static.doubleclick.net
cm.g.doubleclick.net
ad.doubleclick.net
55 KB
24 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
338 KB
13 ad4m.at
ad4m.at
as.ad4m.at
assets.ad4m.at
307 KB
12 mediamathtag.com
s.update.mediamathtag.com
49 KB
8 youtube.com
www.youtube.com
636 KB
7 google.com
adservice.google.com
www.google.com
1 KB
6 redintelligence.net
hal9000.redintelligence.net
hal90004.redintelligence.net
9 KB
4 mathtag.com
tags.mathtag.com
pixel.mathtag.com
3 KB
4 gstatic.com
fonts.gstatic.com
77 KB
4 googletagservices.com
www.googletagservices.com
140 KB
3 awin1.com
www.awin1.com
2 KB
3 openx.net
rtb.openx.net
996 B
3 google.de
adservice.google.de
1 KB
2 contentspread.net
cdn.contentspread.net
25 KB
2 pubmatic.com
image6.pubmatic.com
1 KB
2 rlcdn.com
id.rlcdn.com
891 B
2 gemius.pl
googlecm.hit.gemius.pl
550 B
2 quantserve.com
cms.quantserve.com
798 B
2 ad4mat.net
prod-rtb.ad4mat.net
static-de.ad4mat.net
4 KB
2 google-analytics.com
www.google-analytics.com
19 KB
1 rubiconproject.com
pixel.rubiconproject.com
460 B
1 googleapis.com
fonts.googleapis.com
594 B
1 congstar.de
banner.congstar.de
518 B
1 mookie1.com
odr.mookie1.com
324 B
1 everesttech.net
pixel.everesttech.net
376 B
1 googleadservices.com
partner.googleadservices.com
655 B
1 tnews.to
tnews.to
904 B
256 28
Domain Requested by
108 img.ntdvn.com www.ntdvn.com
19 static.ntdvn.com www.ntdvn.com
static.ntdvn.com
15 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
12 s.update.mediamathtag.com tags.mathtag.com
s.update.mediamathtag.com
11 cm.g.doubleclick.net www.ntdvn.com
googleads.g.doubleclick.net
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.youtube.com
googleads.g.doubleclick.net
9 pagead2.googlesyndication.com www.ntdvn.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
8 www.youtube.com www.ntdvn.com
www.youtube.com
7 www.ntdvn.com www.ntdvn.com
6 assets.ad4m.at as.ad4m.at
5 hal90004.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal90004.redintelligence.net
5 ad4m.at googleads.g.doubleclick.net
ad4m.at
4 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
4 fonts.gstatic.com www.youtube.com
fonts.googleapis.com
4 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 www.awin1.com 1 redirects as.ad4m.at
3 tags.mathtag.com googleads.g.doubleclick.net
tags.mathtag.com
3 rtb.openx.net 3 redirects
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
2 cdn.contentspread.net hal90004.redintelligence.net
2 image6.pubmatic.com 2 redirects
2 id.rlcdn.com 2 redirects
2 ad.doubleclick.net 2 redirects
2 as.ad4m.at ad4m.at
as.ad4m.at
2 googlecm.hit.gemius.pl 2 redirects
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 www.google-analytics.com www.ntdvn.com
www.google-analytics.com
1 pixel.rubiconproject.com 1 redirects
1 fonts.googleapis.com tpc.googlesyndication.com
1 pixel.mathtag.com tags.mathtag.com
1 hal9000.redintelligence.net www.ntdvn.com
1 banner.congstar.de as.ad4m.at
1 static-de.ad4mat.net ad4m.at
1 odr.mookie1.com googleads.g.doubleclick.net
1 pixel.everesttech.net 1 redirects
1 prod-rtb.ad4mat.net googleads.g.doubleclick.net
1 static.doubleclick.net www.youtube.com
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 tnews.to 1 redirects
256 41
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-31 -
2022-07-30		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.ad4mat.net
AlphaSSL CA - SHA256 - G2		 2019-08-06 -
2021-09-08		 2 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2022-04-22		 2 years crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
*.congstar.de
TeleSec ServerPass Class 2 CA		 2021-05-18 -
2022-05-23		 a year crt.sh
redintelligence.net
R3		 2021-06-21 -
2021-09-19		 3 months crt.sh
update.mediamathtag.com
R3		 2021-06-28 -
2021-09-26		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-07-26 -
2021-10-18		 3 months crt.sh
contentspread.net
R3		 2021-08-03 -
2021-11-01		 3 months crt.sh

This page contains 18 frames:

Primary Page: https://www.ntdvn.com/
Frame ID: 3337C2B8F5FF963C8723FBC77679594C
Requests: 151 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html
Frame ID: 5D7C943DEF8F395529CDA45875F2D619
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&adk=1812271804&adf=3025194257&lmt=1629307174&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.ntdvn.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308976427&bpp=10&bdt=108&idt=160&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=529550808947&frm=20&pv=2&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=197
Frame ID: 907608026C4D33BCC02689A480E4258A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=1115549311&adk=2052768845&adf=854766408&pi=t.ma~as.1115549311&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308976878&bpp=26&bdt=559&idt=26&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7jQPvRl46h&p=https%3A//www.ntdvn.com&dtd=32
Frame ID: 4BD05C3410D93C05833F83177B51CAEC
Requests: 25 HTTP requests in this frame

Frame: https://www.youtube.com/embed/oN1euF-DvBQ
Frame ID: 53F1AC68C75EEA8B03CD74B0705FA724
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=9873621138&adk=2281485201&adf=3067511433&pi=t.ma~as.9873621138&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977040&bpp=35&bdt=720&idt=35&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=y4cE9Wk1Ls&p=https%3A//www.ntdvn.com&dtd=171
Frame ID: D3DECAF3624BFFC9348D8190BF26BB6A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=2378274494&adk=2079447546&adf=3857485786&pi=t.ma~as.2378274494&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977004&bpp=13&bdt=684&idt=13&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1OqnSWorlA&p=https%3A//www.ntdvn.com&dtd=213
Frame ID: 0311A61A47BA165B16B3B07DFAC64B26
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1hf9qpz6pshhmzkdawh91vbxea3zapmrr156dz9n92sd6w26xa46gsjfvje31f4mxvc58v18c8bwex07pc0tk6jbx05hjmyv1ev7xvnsd9wryky2jms7vyyne79abrhsymff9gqp6ca5d0g35p0wdya5afzfjdwez8zakqs61bsdrdrk9azfef65rhkt7z9rr9hwva6cy9ayhee99ek99vw7z8c5mbr9nsf52pf784dmvwdcsa4xrsasf4e4z5dkma4ct9j0qxtkss8h21c9nm39ghcddwqf0etbk2d4zmt3vvh463f6kada4zvkw244a2aw5ktxh96rgzd9q8g27m1817fj5vkg87npvqaarhyh9d1dpgayfgghvgj50&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%26client%3Dca-pub-2450194731637417%26adurl%3D
Frame ID: D5B7792F1CFE6C8DC7CA80FDD6477306
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5211EB3B1641D6846B8698DE0CE7BC54
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 242477DCCE1A7A0DCB31739E9F60296F
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=&g=ad2df44b07958fec611aba2b30e7b8a0%2F18093339099196989498&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629308977679&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20r36s8n83r9jqqymt1n73s4v344je4d5zjmxx6b8xmvw1cmz3f40zfh498amz7qhjz7w6q1qncwb99q5386phvscnx926ap1842e0pxde1gy8yznm8y5wvv7kmc09cxbh5r5h2ygd280q0spf8mnpvm80f7h1245b586a1e720p2d2emg46638hccqseaf9t9af16thghm2pdd5rkkexcfkcxnkdteb3dd6chkjqx3mwjn527a5bwfxn5r1tkr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%2526client%253Dca-pub-2450194731637417%2526adurl%253D&y=0&z=0
Frame ID: 57B5602B397F53FB49D6E0A92800D51C
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html
Frame ID: 2E92C56A8CCC307F63845584C6816AC2
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 23879D9EDD8FFB23AC447C75FB8C3674
Requests: 2 HTTP requests in this frame

Frame: https://hal90004.redintelligence.net/request_content.php?s=48948700138744800951389011690004&a=53aff7f4
Frame ID: D71C133BB0C0DFA862AFED58FC925533
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 385B4093FCF2C0C1783499DF72434032
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: 2C8B37ADAA291B89B29089C750553037
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 21E6A87F418D8A36C380AC77BE5D59DC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 470AD9F5757B22970B1E3B58FC791CAB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://tnews.to/tin-the-gioi HTTP 307
    https://www.ntdvn.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

256
Requests

99 %
HTTPS

57 %
IPv6

28
Domains

41
Subdomains

36
IPs

6
Countries

4067 kB
Transfer

7556 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tnews.to/tin-the-gioi HTTP 307
    https://www.ntdvn.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 172
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJL86tp7chqkd4khMHquE-ODQjy-EqY65YQFXzbudDfc_pkx9QdMB5eCP3kOPmIBJzHys-TQex2cFLSsTuOjbuJ2qF3oqLh&google_gid=CAESENWIO0w83VpmvUGwBdyz86Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVIxSU1RQUFBSHBHZWlmdg&google_push=AYg5qPJL86tp7chqkd4khMHquE-ODQjy-EqY65YQFXzbudDfc_pkx9QdMB5eCP3kOPmIBJzHys-TQex2cFLSsTuOjbuJ2qF3oqLh
Request Chain 174
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOkSiQIPDNLHNt755uZV1JM&google_cver=1&google_push=AYg5qPK1Z50EdJ8iA-QZUd89X1YJgOFOHNij9Q2LAHSCmyIBAT24a3QHQEhnF_GwY1qmuWPOxzcWWFvJHUCEm_fnvDfbRHQwpX-R HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOkSiQIPDNLHNt755uZV1JM&google_cver=1&google_push=AYg5qPK1Z50EdJ8iA-QZUd89X1YJgOFOHNij9Q2LAHSCmyIBAT24a3QHQEhnF_GwY1qmuWPOxzcWWFvJHUCEm_fnvDfbRHQwpX-R&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK1Z50EdJ8iA-QZUd89X1YJgOFOHNij9Q2LAHSCmyIBAT24a3QHQEhnF_GwY1qmuWPOxzcWWFvJHUCEm_fnvDfbRHQwpX-R&google_hm=rJi2nOj5ypcGNtyQdJf5zA==
Request Chain 175
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf2HDa-SQEwJvySfWqGbFxsYtLnxiqeIxY6Ng-H5f2x-6Lz8grlERrYJylnwyD7po HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf2HDa-SQEwJvySfWqGbFxsYtLnxiqeIxY6Ng-H5f2x-6Lz8grlERrYJylnwyD7po&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf2HDa-SQEwJvySfWqGbFxsYtLnxiqeIxY6Ng-H5f2x-6Lz8grlERrYJylnwyD7po HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf2HDa-SQEwJvySfWqGbFxsYtLnxiqeIxY6Ng-H5f2x-6Lz8grlERrYJylnwyD7po HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf2HDa-SQEwJvySfWqGbFxsYtLnxiqeIxY6Ng-H5f2x-6Lz8grlERrYJylnwyD7po HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf2HDa-SQEwJvySfWqGbFxsYtLnxiqeIxY6Ng-H5f2x-6Lz8grlERrYJylnwyD7po HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf2HDa-SQEwJvySfWqGbFxsYtLnxiqeIxY6Ng-H5f2x-6Lz8grlERrYJylnwyD7po HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf2HDa-SQEwJvySfWqGbFxsYtLnxiqeIxY6Ng-H5f2x-6Lz8grlERrYJylnwyD7po HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf2HDa-SQEwJvySfWqGbFxsYtLnxiqeIxY6Ng-H5f2x-6Lz8grlERrYJylnwyD7po HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf2HDa-SQEwJvySfWqGbFxsYtLnxiqeIxY6Ng-H5f2x-6Lz8grlERrYJylnwyD7po HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf2HDa-SQEwJvySfWqGbFxsYtLnxiqeIxY6Ng-H5f2x-6Lz8grlERrYJylnwyD7po HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf2HDa-SQEwJvySfWqGbFxsYtLnxiqeIxY6Ng-H5f2x-6Lz8grlERrYJylnwyD7po HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf2HDa-SQEwJvySfWqGbFxsYtLnxiqeIxY6Ng-H5f2x-6Lz8grlERrYJylnwyD7po HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf2HDa-SQEwJvySfWqGbFxsYtLnxiqeIxY6Ng-H5f2x-6Lz8grlERrYJylnwyD7po HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf2HDa-SQEwJvySfWqGbFxsYtLnxiqeIxY6Ng-H5f2x-6Lz8grlERrYJylnwyD7po HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf2HDa-SQEwJvySfWqGbFxsYtLnxiqeIxY6Ng-H5f2x-6Lz8grlERrYJylnwyD7po HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf2HDa-SQEwJvySfWqGbFxsYtLnxiqeIxY6Ng-H5f2x-6Lz8grlERrYJylnwyD7po HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf2HDa-SQEwJvySfWqGbFxsYtLnxiqeIxY6Ng-H5f2x-6Lz8grlERrYJylnwyD7po HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf2HDa-SQEwJvySfWqGbFxsYtLnxiqeIxY6Ng-H5f2x-6Lz8grlERrYJylnwyD7po HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf2HDa-SQEwJvySfWqGbFxsYtLnxiqeIxY6Ng-H5f2x-6Lz8grlERrYJylnwyD7po HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf2HDa-SQEwJvySfWqGbFxsYtLnxiqeIxY6Ng-H5f2x-6Lz8grlERrYJylnwyD7po
Request Chain 176
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPcCT46ZDD3YdKfiGeme_Ys&google_cver=1&google_push=AYg5qPIQlRkBe9uBM8gUr3HM0vHYpeMBA6sVRwoPHaP36URdQsz5ZLgOmx84YWWPnRI3ORWB2VunxZXoAcYe1gi_A_QXxbVFNrhuGA HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIQlRkBe9uBM8gUr3HM0vHYpeMBA6sVRwoPHaP36URdQsz5ZLgOmx84YWWPnRI3ORWB2VunxZXoAcYe1gi_A_QXxbVFNrhuGA&google_hm=
Request Chain 199
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CI-X6_aQu_ICFQU14AodCVEOtw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629308978_a82d7a70-004c-11ec-bfe3-692d0dec5663
Request Chain 205
  • https://hal90004.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=86fbe980d7&subid=&uid=38590b8443ee5fa0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3882117385595560503%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddd67611d-4831-4301-8a99-b726e8e6aa4b%26mt_cid%3Ddd67611d-4831-4301-8a99-b726e8e6aa4b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_pfpMEgdYZftOMm5gAfvho_YCM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN8gBCagDAaoEvAFP0HFfwVDgEmoioTuCusMOHwU5XIuZDwvcpP1u0y2D0lD0n3OYgqBhR0cv9VU-TrZ_KVEB8fCTx_oraArJbhradtldNkBB24hI623GDpTwKYcst52MWMlEIuMPn9V-Q3PyXGQ7x-o5Ay40trnAnA2rLtSjsuoZ4DYM2lgb2iAaS2ZdWynGfTUBBC4b3Rc6lxOS7m4XcmFjoP-d0BsYE8zDIUa7fy0FgfscfuZItEfQOjRZP_SHD6xBQqiY2IAGyuvp0O6wg6qJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0jTLpz776qCxlYfLivBJ7Ou8WcqQ%2526client%253Dca-pub-2450194731637417%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.ntdvn.com%2F&ancestorOrigins=https%3A%2F%2Fwww.ntdvn.com&random=1413839515566&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90004.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=86fbe980d7&subid=&uid=38590b8443ee5fa0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3882117385595560503%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddd67611d-4831-4301-8a99-b726e8e6aa4b%26mt_cid%3Ddd67611d-4831-4301-8a99-b726e8e6aa4b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_pfpMEgdYZftOMm5gAfvho_YCM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN8gBCagDAaoEvAFP0HFfwVDgEmoioTuCusMOHwU5XIuZDwvcpP1u0y2D0lD0n3OYgqBhR0cv9VU-TrZ_KVEB8fCTx_oraArJbhradtldNkBB24hI623GDpTwKYcst52MWMlEIuMPn9V-Q3PyXGQ7x-o5Ay40trnAnA2rLtSjsuoZ4DYM2lgb2iAaS2ZdWynGfTUBBC4b3Rc6lxOS7m4XcmFjoP-d0BsYE8zDIUa7fy0FgfscfuZItEfQOjRZP_SHD6xBQqiY2IAGyuvp0O6wg6qJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0jTLpz776qCxlYfLivBJ7Ou8WcqQ%2526client%253Dca-pub-2450194731637417%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.ntdvn.com%2F&ancestorOrigins=https%3A%2F%2Fwww.ntdvn.com&random=1413839515566&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 221
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 231
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEI5WsSWt1QRKnPcqnj4wMJI&google_cver=1&google_push=AYg5qPKQmNN0fOrOz-aW2iWE0OYpeeakpI6o8uMP1gU-vYgOF_wIp938w1Muv90qGMhfWVp-oSIfFuHKy8tkTiODbLgZShkezII6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKQmNN0fOrOz-aW2iWE0OYpeeakpI6o8uMP1gU-vYgOF_wIp938w1Muv90qGMhfWVp-oSIfFuHKy8tkTiODbLgZShkezII6&google_hm=Rv6PyhcCAsMn_9JTgrOZ2g
Request Chain 232
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJODq2OCmQkoj_sYoZoYucn9qqqFLGExxvTYO2G8cw4I8oGIVU_0ZvaPhcyhx9wnaWCA9lzrjoOU5A52OOuqvxD8V1H1dVZ&google_gid=CAESEDOLISQvot4B2zQWhj2hC0c&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLKQ9YgGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBKT0RxMk9DbVFrb2pfc1lvWm9ZdWNuOXFxcUZMR0V4eHZUWU8yRzhjdzRJOG9HSVZVXzBadmFQaGN5aHg5d25hV0NBOWx6cmpvT1U1QTUyT091cXZ4RDhWMUgxZFZa HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcweGtvOURPcTVvUHhlVkFPUG00alFZQjJrZl9HVmRyNmQtVlZDVm5yYmliSQ==&google_push
Request Chain 233
  • https://rtb.openx.net/sync/dds?google_gid=CAESEAEwyafJlzDC2S24NGsJQOY&google_cver=1&google_push=AYg5qPKpqaIUe26OYhu3F-jvgUIeja6SP2OxBGWotLVwYhIVq_-M2sfXuSgTXGM2werzP8XUWcmLs_tCcwyMtT8tPfztxTjgO0n8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKpqaIUe26OYhu3F-jvgUIeja6SP2OxBGWotLVwYhIVq_-M2sfXuSgTXGM2werzP8XUWcmLs_tCcwyMtT8tPfztxTjgO0n8&google_hm=rJi2nOj5ypcGNtyQdJf5zA==
Request Chain 234
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGSG_a3cMZlANTRXLJMw_Fg&google_cver=1&google_push=AYg5qPJ88A_d3vUzfNgGfDfQNhps1ogm75qGBu8LXw62y_U_-wig0mSQ0TiBTe7FfeIzIwG-mvWmRmP1j-QQpom0zJ_BNiJRZhjI HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGSG_a3cMZlANTRXLJMw_Fg&google_cver=1&google_push=AYg5qPJ88A_d3vUzfNgGfDfQNhps1ogm75qGBu8LXw62y_U_-wig0mSQ0TiBTe7FfeIzIwG-mvWmRmP1j-QQpom0zJ_BNiJRZhjI&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Cub7QvVXQ1OXo0FUTKD2nw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ88A_d3vUzfNgGfDfQNhps1ogm75qGBu8LXw62y_U_-wig0mSQ0TiBTe7FfeIzIwG-mvWmRmP1j-QQpom0zJ_BNiJRZhjI
Request Chain 235
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOxOgYWRhcaCc4pXKqRELEE&google_cver=1&google_push=AYg5qPIyTfncfFTb2akC3--2WRnl4pX2_-T2tAWGXF9EpBSM75aFAtCSODz6gJw0lp8Tb05nILhzscpqJFfUj4rNuVUXHekXOFU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NIU0hYVDEtMjAtTExTQw==&google_push=AYg5qPIyTfncfFTb2akC3--2WRnl4pX2_-T2tAWGXF9EpBSM75aFAtCSODz6gJw0lp8Tb05nILhzscpqJFfUj4rNuVUXHekXOFU
Request Chain 236
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGeBsOnuHfb_7813MYsYUfg&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWGt3xEZGImdG14-7lAs976-t8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWGt3xEZGImdG14-7lAs976-t8&google_gid=CAESEGeBsOnuHfb_7813MYsYUfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWGt3xEZGImdG14-7lAs976-t8&google_gid=CAESEGeBsOnuHfb_7813MYsYUfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWGt3xEZGImdG14-7lAs976-t8&google_gid=CAESEGeBsOnuHfb_7813MYsYUfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWGt3xEZGImdG14-7lAs976-t8&google_gid=CAESEGeBsOnuHfb_7813MYsYUfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWGt3xEZGImdG14-7lAs976-t8&google_gid=CAESEGeBsOnuHfb_7813MYsYUfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWGt3xEZGImdG14-7lAs976-t8&google_gid=CAESEGeBsOnuHfb_7813MYsYUfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWGt3xEZGImdG14-7lAs976-t8&google_gid=CAESEGeBsOnuHfb_7813MYsYUfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWGt3xEZGImdG14-7lAs976-t8&google_gid=CAESEGeBsOnuHfb_7813MYsYUfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWGt3xEZGImdG14-7lAs976-t8&google_gid=CAESEGeBsOnuHfb_7813MYsYUfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWGt3xEZGImdG14-7lAs976-t8&google_gid=CAESEGeBsOnuHfb_7813MYsYUfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWGt3xEZGImdG14-7lAs976-t8&google_gid=CAESEGeBsOnuHfb_7813MYsYUfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWGt3xEZGImdG14-7lAs976-t8&google_gid=CAESEGeBsOnuHfb_7813MYsYUfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWGt3xEZGImdG14-7lAs976-t8&google_gid=CAESEGeBsOnuHfb_7813MYsYUfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWGt3xEZGImdG14-7lAs976-t8&google_gid=CAESEGeBsOnuHfb_7813MYsYUfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWGt3xEZGImdG14-7lAs976-t8&google_gid=CAESEGeBsOnuHfb_7813MYsYUfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWGt3xEZGImdG14-7lAs976-t8&google_gid=CAESEGeBsOnuHfb_7813MYsYUfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWGt3xEZGImdG14-7lAs976-t8&google_gid=CAESEGeBsOnuHfb_7813MYsYUfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWGt3xEZGImdG14-7lAs976-t8&google_gid=CAESEGeBsOnuHfb_7813MYsYUfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWGt3xEZGImdG14-7lAs976-t8&google_gid=CAESEGeBsOnuHfb_7813MYsYUfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWGt3xEZGImdG14-7lAs976-t8&google_gid=CAESEGeBsOnuHfb_7813MYsYUfg
Request Chain 237
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJYLa2k8Qmxb8MEqjszETQ4&google_cver=1&google_push=AYg5qPLdN-3A8FX3EIWS17f-YiZ8TWWGbG3-EHgIvrYaAn2OWRCFsWWRj6N7eU1geyHPWCMptTolfArhz8BBXNjlN2iw2SbDcleh9A HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLdN-3A8FX3EIWS17f-YiZ8TWWGbG3-EHgIvrYaAn2OWRCFsWWRj6N7eU1geyHPWCMptTolfArhz8BBXNjlN2iw2SbDcleh9A&google_hm=

256 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ntdvn.com/
Redirect Chain
  • https://tnews.to/tin-the-gioi
  • https://www.ntdvn.com/
242 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ntdvn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b983b4c2913575f2bbc339eeeb07fe0d318a6dc77a6dd08844f27b2740b3ef73

Request headers

:method
GET
:authority
www.ntdvn.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
content-type
text/html
last-modified
Wed, 18 Aug 2021 17:19:34 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wu%2FYhHTVBHMBW1R73Ue4B3wNvtb7IJG%2FEx%2BMb8%2FPAzcdyQaOaPJLCgyC1w37GvIMK0sC%2Fb9QwsJghE3BJHkJdc9T9Bbi25rB37VVfu28mxLOhDHL1r7jo36poK9ubmcwlwPv3WqnfhQlHfY"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
680cfacc390e42d5-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Wed, 18 Aug 2021 17:49:36 GMT
content-type
text/html; charset=UTF-8
set-cookie
prli_click_2078=tin-the-gioi; expires=Fri, 17-Sep-2021 17:49:34 GMT; Max-Age=2592000; path=/ prli_visitor=611d482eb0823; expires=Thu, 18-Aug-2022 17:49:34 GMT; Max-Age=31536000; path=/
x-robots-tag
noindex, nofollow
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma
no-cache
expires
Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by
Pretty Link Pro Developer 3.2.3 http://prettylink.com
x-redirect-by
WordPress
location
https://www.ntdvn.com
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teHoYgsxhqaoXp2EQWupYmEYcyvF5nYdt0RErx9QXPK%2BFbmL8lShmySL9MMO9Rv0R9lGh251fdfd%2FhZ7CuDoMTmFoIrUdGyTSy5umCkvoPUuJwkzDTr%2FBM1jdPXgKPlY8u8vSCY6%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
680cfabf4b3a0609-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
global.css
static.ntdvn.com/assets/news/css/ 		153 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ntdvn.com/assets/news/css/global.css?v=0.2.88
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfde80c9ab95f03320ba0435e800f93f7e29c065f6e2a743b1fbec99499df542

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
450095
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Fri, 13 Aug 2021 07:31:59 GMT
server
cloudflare
etag
W/"61161fef-2652d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLnQFmY9IaUD%2BTCNNjCergsYlM3Lh1jzAzCyYnH6q%2FW%2B8TbfFDMe2xeu7C92TstyLo2mm1yhmzLXpUSsk7eHfyaQRhPiU5tGhOCsugx4YcjeL2e%2FptLy04iVhGsspYHNZb60LJCsoU%2FHfELsTy6Y"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000
cf-ray
680cface1dec42d5-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Sun, 12 Sep 2021 12:34:03 GMT
genericons.css
static.ntdvn.com/assets/news/css/ 		40 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ntdvn.com/assets/news/css/genericons.css?v=0.2.88
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
727167c795391944b3531c55ded2b13305306079ebf4f463fb16dc51effa8639

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
450096
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Sat, 18 Apr 2020 03:30:42 GMT
server
cloudflare
etag
W/"5e9a7462-a140"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2Bz0sMzm2BB9gNuh%2BOV9FIIxonanTicIYBDivitbj8ntMDTLcJnAkSuiEdQbwWkXhKrPQKiGIUil0apZpF6%2FVEkpo%2BfRS65roPtMO3OMESc43ML%2FPvbMVicc1Tz2uoOx9adOehIAeL37rC7lnAOZ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000
cf-ray
680cface1dea42d5-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Sun, 12 Sep 2021 12:34:02 GMT
override.css
static.ntdvn.com/assets/news/css/ 		108 B
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ntdvn.com/assets/news/css/override.css?v=0.2.88
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7086c8fbde393aff09aeef281df4a157761dcd1bab02fca0f7cb640858476e08

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
450096
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Sat, 29 Feb 2020 08:56:47 GMT
server
cloudflare
etag
W/"5e5a274f-6c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2B9hck5wArh98Ahg1A%2Ftf%2BSbsRmAUMXHnGtYsXDz9nLkcFtvZwJveNjp%2BJEQtoU7Q0AZGXdEHAhS75LI4rwXqL2B%2BSMszXvhOpaM9079a%2BxYNym%2BhsUy%2F4AR%2B38yMM5Awb%2FFpyFeGrBzNLQomtcg"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000
cf-ray
680cface1de942d5-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Sun, 12 Sep 2021 12:34:02 GMT
home.css
static.ntdvn.com/assets/news/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ntdvn.com/assets/news/css/home.css?v=0.2.88
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a90813295a103e36ba72680ba5ef5723cd633457c3213ba1967d4493fc7af45

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
450095
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 02 Feb 2021 14:06:19 GMT
server
cloudflare
etag
W/"60195c5b-7647"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1d5gMNwcJjqbI9Boc63LNpg1g3kei9eI%2BS6qkV%2Bldyn3iaDrSu4si6hUSQovD1wZwuiXE4j670ccPVhiqaOYU%2FhVYKpk2StfcIB86wgJk3zbvw5xoj3CL0Wt3JlLrPWsNqbTEwnZORxXOe92BHGK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000
cf-ray
680cface1de642d5-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Sun, 12 Sep 2021 12:34:03 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0648f74bbabb9eb458c13abc289fc92ac8403b0608ffef65ee10c962bb1a9aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49835
x-xss-protection
0
server
cafe
etag
4161259050173333882
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 18 Aug 2021 17:49:36 GMT
logo_ntdvn.png
static.ntdvn.com/assets/news/images/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ntdvn.com/assets/news/images/logo_ntdvn.png
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c96d1a7cc3982d5c4bbcf5f9936ebad3c57471711a6986edc9ceb2449074ef45

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
access-control-allow-methods
GET, POST, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2377445
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
35821
last-modified
Sat, 07 Mar 2020 21:30:09 GMT
server
cloudflare
etag
"5e641261-8bed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4akV7uQccrSx5ctI1awPUh04PPUI2vEhHrQ71ZgamC2%2BoHMjmDtq6N6siBFUnUaGbIeHsx8OPR59iZN%2FYwj4owR%2B7VHgaWYFE3wHST%2BAsIxvd6F6IdFxEwihYv%2BrcJfNa9C%2BsrNMG5CJRNmlJjL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface1ded42d5-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Sun, 15 Aug 2021 22:04:05 GMT
ntdvn_ntdvn-ntdvn-biden-tu-chuc-trong-o-nhuc-205x123.jpg
img.ntdvn.com/2021/08/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_ntdvn-ntdvn-biden-tu-chuc-trong-o-nhuc-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca2f57158fbd16a031dbea5c9a7df58c8691f57ff5c6e398cffcf91b2a2a47e2

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3502
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6905
last-modified
Wed, 18 Aug 2021 15:45:08 GMT
server
cloudflare
etag
"611d2b04-1af9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4RJ5JtGkyK3NfDOtVspxEP2juQzHvPqYqRDtTIgIHNIqLPzgDzcnK82Dv%2B52%2B%2Bd8GY1XQ7cc85uTDDWfDrk9l4%2B25%2BzJg%2FXb1owbQuFI2Un6Jv1P99QHYV2bw0Q5njnRMhRRVgzcXTfI1EGS"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface3e3942d5-FRA
expires
Fri, 17 Sep 2021 16:46:54 GMT
ntdvn_joe-biden-roi-tri-ke-thu-my-ha-he-205x123.jpg
img.ntdvn.com/2021/08/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_joe-biden-roi-tri-ke-thu-my-ha-he-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97e63fb87792cc65dbf0677d7e1c40f8d74bb006ce712cec587ed09e48a3ba1e

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13504
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7433
last-modified
Wed, 18 Aug 2021 11:53:12 GMT
server
cloudflare
etag
"611cf4a8-1d09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7lKwQO4UReuYOQx4XGloARIwfs0WtZYnX8suYzw%2BGp2TIj3VW6XOXglli0%2FsRpflmFSm0qEpIM1IJBLhRR%2ByhA6tq04%2B8NinJ9L%2BBqxXMKRvTe6V9uY42UgPPVZWPNxvgGQOFxoYT3CsISC"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface3e3642d5-FRA
expires
Fri, 17 Sep 2021 13:58:54 GMT
ntdvn_screen-shot-2021-08-18-at-82340-pm-205x123.jpg
img.ntdvn.com/2021/08/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_screen-shot-2021-08-18-at-82340-pm-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc7fc1275d37139ed32c3fc4cf9e51fe9e528bcda979017ef6d76e6263780285

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14015
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10919
last-modified
Wed, 18 Aug 2021 13:24:05 GMT
server
cloudflare
etag
"611d09f5-2aa7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpRC7l%2BEWN6ewxrfHVuY0NJusyLyxLZgC%2B38cRZX24QQXtppxIskVTaQTXG%2BDA7G4n4xiOVjnubnK49aVNlmEPoa%2BP9uSKxT3lFYX5kr4OW0HttoAs%2BABQDqsFdBzYYYMkuaSP86m3Hxzs6b"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface3e3342d5-FRA
expires
Fri, 17 Sep 2021 13:33:15 GMT
ntdvn_210817-c03-205x123.jpg
img.ntdvn.com/2021/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_210817-c03-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c08cd4ce86222eed6272d4caf54b02daad63167f7ab25f05564e7025a225b69b

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
145524
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4940
last-modified
Tue, 17 Aug 2021 00:52:55 GMT
server
cloudflare
etag
"611b0867-134c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m80a3kj%2F6eL68v%2BFGvaoJxWf%2Fn5WlPAC9qoEc5zIYQtRv1qeeKHaEywpNgtJSUsLkHYBumhKXIDIU%2FYJ%2BCKrfQT8NtHgX1CyJKAZ9atImL4HJXFphhoLnhvNVJE11GYjk8W4OB5cR3ZEBpol"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface3e3742d5-FRA
expires
Thu, 16 Sep 2021 00:54:16 GMT
ntdvn_bai-diet-chung-lanh-23-205x123.jpg
img.ntdvn.com/2021/08/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_bai-diet-chung-lanh-23-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ee648f805dc6115914008e36842d9f7267a561b2f25148b93424facc3a5d579

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20500
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8592
last-modified
Wed, 18 Aug 2021 11:46:40 GMT
server
cloudflare
etag
"611cf320-2190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7N52Oj0Cl7rhvZfALM9YuFJssBkgB6FyJ3H2FRMN0b5zWWOdlnIPNTk9WzyjcPGTA6vb45C4z52Buo%2FiHbl5vJLrH8XjZYHlKbSURfYClEk1ADbCGjl1ouitW5NARYXXFm9T3t78h1XFGHGK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface3e3842d5-FRA
expires
Fri, 17 Sep 2021 11:47:51 GMT
ntdvn_screen-shot-2021-08-18-at-34046-pm-205x123.jpg
img.ntdvn.com/2021/08/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_screen-shot-2021-08-18-at-34046-pm-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1c58703ed5414b6cfacddb4762b447d1f7c821ed8a31c7cf1272d15c4d75e44

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
31562
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
5426
last-modified
Wed, 18 Aug 2021 08:41:05 GMT
server
cloudflare
etag
"611cc7a1-1532"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wF28dwqAc%2FEqdZUog5BLWNRmuVKCFqKPhRUk7igqYdUM2jzskyGgA7uLqGX7oSBMeB%2FcCIOUES0ln%2FbVUj3w4cGqKRiaRKFOuV9Oe0gvx8XZfILhK6zLxjyJCHmPdzsNfbfHsfNljGxDQTw"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface3e3542d5-FRA
expires
Fri, 17 Sep 2021 08:50:13 GMT
ntdvn_gettyimages-482497468-205x123.jpg
img.ntdvn.com/2021/08/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_gettyimages-482497468-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
709463cfc4344dbc844afbe0c08d73f543703e481503c0e9ce1cee5c9cee5834

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
106649
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6486
last-modified
Tue, 17 Aug 2021 12:06:03 GMT
server
cloudflare
etag
"611ba62b-1956"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpKuoEy6nsRVhyum051mu0I2hxgk4KaY1HTgi1kAx1ULKaUQ2LTQIm1PBIZ5RKXb7K3IhVLsYoC18uke%2BZeITAEp%2BEDlBntpnsQ%2BSpr670LZozjBmJcf0FmEJS7cHkYPpFOalTeBI6i7%2FYgT"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface59de4db8-FRA
expires
Thu, 16 Sep 2021 12:10:58 GMT
ntdvn_id13166436-gettyimages-1219300421-600x400-1-205x123.jpeg
img.ntdvn.com/2021/08/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_id13166436-gettyimages-1219300421-600x400-1-205x123.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7eb3c01aa21ee3b3405187b680091d440a1130874fc283585ad3709d9a9e35a

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
108150
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
15714
last-modified
Tue, 17 Aug 2021 11:41:13 GMT
server
cloudflare
etag
"611ba059-3d62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJrZHeLw%2BCVk8c0gHnS5NdURW6EwXer1NPnNgoEtex7piNLSdFTygOXjszJXMJVgy0PxQ8vRpUdmdqKdvwU48E9JqCTO85%2Bglu05NXC04Pwr4LwE6NPWqteILe%2Fcu86qym9l2XNVtNDUnN5x"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface59e14db8-FRA
expires
Thu, 16 Sep 2021 11:47:01 GMT
ntdvn_untitled-3-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-19-205x123.jpg
img.ntdvn.com/2021/07/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/07/ntdvn_untitled-3-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-19-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4055e1f9d2f611fb064dec3039bb11a6355683a1c61b9865edb8a7f8d70b715

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18181
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
12842
last-modified
Thu, 22 Jul 2021 01:20:44 GMT
server
cloudflare
etag
"60f8c7ec-322a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OE8kcqeJmL95CUySa6BPotEk%2F2dtBEcb%2FPdrsLlfkNPHT1wo5TelqH%2FJWHH11YEZWJBU6Ac2kwpOVDRLKqG0mPJHE0ZLLiAfKYx7nSc14kxJj0f1Q8Y4ig9sxf%2BPu%2F6YZ4aOuQSZdy6GyhZc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface59e24db8-FRA
expires
Fri, 17 Sep 2021 12:32:54 GMT
ntdvn_tiem-vac-xin-covid-19-ha-noi-205x123.jpg
img.ntdvn.com/2021/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_tiem-vac-xin-covid-19-ha-noi-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741878724ddd1e1f8b39d14ff10e85f508fab71efe4152eb665da7854f060e06

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18181
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8923
last-modified
Wed, 18 Aug 2021 11:04:17 GMT
server
cloudflare
etag
"611ce931-22db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGQP%2B4QLIgrb5lKbOhUCv9VVHtkhyAZ9OPrAtaB0oLF%2BoeIdGhbfYwGm6eV4NMImejsYrHqkLePtCNqi%2FL7ebuNkIxsYBRFA1k8JAOD8Srs%2FkqHQnZOlrGrfVsN%2BWSVh%2BImCeZqchmm69zUL"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface59e44db8-FRA
expires
Fri, 17 Sep 2021 12:03:35 GMT
ntdvn_tiem-vac-xin-covid-19-tinh-binh-duong-205x123.jpeg
img.ntdvn.com/2021/08/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_tiem-vac-xin-covid-19-tinh-binh-duong-205x123.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c23716521f1d0e826bcffd331feb2e401d2cc71727e423eea02b675d6507d12a

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20501
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8301
last-modified
Wed, 18 Aug 2021 11:31:02 GMT
server
cloudflare
etag
"611cef76-206d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oel8SJkZTxCvDspXviOP0v%2FpbM89PA%2FA5SrDqpsqwqH5okZPgvP9j%2Bn8cppQ1o8MSMcJW5vCyhlxSutMoyRj4kdhRyBRpMpKDcYAE2axNMpjAs83qkn%2BMdttlP0%2Bql9d%2BAB60iqJytULZ7Aj"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface59e64db8-FRA
expires
Fri, 17 Sep 2021 11:36:47 GMT
ntdvn_untitled-3-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-18-205x123.jpg
img.ntdvn.com/2021/08/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_untitled-3-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-18-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30b84c65a0d153a7ae68397ddac7a1693ab840b5195cc072df86e70124845c8a

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32442
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10030
last-modified
Wed, 18 Aug 2021 08:36:02 GMT
server
cloudflare
etag
"611cc672-272e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Fbraq7hf5KdeqvU%2Bppk8VvhyA7jXOX2QvbVjRpbkuEyYTnLg6FDQfSv8Os9qdVffbVGLKYZ4ulkLpNE1%2BIrhGgZ1GXIoKbVUh%2Fd2K52WATOQPkQbWjDBGPsd7mPi%2ByoTxSUoKJ%2BxF3WmB58"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface59e84db8-FRA
expires
Fri, 17 Sep 2021 08:45:19 GMT
ntdvn_vua-le-thanh-tong-va-nhung-giai-thoai-tu-than-te-gia-tri-quoc-phan-2-2-205x123.jpg
img.ntdvn.com/2020/09/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2020/09/ntdvn_vua-le-thanh-tong-va-nhung-giai-thoai-tu-than-te-gia-tri-quoc-phan-2-2-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7cd3032aa557a1215138c9bc5e35f6e2cc3024f6d5d2a4c095d745efc36d103

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18181
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7051
last-modified
Fri, 04 Sep 2020 03:51:07 GMT
server
cloudflare
etag
"5f51b9ab-1b8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4MOXW6KsDueC5Osv5Y%2Blmnb1hAeFBxb8o1yutKP%2FZ%2FWHcWjTqj3YJFcqou5epidrW1H1QtmvSEhZfECzRupFx4RD2a1bb%2FQC63MN4aul0XxF1UbucSRbdvU8j95oYVDdcDi%2Fjm32bcP6XEp"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface59e94db8-FRA
expires
Fri, 17 Sep 2021 12:06:10 GMT
ntdvn_p2805022a153684147-ss-205x123.jpeg
img.ntdvn.com/2021/08/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_p2805022a153684147-ss-205x123.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd5bf490f3a19c613028d3f94b4523a1eb4dabf65ea755ba57ded84c5276e7eb

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28826
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9934
last-modified
Tue, 17 Aug 2021 17:34:03 GMT
server
cloudflare
etag
"611bf30b-26ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URTPDIYKIQ9FQ%2F3y35s4uH2KnLRG7fn6H39DIljj%2FG%2FeJsytgAwYIi%2Bl64abSeeBWgPEM3X5VZdepMYuz1o7O4eRglp3%2F4N5KN7vELV1Ch7HKrNy%2Bw1S2GQCN84FYOWmCsTxr%2FVZfDXT0jzm"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface59eb4db8-FRA
expires
Fri, 17 Sep 2021 09:05:19 GMT
ntdvn_bac-sy-dong-tay-y-ho-van-nai-205x123.jpeg
img.ntdvn.com/2021/08/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_bac-sy-dong-tay-y-ho-van-nai-205x123.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
821f43bfadb01bd1e170bff82048fa32f254717d9a13972a91430084a009f38f

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50320
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7527
last-modified
Tue, 17 Aug 2021 10:50:40 GMT
server
cloudflare
etag
"611b9480-1d67"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ymtA4ScmxhYhJbWcbUTznKHuPhZOzVoZWaEjhynt0Serb3bx79n2PuoqPepXh0OFdxMGBukbpXUGwh%2BlkQr5HWITreQjJydH7oxPtM51o84rX9gZm1nr%2BQHcF6yyg9JuNEAcKa1w%2FezLqUo"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface59ec4db8-FRA
expires
Fri, 17 Sep 2021 03:05:23 GMT
ntdvn_487a9595-1baf-44f2-a3c7-ae7fa252fb13-205x123.jpg
img.ntdvn.com/2020/09/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2020/09/ntdvn_487a9595-1baf-44f2-a3c7-ae7fa252fb13-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c285512007ce35f8c6bc683cc8e1675e3fae79854e5c5a28bd533750678e5c5e

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61036
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4310
last-modified
Sat, 12 Sep 2020 04:26:44 GMT
server
cloudflare
etag
"5f5c4e04-10d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQrZNg6qrvA7DjRXKHrtmhFuW27Ex7WsOL3EcmiynZ1DtltUG2Mx46esVcC2NAnzh316CQDtdAS23JJCAC4xNdnhYGsNZ%2FMPTJ1zt%2Bij3Co55uHYTf8Gr5FJ7arIz647X0FFohwtkJJJA5U9"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface59ed4db8-FRA
expires
Fri, 17 Sep 2021 00:35:32 GMT
ntdvn_pjimage-32-205x123.jpeg
img.ntdvn.com/2021/08/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_pjimage-32-205x123.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e57fb58599f44e7dfca947ae1d6477e46c693a14ef57e9fc12f00db0ef5df9bb

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25102
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6924
last-modified
Wed, 18 Aug 2021 10:14:54 GMT
server
cloudflare
etag
"611cdd9e-1b0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtEL6QLSjC4MgaXPCjmoNCy3CJn4AI5WMP5FADVpmWOjcQ9w26mFE94CR8N1YESyq98gZaNwynr3%2Fp0gZhO2zaCtdMtHeE5VqbLJl3CTHOTZY1EBwkxxB8ISZwhHg3AcOc1jQKDEdXe3mHZO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface59ef4db8-FRA
expires
Fri, 17 Sep 2021 10:27:09 GMT
ntdvn_pasted-image-0-56-205x123.jpg
img.ntdvn.com/2021/08/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_pasted-image-0-56-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c111ea9d271dc5fde24b92f119e38b125fbff7318628b3b73333bf13339b312

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39925
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9313
last-modified
Mon, 02 Aug 2021 08:47:28 GMT
server
cloudflare
etag
"6107b120-2461"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31Qq9KBqrFQLlfpI6apyak0zpH6VVg6xZKyU8WEARUFHy7Ir9vyI04fwchaFlTTvPOfpoOQO0f2oFIPkfr5u77yMI8BiJZxcBkS%2BGboGfnKgBQhGsmYTbJOCw%2BaaPD40qihemsYZHGbScchs"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface59f14db8-FRA
expires
Fri, 17 Sep 2021 06:32:57 GMT
ntdvn_artist-700x420-1-205x123.jpeg
img.ntdvn.com/2021/08/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_artist-700x420-1-205x123.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47f5942b0ec08063b475986bfbb1f3d17c985de9d2c1ea89fcf7804f37d2b62c

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43861
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
27004
last-modified
Wed, 18 Aug 2021 05:06:17 GMT
server
cloudflare
etag
"611c9549-697c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5S%2F0yKIQAFD4%2FSQk7NLHfiOM0tX4sW41HbEFeitWX0FIjvOKOiw5utwsOcg29dHihvJJEzWi4NvAQ1voZibW5HUBtI6AYwc0BOMhz%2Fa5pPCK3dUCz0jbg74cBu%2BPoO54gXXC7Wjm2tb6C12"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface59f44db8-FRA
expires
Fri, 17 Sep 2021 05:25:37 GMT
ntdvn_screen-shot-2021-08-18-at-101721-205x123.jpg
img.ntdvn.com/2021/08/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_screen-shot-2021-08-18-at-101721-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d184e59f58a5364c407b375318c9ee794d4ab5ff8bd4768f28e60f7c7c2b5cb

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50320
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9398
last-modified
Wed, 18 Aug 2021 03:18:06 GMT
server
cloudflare
etag
"611c7bee-24b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rvlny1DIsBWFbFlnowlrMdETUYlEOrHzLtns%2B8BtLDA9LTTZng2JNV8xyzSLvL2w3bIxkimcGnv6S6yz7I6SiMDdLyTLEEMnfLxDyza8J5JvWQSHibr0LvLNKlEvmRMaqyJwkx56lrdu2mB"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface59f64db8-FRA
expires
Fri, 17 Sep 2021 03:24:03 GMT
ntdvn_thuong-hoai-mekong-ky-4-thuy-dien-con-ac-mong-tam-co-quoc-te-tuong-lai-nao-cho-dong-mekong-205x123.jpg
img.ntdvn.com/2020/05/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2020/05/ntdvn_thuong-hoai-mekong-ky-4-thuy-dien-con-ac-mong-tam-co-quoc-te-tuong-lai-nao-cho-dong-mekong-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b15ebc0f5948f3292fd29ad83470b58b086212573f3b8a0f850170178c60ab8c

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9657
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8775
last-modified
Tue, 26 May 2020 10:23:38 GMT
server
cloudflare
etag
"5eccee2a-2247"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEiA%2FfAJRemASfWxr96dbeGb1k0FsI%2FizWryYmpG9vJYHaQXf%2BD2e0%2BgLwEZ3mzHXRtGOz5CirKWRK2aKg2TG4MK2avaXcdzNzkF36tJzUp7Fsq0V4Big3MxzN5T5g5oyKnFPz9ofVxju02Q"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface59f94db8-FRA
expires
Fri, 17 Sep 2021 14:56:34 GMT
ntdvn_ezgifcom-gif-maker-2021-07-23t091635670-205x123.jpg
img.ntdvn.com/2021/07/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/07/ntdvn_ezgifcom-gif-maker-2021-07-23t091635670-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e00413cff2499688479afcde77e7d7d7618ff3829973ee1c9326073a4223d3a2

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17199
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10609
last-modified
Fri, 23 Jul 2021 02:16:56 GMT
server
cloudflare
etag
"60fa2698-2971"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v03hdMuBAzLlgZ9%2F%2BhXU3TyW58Lp%2BXytaekqerqIx%2BfurMIoVFGsgAgiYKMtYSEnglgeP2In6xrNDE%2FSudfSWq2%2BxlLZtttiNP795jtHtfcgvPgFAwI7UWNGkrmASFpRjxV%2B%2FQYp9aSTVs7a"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface59fc4db8-FRA
expires
Fri, 17 Sep 2021 12:54:59 GMT
ntdvn_screen-shot-2021-08-18-at-15804-pm-205x123.jpg
img.ntdvn.com/2021/08/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_screen-shot-2021-08-18-at-15804-pm-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e55902772df84c01a942989eb2f7b55e417d68d23d85bf29ab8857e2aafd8718

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34925
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8200
last-modified
Wed, 18 Aug 2021 06:59:20 GMT
server
cloudflare
etag
"611cafc8-2008"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kj061g4jE%2FCChHrfFQuN3QbgGIc5tAu8NexIVsOsAzAwGQDM0tqcGc9FHD%2BzxuLdBg3BAcj%2BrpbENbgxdpmA%2FVuaeKiR2Zkcw3%2BthkVcPDFPoL5swlyDgaEQvt3iEbXebWdrwAmu2c2tI5v3"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface59fd4db8-FRA
expires
Fri, 17 Sep 2021 07:00:07 GMT
ntdvn_screen-shot-2021-08-17-at-22538-pm-205x123.jpg
img.ntdvn.com/2021/08/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_screen-shot-2021-08-17-at-22538-pm-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c83e3f88a307d4a148d50afdce2d3d7027183e737ffac14416572ba0c221ca51

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39925
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7920
last-modified
Wed, 18 Aug 2021 06:40:13 GMT
server
cloudflare
etag
"611cab4d-1ef0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDAgepqclLYVjCD48udB63OT0lCv%2FzdINiTeBUvPkNFvxttl5jWQj8qmMOR6hp2ywDgy%2BxZkwreHIJrVPjGFoN8BmkTdgi0FQ1IQI6mrLrwut%2B%2FKG6At%2BWXy9Y65%2BV9%2BD%2FN3T8XPQMbpY5Dk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface59ff4db8-FRA
expires
Fri, 17 Sep 2021 06:40:58 GMT
ntdvn_ezgifcom-gif-maker-2021-08-18t154657393-205x123.jpg
img.ntdvn.com/2021/08/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_ezgifcom-gif-maker-2021-08-18t154657393-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef2acd8e005986f8882db5b12c6cc0f7975a8838c65e3c109f9ea0e9ce04a134

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28826
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4491
last-modified
Wed, 18 Aug 2021 09:04:53 GMT
server
cloudflare
etag
"611ccd35-118b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCVFS%2BihxHBMMPd9orIEmkLuzNfKuKSyZwO9QsbkhMNunV3yea7YtNh9izOLGOFfQ8roSKdFDNwPryzyCOP6Gyd1CU8VGQU%2FZkGeO%2F5O8h5%2B8dtwKEFGQyUE5to3v5ALAoh3x0fJy%2BvFojip"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a004db8-FRA
expires
Fri, 17 Sep 2021 09:20:08 GMT
ntdvn_pjimage-1-4-205x123.jpg
img.ntdvn.com/2021/08/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_pjimage-1-4-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbe86c301b83fdd8d6b89b2d2e99992d20d0cd4612f07e15b50fc7b3d2c6f784

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
52955
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7003
last-modified
Wed, 18 Aug 2021 02:40:44 GMT
server
cloudflare
etag
"611c732c-1b5b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7%2FiVJwh6nhxGmFOfjgiyW3%2F1tgDA7N3loEC%2FeYsmfNDsOhvmME6ZdkDfbN%2BLPPfH%2FI4iyxiuB3w2HKyDFLF7gvpAGutQBbl2FnbqPPa%2BzVN%2BT8NzfNN035YZWqsmlnF%2FAXdwmKCAL0lU1Ns"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a014db8-FRA
expires
Fri, 17 Sep 2021 02:42:02 GMT
ntdvn_ezgifcom-gif-maker-2021-08-17t094421145-205x123.jpg
img.ntdvn.com/2021/08/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_ezgifcom-gif-maker-2021-08-17t094421145-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dded4819704325eafba1a1a2c3bd001f904398471ec56b12acab0529f7d5c05b

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
128763
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7573
last-modified
Tue, 17 Aug 2021 02:45:06 GMT
server
cloudflare
etag
"611b22b2-1d95"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOECfBoyt5QfQXQkhUhOBcxx6jM4nM8nWKB0zVnV5KE5I1ltqBofO9LCQZPRxGhBt4AlMvowwu51XB%2Bu9kcfJYi0HMY6tLZWYj6qxJit5bp9Y7nbcGXQwOe1gUBd3%2BIV2wA8WKFHSwiCxU0X"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a044db8-FRA
expires
Thu, 16 Sep 2021 05:59:25 GMT
ntdvn_unnamed-4-205x123.jpg
img.ntdvn.com/2021/08/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_unnamed-4-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f89c155ac1552683b32e9c77a658e8790e44432477c69a60c0a89e19d2b2abe4

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
138407
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6189
last-modified
Tue, 17 Aug 2021 02:12:29 GMT
server
cloudflare
etag
"611b1b0d-182d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnvquXVBA2NeuQOLxShuMYSuLVEs3zHo39sSJKJY005i4Rr8Ns7yhwoLPsPXAru0Uoja%2FUuDeh9ZOJoxhMqY8%2FrbmVzNc05hbgFdhdi%2Fko0wkD8seblWmSNv2rC7WgnzgDN%2BR6qGZcxbNgq4"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a064db8-FRA
expires
Thu, 16 Sep 2021 02:20:56 GMT
ntdvn_nam-gioi-thieu-khi-huyet-205x123.jpg
img.ntdvn.com/2021/08/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_nam-gioi-thieu-khi-huyet-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a96330ab20f65b17d2c15f9299b3ae0519a750931decbd6fec658d7d95aab266

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34925
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3420
last-modified
Wed, 18 Aug 2021 07:54:33 GMT
server
cloudflare
etag
"611cbcb9-d5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyGtXr0UrC7DBfKgJ6qZCukkv6nctgkioXAm8WnVqUDrCn7td0G7FlU8%2FpUpbCiv7W4vBA38sr9ZssIErM%2FhKMHoc%2BxsyUSzSx6sfzmsmvapxhPJo1iIBFUGG2B0vNr5k%2B8LUK6RQyL9NCee"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a084db8-FRA
expires
Fri, 17 Sep 2021 07:55:14 GMT
ntdvn_ngu-trua-205x123.jpg
img.ntdvn.com/2021/08/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_ngu-trua-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
177db823d550ebd17c6fb84fa40866d99a5ae072a5074671562b9a5ccbe936a5

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39924
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6377
last-modified
Wed, 18 Aug 2021 06:10:49 GMT
server
cloudflare
etag
"611ca469-18e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TK8MH8eVrYv30CGJmAWUVs3onlbq5qFkUcwRjlGm4yhHHTD6%2FScmpuJWlBCp%2FPX6iqUddH2fhMCdj5zEdEjhYHjA9r5fZHyEd3ScSaBf63e6H%2FyALdAOZ5Eu9FY29rp3mPXNqHBgISZg2vhc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a0a4db8-FRA
expires
Fri, 17 Sep 2021 06:14:05 GMT
ntdvn_ngua-soi-than-205x123.jpg
img.ntdvn.com/2021/08/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_ngua-soi-than-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
801130e576fff3b06e0ca9ddc010bab5903c3ca4398a2c50e0f37a81e42ad4af

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
120173
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6485
last-modified
Tue, 17 Aug 2021 08:18:01 GMT
server
cloudflare
etag
"611b70b9-1955"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2jB%2BfQ1mXAwt8%2F3F34XUzFW%2Fa42hqsrQRP99S55zNmc2zwfiib5OgmCXCXFjq4PUqcCTKG09ZWo0BeVfg619TmRFrDiOerhLwVDv6kVS08DW%2FuPVAtFC%2FWu7eKItzu%2FNsmQC2S%2FtN44XAKd"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a0f4db8-FRA
expires
Thu, 16 Sep 2021 08:19:44 GMT
ntdvn_ve-sinh-rang-mien-205x123.jpg
img.ntdvn.com/2021/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_ve-sinh-rang-mien-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eedf3921b6e248fbebcea1cd6528b321788dc87c8d45cd24be5bd6ae0481780f

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
126189
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4858
last-modified
Tue, 17 Aug 2021 06:38:33 GMT
server
cloudflare
etag
"611b5969-12fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUmM97okwM9iQdcovrBX5XlhnsGRp%2Bon8yCHYTMfBWV%2BGjit4%2BHkoPNFZrClykGl8wp1fIh5hQksTrQeMOerFTU5AcTy1UqLiElDu63ReMrrCm7fsDBWfRyYTgojIkO2BPKizC16Yf%2BhyQgE"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a104db8-FRA
expires
Thu, 16 Sep 2021 06:40:16 GMT
China-city-205x123.jpg
img.ntdvn.com/2019/12/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2019/12/China-city-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e51d6c3e2b21860845aa23c313e630413983972bdfda350f16b4899f695572ee

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
706473
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6246
last-modified
Sat, 07 Mar 2020 22:48:10 GMT
server
cloudflare
etag
"5e6424aa-1866"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EfsnrTBAnGWCmTW4zaSfsGHrrugpS4sIm%2FE1hlIIm4eeaHPX1EVyOkuG2Bic7%2FZfIyflHaYJuvDesVyoyDP06zM88xI%2Fqbs2HhJHCHOKma3%2FOqHObzjwbH7PMQfP%2B0pkiRE%2BWBVNJHwPx8E9"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a114db8-FRA
expires
Thu, 09 Sep 2021 13:35:02 GMT
ntdvn_pjimage-42-205x123.jpg
img.ntdvn.com/2021/03/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/03/ntdvn_pjimage-42-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a313c78a8bd0809b168e8a4968d71fb46814051510b5b140edabaf5ec25749e9

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2373884
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8028
last-modified
Tue, 09 Mar 2021 11:06:00 GMT
server
cloudflare
etag
"60475698-1f5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqG5ewaOhf%2F6Y%2BRZl3pGim3yjh5ezcFtNNO4WJ9qQVkE5yVQoUis18NHbmcTqnaRyggdb7EA%2FAZI8QbD8b%2BjEzwbUQTT8LY17Q%2FqJPBdSV8KWNkWE79gRqKPwZo5ZEh%2FeKZ4zskrAGC4gXUE"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a124db8-FRA
expires
Sat, 21 Aug 2021 06:07:25 GMT
ntdvn_gettyimages-481389832-594x594-1-205x123.jpg
img.ntdvn.com/2021/02/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/02/ntdvn_gettyimages-481389832-594x594-1-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba074a4b6f4560c725b2b2bba85ffdcd116d12743dd443686b6ea3a4747fa397

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2373884
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9786
last-modified
Thu, 18 Feb 2021 07:50:37 GMT
server
cloudflare
etag
"602e1c4d-263a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYORmn%2BQjConcmw7oonwOQlJpe4vX1xtYrAUTc6o1sASKL4mWeENFFxme87D6eCJOixtEHQszhswW82SNmIlmq7uLcVNxapdiXisRNERboM5UlsHcdnx3lbxxvX%2BRgIIKQs0O9CL9TWUpBkU"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a134db8-FRA
expires
Fri, 20 Aug 2021 23:47:51 GMT
ntdvn_khung-hoang-205x123.jpg
img.ntdvn.com/2020/07/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2020/07/ntdvn_khung-hoang-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc93e38bc18f1e34d552ab84de1c13ef1f081ef7dc5a981e2d140f721f07d5f8

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2373884
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10179
last-modified
Sun, 19 Jul 2020 02:27:50 GMT
server
cloudflare
etag
"5f13afa6-27c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=peq3mB9%2Fst0enqJtA%2BLVgRjN%2FHq6RImakbzdtYLZBbfyYdH7o2Awe2WebWMLAs5ycj%2FYxDI9bcV8frqWV%2FSNcPQ%2FXujTLUazKo8VBWgiukW7xiWpgrUeRm4Ahev7ZdrEDIcxMbKAI%2FhEpzJZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a174db8-FRA
expires
Fri, 23 Jul 2021 06:04:53 GMT
ntdvn_maxresdefault-13-205x123.jpeg
img.ntdvn.com/2021/08/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_maxresdefault-13-205x123.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57ea97ad579429d53379a7524d7605380d9f65596bccec1ef2143418e879ed8

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
964396
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8383
last-modified
Sat, 07 Aug 2021 13:45:16 GMT
server
cloudflare
etag
"610e8e6c-20bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OlJaza8KB1hncVHlF0S79jWj62DL3UZDxl5VWNNPXQ3n2roiZvVY8T5BVh%2FNu6K1IIZtIwRNpy0rFZhcjr913orhlzGi8uEGCb%2BZ6CtgCIzFFBJRCEHyS2ZIpJ4x2jhIZO3CVWs1R2YSaXGB"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a184db8-FRA
expires
Mon, 06 Sep 2021 13:46:42 GMT
ntdvn_maxresdefault-11-205x123.jpeg
img.ntdvn.com/2021/08/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_maxresdefault-11-205x123.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb6f911e211ba9bc3e2b0d874a252037e11ad2733fa853af437b0061fe99771c

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
974193
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8010
last-modified
Sat, 07 Aug 2021 10:16:09 GMT
server
cloudflare
etag
"610e5d69-1f4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJHSbbY1ptddD%2BCq40AGSVKbGHGpdknc1ONLA%2BowvDLouCn5xvJ8WMmWLOphqy%2FVi3DWKWK5DDwLEh8D%2B%2FmWt3fLHgjJsd7J7LXRt3NEoDMJo8ZwfBG9jU2eBJfQIt6SqxjbsDmxtIndUq2s"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a1b4db8-FRA
expires
Mon, 06 Sep 2021 10:17:00 GMT
ntdvn_maxresdefault-10-205x123.jpeg
img.ntdvn.com/2021/08/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_maxresdefault-10-205x123.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6432ce6596eeb892678c4bec3178fb62726458c66f9d848017aa0210a83641dc

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1068365
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10317
last-modified
Fri, 06 Aug 2021 08:48:51 GMT
server
cloudflare
etag
"610cf773-284d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrMCurXkAtVy07FdmCvDOT%2BMJ4U9t8IdHDFtqJDRlwgPvoPMrETnWjMxrWn%2FugjtSVApLggE%2FdzrfU2cBNA8y0dBIFC6FFVIrlL75AWc4XKbtNfgIAKHFjkNYqthpsCfS%2Fy7Ug2lgh8nkHcE"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a204db8-FRA
expires
Sun, 05 Sep 2021 08:49:19 GMT
ntdvn_maxresdefault-9-205x123.jpeg
img.ntdvn.com/2021/08/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_maxresdefault-9-205x123.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b36fadd1ad89a073e345baae2a7a4732f3a37739b7e711b8baf7b81ba93c0a60

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1137178
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9283
last-modified
Thu, 05 Aug 2021 13:49:55 GMT
server
cloudflare
etag
"610bec83-2443"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VaLUWZEMAkfmoNoxe78%2F2zod4HXhW0%2FZR3i60PSBMsEwXScfNpc1sw7fvGW8PYirsD6vMVwtgFaLdoD8Rg9cXvka8ysMGgqhm8Gn5E2WfBBevPh3MYOZ2xewGq01XLYgDQIKD0V0dubin7Ob"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a214db8-FRA
expires
Sat, 04 Sep 2021 13:50:34 GMT
ntdvn_joe-biden-roi-tri-ke-thu-my-ha-he-550x330.jpg
img.ntdvn.com/2021/08/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_joe-biden-roi-tri-ke-thu-my-ha-he-550x330.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df5891167d980572dafa9a467f80a71e939cc7c0ba128e0faa7d839bd918df62

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12588
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
31749
last-modified
Wed, 18 Aug 2021 11:53:12 GMT
server
cloudflare
etag
"611cf4a8-7c05"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHXzVuT%2FZVNtZmyHbNmuTn8hn%2FOkhu%2Fy6Tp8UhDGtBqpw2YLpEy3DJWfHjvhatGiSGFrAHL2srBian9qgSFc0J1w7ygvxqZ59YPVSqxHZofOohJZBkoc%2FhHtRoCpSDiy0aKajuedzXyr0YFJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a224db8-FRA
expires
Fri, 17 Sep 2021 13:59:03 GMT
ntdvn_tiem-vac-xin-covid-19-ha-noi-550x330.jpg
img.ntdvn.com/2021/08/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_tiem-vac-xin-covid-19-ha-noi-550x330.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d4bd2b568f7e3e1cf697e49f4ffb3c32d6a397b0e913dc8d15d91a30fd0c3de

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18181
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45090
last-modified
Wed, 18 Aug 2021 11:04:17 GMT
server
cloudflare
etag
"611ce931-b022"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIixDGwl7T%2Fwd06Vu684kk00HJSA7yaIEBycAtqfsmmz%2B7HkTmSO7eQxsgAbNtyPK8RnmlOeD1hrxVP7RkFHZmWoYFBOhgfvtA1kJN%2B%2B9Ooy1veuTudGX6Jv8EhW9nYWKhWa8LGpfmHks1d%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a244db8-FRA
expires
Fri, 17 Sep 2021 11:58:07 GMT
ntdvn_sai-gon-falling-550x330.jpg
img.ntdvn.com/2021/08/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_sai-gon-falling-550x330.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a10ba41e037808267a5baa01e798106fcf61b55467377160511b7126ac14b5ba

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25102
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
28203
last-modified
Sun, 15 Aug 2021 10:56:10 GMT
server
cloudflare
etag
"6118f2ca-6e2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJwEt5J76Q3h%2BEJPLB0KHoP8xa35W%2Be%2BZ1jjy3qUlAwbJE1IJTohYRD%2FOmUtCp1k2v9pb7g1lwb3Um4GnneyTJ3LbNQ3dhgV9kazFuSBV1C0UeklrJuNmhQfDrPlLEFIcSlEDUkQyby9mUEF"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a254db8-FRA
expires
Fri, 17 Sep 2021 10:42:57 GMT
ntdvn_487a9595-1baf-44f2-a3c7-ae7fa252fb13-550x330.jpg
img.ntdvn.com/2020/09/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2020/09/ntdvn_487a9595-1baf-44f2-a3c7-ae7fa252fb13-550x330.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa2ad03382ac1deeb0563daff928186221ad31b8b18973707002086012050ac1

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61023
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
17154
last-modified
Sat, 12 Sep 2020 04:26:44 GMT
server
cloudflare
etag
"5f5c4e04-4302"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5S0cef0FcDYzKO1SAlc0fiHQG7fVH3LiaekJyvYksNsMphqa13VIjJ4%2FA8KXDVhGeO28KishfvFPHY39shGkFRzBfKdw9kyi2GX4xCRfBgK5qPVsA2uZRS5V9DzVEz10D80YOmy10WtY%2Bk2Q"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a264db8-FRA
expires
Fri, 17 Sep 2021 00:36:37 GMT
ntdvn_210817-b02-550x330.jpg
img.ntdvn.com/2021/08/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_210817-b02-550x330.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d14cb04a1c972e433dfbcf95a767ff96cc242162a867ef6f5ec371f0f335b5f1

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
145472
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
38857
last-modified
Tue, 17 Aug 2021 00:14:30 GMT
server
cloudflare
etag
"611aff66-97c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lp9DSweR8Vw1nUVxOqn9oU7Vv1g3F68%2FsABAmG2%2FUmqPEz2JzLj0ZAonnpb4Zyw7AhzZoBv63Jdk1nTp2MccbMuzdUCck2qe5wezyniRbbctfDRAEwfz7SgJrshzjQ2i9jhJawour1OqIbUR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a294db8-FRA
expires
Thu, 16 Sep 2021 00:14:32 GMT
white.png
www.ntdvn.com/assets/news/images/ 		95 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntdvn.com/assets/news/images/white.png
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

:path
/assets/news/images/white.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.ntdvn.com
referer
https://www.ntdvn.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
724979
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
95
last-modified
Thu, 03 Oct 2019 15:38:41 GMT
server
cloudflare
etag
"5d961601-5f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q84nDHZKW0%2FV%2B6gWQi95JWR%2BKQm2MyD5XWqzd7cIumCeOQFqR5GdLRIfJ8%2BmYw%2BHJ61f93B7B%2F7cFS20fKaC4PD0jJquKzGBxTlbzMOOTgoUgV%2FQpRqFanCR2DIxBcLGUo1oRnW8iHeJZSFZ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface399d4db8-FRA
expires
Fri, 03 Sep 2021 12:56:23 GMT
election_banner_2020.jpg
www.ntdvn.com/assets/news/election2020/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntdvn.com/assets/news/election2020/election_banner_2020.jpg?v=1
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a433847bde5e554fce0a610ec8e3c4c4b8ab505cd3cb6823975bb976abdf801e

Request headers

:path
/assets/news/election2020/election_banner_2020.jpg?v=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.ntdvn.com
referer
https://www.ntdvn.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2373884
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
51345
last-modified
Mon, 14 Sep 2020 02:54:38 GMT
server
cloudflare
etag
"5f5edb6e-c891"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vgu4cWwps61kYjoIETohM53PmyKrgdP%2BU5%2BcnU94oiyTxSzB7XHGJ4rGwSm7H5yLRRsKsoGiT32ejL7QKoVcp4SGGKsJ8Yr75Zw59lzkZ4Ez0XMOWH3geGi205I5RTP8rtoaxVKolDGQgyGk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface49ad4db8-FRA
expires
Fri, 20 Aug 2021 19:50:54 GMT
corona-banner.jpg
www.ntdvn.com/assets/news/images/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntdvn.com/assets/news/images/corona-banner.jpg?v=1
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8754747636ade2217fed2f96eda7fbba464c91f5eb3eaf8a83376186247212ed

Request headers

:path
/assets/news/images/corona-banner.jpg?v=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.ntdvn.com
referer
https://www.ntdvn.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2354469
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
27083
last-modified
Mon, 18 Jan 2021 09:08:28 GMT
server
cloudflare
etag
"6005500c-69cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ioqkR6bS%2BJXaW5Y8PMoqobIBGKpPljz2KDDvYPRGbEiKQgXIJmhIuYuXxaSK8a3083Jy88vEBeWmLT%2BewENHAVtZt5sqR1Z3da98nAdWDhYn%2FnOLs1ajAf1KhSoo9eKy2SnOnPEkXgRw9sD5"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface49af4db8-FRA
expires
Sat, 31 Jul 2021 18:01:25 GMT
week-38_AC-small.jpg
www.ntdvn.com/assets/news/images/premium/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntdvn.com/assets/news/images/premium/week-38_AC-small.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8011ab6a5dee450379c6aebe54988321ddee435d63026846cbbce702ee317d6e

Request headers

:path
/assets/news/images/premium/week-38_AC-small.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.ntdvn.com
referer
https://www.ntdvn.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2354469
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
51751
last-modified
Sat, 07 Mar 2020 21:29:48 GMT
server
cloudflare
etag
"5e64124c-ca27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzN2HCfz5kY5H9ymq4l7XXhjlOs40vEnHjm5Ca7k5oNhqWmgsD0XzrEx0Dj1jJInrpqsKGrA397HlTDnf2sxO7rPPy5CekmV0UKPqL6xOkuuVotYTIKBipAfvesANFkpn%2FpmN9RZlh2LHHBe"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface49b04db8-FRA
expires
Sat, 21 Aug 2021 11:48:27 GMT
newspaper_example.jpeg
www.ntdvn.com/assets/news/images/premium/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntdvn.com/assets/news/images/premium/newspaper_example.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba22e6bca589196ae649c773967e97e99a580bf8f5166db28d4bb90393b50d8d

Request headers

:path
/assets/news/images/premium/newspaper_example.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.ntdvn.com
referer
https://www.ntdvn.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2354469
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
42295
last-modified
Thu, 03 Oct 2019 15:38:41 GMT
server
cloudflare
etag
"5d961601-a537"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHz5kyNi%2FMsc6%2FLXDFORfzXItLw%2BoUvq%2BYrB2o3CtSaXKA97f9pOt7yR8wT5FhiQPN4LagTzMiZIU5p8MeDCVEqOxviZRRGPS%2FKRph15S%2B742JmSHZIVNDP4FBb%2Fg1PBOGdGWDC%2FM9v6b4wP"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface49b44db8-FRA
expires
Sat, 21 Aug 2021 11:48:27 GMT
newspaper_sample.png
www.ntdvn.com/assets/news/images/premium/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntdvn.com/assets/news/images/premium/newspaper_sample.png
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15cbbed1745f6608abd3b19784d7204f5309de11fc4a0ad57d8f297b61d7ce6b

Request headers

:path
/assets/news/images/premium/newspaper_sample.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.ntdvn.com
referer
https://www.ntdvn.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2340568
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
26450
last-modified
Sat, 07 Mar 2020 21:30:09 GMT
server
cloudflare
etag
"5e641261-6752"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2F%2FI3dCLVpp33VBiIx%2FSXcZdzwFjfY%2FkkrHUR%2BEnYFfXETVjYTkD64yCjl3rxSo0JvFd%2FSW0CMXpJrJj2I0PCe6uwJf%2FG8GDQyqjbYXDDFwK63O3yh2smtdDamGiaroUV2WLeAaTaYrQQviW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface49b84db8-FRA
expires
Sat, 21 Aug 2021 15:40:08 GMT
ntdvn_screen-shot-2021-08-18-at-53858-pm-205x123.jpg
img.ntdvn.com/2021/08/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_screen-shot-2021-08-18-at-53858-pm-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
314eef6eac81bc65ab4191f7600268b8f30e50b1bfbc984086fc6125b3a1a0db

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24143
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9213
last-modified
Wed, 18 Aug 2021 10:39:22 GMT
server
cloudflare
etag
"611ce35a-23fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89mzmqL%2FjQ0Qaklny1C7FAX285t4vWuaUUs1qTJBmSULYAAZW5%2Bc1tzp2kpbhDXBziP9tmG1Op75ythDkhuqlIl56WApuuY5pRW0hZrjVCk7Ft8X9ZR%2FqzAcRegzP9sHX1DV1gwqJAXQE%2FPb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a2c4db8-FRA
expires
Fri, 17 Sep 2021 10:55:24 GMT
ntdvn_sai-gon-falling-205x123.jpg
img.ntdvn.com/2021/08/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_sai-gon-falling-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bac4ae4a0f2fb1f7c2d113a2a0e5f4a11fe716ec872fabd173090e155533bb37

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25102
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4413
last-modified
Sun, 15 Aug 2021 10:56:10 GMT
server
cloudflare
etag
"6118f2ca-113d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ks%2BBpV%2FuKhogy6v6mcOPI9FM83qOG0miqpmv7viZR0PCSl54NQIAmsg%2B1U4BItqI2P2yCuJfoVMHZs4tt%2BfWe2QiaM5OtjVQcK2NoVE6lUN3T9q%2F53kAuV2ISEbJ4LVK9VGTbGC0rlBei1pb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a2e4db8-FRA
expires
Fri, 17 Sep 2021 10:43:02 GMT
ntdvn_afghanistan-205x123.jpg
img.ntdvn.com/2021/08/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_afghanistan-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9f810990ae9c4ccaf7d64b6897d11ab5911736c9b8c77a12e5b5d47c88661ed

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32689
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7681
last-modified
Wed, 18 Aug 2021 08:07:31 GMT
server
cloudflare
etag
"611cbfc3-1e01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZSCHHZ50Ee9mr4HtYe5nC14CUNqnfFGGsq3unenheM4h2Q36nkHAhzx8luQOobNQLyS94EQdkwyO%2FFimqY2mbRkgsW%2FAlTS%2Bk33Tkt1lxNQ7eRtmDzSYjDq1JeCgHQH6Gi%2F97pphOEwdOTR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a2f4db8-FRA
expires
Fri, 17 Sep 2021 08:22:03 GMT
ntdvn_untitled-3-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-205x123.jpg
img.ntdvn.com/2021/08/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_untitled-3-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55b6e8b439d9c4b41a763b791e79e1556943a0f5bdb4181ed704841c8fc043ff

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34925
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8419
last-modified
Sun, 08 Aug 2021 07:34:30 GMT
server
cloudflare
etag
"610f8906-20e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKu4I7hzQLdTH7mNWNIv1QrYXsBaIezpw9I29UiSr%2FkyhnM0B6avYi9zihZgA8XzDvQZ9VP7SppTTSmgqk0rw4wqeLQmbFZ%2B23gQr8P9YwdUdHK%2F3JcKm0WsVLIETlGm8mzDj3nEAqIpFvQ3"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a304db8-FRA
expires
Fri, 17 Sep 2021 07:37:57 GMT
ntdvn_benh-vien-pham-ngoc-thach-tphcm-205x123.jpg
img.ntdvn.com/2021/06/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/06/ntdvn_benh-vien-pham-ngoc-thach-tphcm-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4198cf4a08877bf2535ce9b8cfeab7c965904e326756706b4be8b46354e010

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34926
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10956
last-modified
Tue, 22 Jun 2021 12:24:05 GMT
server
cloudflare
etag
"60d1d665-2acc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hS0MLN03NCpwBTrkKdjGFCJ%2F1SzDgB5JFxl%2Fzxhtu%2B2qOQNhA5e%2FhrunRYwbHZFj87jApXGgXyxtUurdkM0GXxAGENwbwWExFla%2B4WtzvLUaYEnqEQdWup%2FSve6njhUUpGPTTp8hBPOr2%2FL9"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a344db8-FRA
expires
Fri, 17 Sep 2021 07:25:35 GMT
ntdvn_gettyimages-1230850511-205x123.jpg
img.ntdvn.com/2021/08/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_gettyimages-1230850511-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1301c8f30023f371f477ce1fa04baa572e040af5cdf123b9b7a59ae7536e2a26

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34926
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6956
last-modified
Wed, 18 Aug 2021 07:01:51 GMT
server
cloudflare
etag
"611cb05f-1b2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVZT0kkY7z%2FBNkkFm8sclPRcnyDy0BgXA%2BrEK6y44%2BI4YyU2M49jOwQH4brCbkw2YmX7ZwGPlPGtw5VwoS%2F%2FEHDQ3%2FHgcEJCfMfBNQsk2Fg7%2Fcqemmmdc1SMvrIlw6DeEcj7CkNVWXVcRCEo"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a364db8-FRA
expires
Fri, 17 Sep 2021 07:21:14 GMT
ntdvn_tex-205x123.jpg
img.ntdvn.com/2021/05/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/05/ntdvn_tex-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee2f22b84a7ea04898e65db094c2d9974c855eea2bde9007e52a418bf69a884

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39924
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6065
last-modified
Mon, 03 May 2021 23:10:28 GMT
server
cloudflare
etag
"609082e4-17b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTuq7GBgbM1gFhPv157cXow2kVp0H1gw7NMhZSr7T4LdLjT3D7et0GiGrugaZ4F8lpDHv6n0r87cA9OhHx7PCAd%2FrDV8L8ZcmMls9CIgtViDNOJBEDxBryEBGdvy8%2BIgPTvv9L%2FqauCWTXFM"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a374db8-FRA
expires
Fri, 17 Sep 2021 06:25:28 GMT
ntdvn_tran-hung-205x123.jpg
img.ntdvn.com/2021/08/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_tran-hung-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0bbb51565e7cd478b237452e01ba0ee1325cf0c6c3b27e3df149a446ce3d8e7

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
42078
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8639
last-modified
Wed, 18 Aug 2021 05:23:21 GMT
server
cloudflare
etag
"611c9949-21bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WxCMzpShrNqrAkz0ubpla0HcEzG%2F4MZ93FhHIIA%2FwnmA9uewiSYiYva8BJeDXmoO1oQ2s23hz6K0wsvEOuURMpKUxM0v9jLoKdGk9njRSjSlhBdVUqw0%2BzDF2feUbD8qbcVPhpYbaqAwY0UG"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a394db8-FRA
expires
Fri, 17 Sep 2021 06:05:50 GMT
ntdvn_untitled-3-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-17-205x123.jpg
img.ntdvn.com/2021/08/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_untitled-3-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-recovered-17-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17f288547da69e9bb62ad55c183d04ea58d4e09bd0c1112af6a05ccbe21138fe

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
42423
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9697
last-modified
Wed, 18 Aug 2021 05:38:43 GMT
server
cloudflare
etag
"611c9ce3-25e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erDHnXaht8xTOpSEz9OQhWxpCfpROY1dUr9bz4RZN3%2B4N5BRqH7QqCTYBjO%2FQkmSo7kqZfIoejANXi28GsW1gTrlHjcPDYhJUITPya%2FFgxZJPt1lz9j73gonuY3syjXBcQZ9JP6iUtrucvgb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a3c4db8-FRA
expires
Fri, 17 Sep 2021 05:52:27 GMT
ntdvn_screenshot-2021-08-18-121218-205x123.jpg
img.ntdvn.com/2021/08/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_screenshot-2021-08-18-121218-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
228e124c882a829bd3011cf1e3a2c4df69ed58ab5568135903870f3363a0b382

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43861
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4376
last-modified
Wed, 18 Aug 2021 05:13:11 GMT
server
cloudflare
etag
"611c96e7-1118"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQ8eZNTeco%2FnmDgZew5U5W6%2By22LXV0vRZM2XID2SlYmmq9i6AeDgQgCz2p4PaQqDCGYvd43FB2ddozQJpAWjhQlEtwIpMMAqUJDCD9QOLwrxJwOOwvdl4fNcekyTHe52jRoeOX3s5tBibqi"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a3e4db8-FRA
expires
Fri, 17 Sep 2021 05:21:36 GMT
ntdvn_covid-19-viet-nam-lay-lan-205x123.jpg
img.ntdvn.com/2021/05/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/05/ntdvn_covid-19-viet-nam-lay-lan-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f6f0d796ca706140d25f4564c32a28623f666560a7f047a3aa0639ccf32ef9d

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50320
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4512
last-modified
Thu, 13 May 2021 10:15:55 GMT
server
cloudflare
etag
"609cfc5b-11a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqe73hZypCon0xzZLU5cymqzuCh6nXOUHx12hSgct5%2FoLtCxvfhwOLkD7d0jYYlVRWKpVTCSetP6Kf22xbG6in4lgjOaem0TmWzTV9yu9QXzN5%2F0BVjShjpomvT%2BcBdFQp02RucNfsmUtKOP"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a404db8-FRA
expires
Fri, 17 Sep 2021 03:31:25 GMT
ntdvn_screen-shot-2021-08-18-at-102400-am-205x123.jpg
img.ntdvn.com/2021/08/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_screen-shot-2021-08-18-at-102400-am-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e90bafa11e4fee5a8207325b1182d2ac132ba89b0e9c23f04445b782e11e6a83

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50320
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9157
last-modified
Wed, 18 Aug 2021 03:24:31 GMT
server
cloudflare
etag
"611c7d6f-23c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f68uxZyhMRA0ZOTd8f%2FqjfH5GH7KN8s%2BU7DoyIryH%2BFpuCzjplM4AlGm%2FER%2F5EKUOSl0xeTD4iECLEwVh1GqPRtFLSsTJTCCjVastTBWSpnojSOJUx7kPegM%2BoGpPoC2HSkmK1XtjpM4sp1g"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a414db8-FRA
expires
Fri, 17 Sep 2021 03:27:24 GMT
ntdvn_pjimage-2021-08-02t073102280-205x123.jpg
img.ntdvn.com/2021/08/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_pjimage-2021-08-02t073102280-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27ee9a3aebbb8539c143c7b20f348c542f70b9776c612d31dc056c36bd464d8f

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1440339
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7166
last-modified
Mon, 02 Aug 2021 00:31:21 GMT
server
cloudflare
etag
"61073cd9-1bfe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMC5XOU%2FLSX55clrRmmpP8UZgN5qXR2UAxRfpX7sNYF5yx1JQnNiH1poRZd9NvwAUtQ61u%2B9EydH2ybyFRX%2FGKzTxLMeAEjQbvkqu4lQKZmvJJc8BVRnhm6UQWDgU3PbYsqV%2FOJBBqAxJFSs"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a424db8-FRA
expires
Wed, 01 Sep 2021 00:49:54 GMT
ntdvn_screen-shot-2021-08-14-at-104102-205x123.jpg
img.ntdvn.com/2021/08/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_screen-shot-2021-08-14-at-104102-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4236b6cc84920f8d5cf223c9134b9aed1c77e0c6711c5086a3a35ea65a05394a

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
394545
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9795
last-modified
Sat, 14 Aug 2021 03:44:10 GMT
server
cloudflare
etag
"61173c0a-2643"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MV9JRsa0OfTxtlUV4xhwMB1iWN7pS515XwMMnnFDH1Xm3726ebA%2BLI%2BurZ%2FuBeVUELaEGIMvRjMPrvcMrInE8L8fP1y3F0G52jA36ZKjydiSniih4cQ%2FXJ%2FcCjxK7ZTfu%2FeExDPHMYot5jgZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a444db8-FRA
expires
Mon, 13 Sep 2021 03:50:22 GMT
ntdvn_1-6-205x123.jpeg
img.ntdvn.com/2021/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_1-6-205x123.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97184116fd01e7e2c8545e8509fa9a9c4553ac12fd3afb066422fb184f6a056f

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
986264
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8708
last-modified
Sat, 07 Aug 2021 07:31:06 GMT
server
cloudflare
etag
"610e36ba-2204"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=907ge0DjqiTvS7Dr5WoNUHn%2BuA7ty6BOD70BdeJqlcZXkcd%2BGaWrHLHhOAOejAYzOCaPjDRblkr3piVAAE%2Bg0epUlHh2lrmJ4Ir4xplnp8rKEzOAGlx88zAdgj9s0iVKPGffLrhjLvKzDEz1"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a484db8-FRA
expires
Mon, 06 Sep 2021 07:49:43 GMT
ntdvn_mermaid-in-israel-205x123.jpg
img.ntdvn.com/2021/07/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/07/ntdvn_mermaid-in-israel-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ea95d1c32d3a592e1a42a640a117feb51856b48d83ac51a8457733ba3209cee

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2555635
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4700
last-modified
Tue, 20 Jul 2021 02:32:32 GMT
server
cloudflare
etag
"60f635c0-125c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVVTJIo36lgbRlq8lr%2FqWURy3df21aBSLVAhJSvrmXAmaxphpA6uci%2BgCghPi8iZ55EvBMjXX1lPyMtwK5wmAhQ90hI9Dq6nluThIIA%2BFWmyFSlcA3DHXQw19Yw1IrbFAstmcZVccosX3GfJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface5a4a4db8-FRA
expires
Thu, 19 Aug 2021 02:49:01 GMT
ntdvn_mary-205x123.jpg
img.ntdvn.com/2021/07/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/07/ntdvn_mary-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15986027efbcc2bc0d5c0962cfa6180c5484223ba4398a347f8c9bd1180c5376

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2221389
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7341
last-modified
Wed, 21 Jul 2021 06:40:10 GMT
server
cloudflare
etag
"60f7c14a-1cad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCiSdIkSltplx8peUyayBva73h5O%2FTEdnw%2FdCQld9w2DNZkiFnh4ZnbwicvCBrOMTm6zMVjBXxWtr5hJP9L9%2FIQqbQbnqM%2FG0kwsNz%2FB0d5EcWuIHOorFaV33FmyHV%2F1tuc9nLCvesSlQxI%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface7a4e4db8-FRA
expires
Sun, 22 Aug 2021 21:41:47 GMT
ntdvn_duong-ham-kinh-quang-205x123.jpg
img.ntdvn.com/2021/07/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/07/ntdvn_duong-ham-kinh-quang-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c96cfa757ad3995a799857326d1dce5d543f8e26f50bfdf49d714b964ff04dc

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2278237
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7679
last-modified
Fri, 23 Jul 2021 08:19:35 GMT
server
cloudflare
etag
"60fa7b97-1dff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIYL8KExDXWw6Sxrm1YiCkS3t1LIAUyGMZ2CL%2B%2Ffz2ZbXYrLz4ApzfANov9aYZ0k6RSxu98H0hxnoNy8v9NZ%2BheTtdZ4RobPgsFt%2Bv3CYI%2FqsMMwYd3xtaI%2Bvw2Snca%2BAwKwlyBvipYmO3he"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface7a504db8-FRA
expires
Sun, 22 Aug 2021 08:31:29 GMT
ntdvn_pjimage-26-205x123.jpeg
img.ntdvn.com/2021/08/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_pjimage-26-205x123.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1da22ba07444d4be9e1573e45347baca9d8276b75e401ca5d6e2942111e208dc

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
548242
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7371
last-modified
Thu, 12 Aug 2021 09:08:15 GMT
server
cloudflare
etag
"6114e4ff-1ccb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPwO3lGM8eqHlXh8tXUcFsCULWqgH20HvFxzf3%2FgNJgZxtA08yyI%2BnXx4HhlHim%2BvwJv5aO9M2hZ9cNOd3ewp7bmUhA1GtxkVgbQ4%2FM5dZ4QY3v0n9jhFMOEWQLv435Ej%2B8MS7Rstl4M6duu"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface7a524db8-FRA
expires
Sat, 11 Sep 2021 09:14:05 GMT
ntdvn_police-dog-cpr-1-205x123.jpg
img.ntdvn.com/2021/07/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/07/ntdvn_police-dog-cpr-1-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02b2a2588c1b746015dc476bb9f03e95f484cf5d04c08da91aacc5d93ed3445d

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1761771
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7190
last-modified
Thu, 29 Jul 2021 08:14:33 GMT
server
cloudflare
etag
"61026369-1c16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nw4gP%2Bnddur2cb4Vty3EVyjlJNYiJKu65PzFNidyzxOmUT%2BTrL%2FO5FOS3iKqWuRgg0rWVuw2clFqMcjegexxQtgWqBHap1OjX4J0ZvyWBLklCJ9%2BaKuGeyXUGP2Q9dCR5coyvIkZxSqIHx27"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface7a554db8-FRA
expires
Sat, 28 Aug 2021 08:16:00 GMT
ntdvn_cau-be-sao-hoa-205x123.jpg
img.ntdvn.com/2020/11/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2020/11/ntdvn_cau-be-sao-hoa-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09c92cef10bdc1690b2323e472ba8987568a95e8a5e7443c80de18ea03948167

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
393936
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6591
last-modified
Fri, 06 Nov 2020 16:12:05 GMT
server
cloudflare
etag
"5fa575d5-19bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWSMFwZa%2FcYtUtQY09MTYRXT1DyNGVU4yVZ62xb5QT%2Bjx1mY2RxOthSTNcJL2MBqMdSeIF1H50BDYYXeF2vybxHAanF466nrciXTb58uiF%2FqBWwDbjpkpWtvBTGx8fbxN%2B2v8YHus9h%2BVQQZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface7a564db8-FRA
expires
Sun, 12 Sep 2021 19:34:14 GMT
ntdvn_canada-goose-205x123.jpg
img.ntdvn.com/2021/07/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/07/ntdvn_canada-goose-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12449dc369d5084b5b444ee02cf9b8db456acb6533597241f08479cda054c44a

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2551205
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7764
last-modified
Tue, 20 Jul 2021 05:02:47 GMT
server
cloudflare
etag
"60f658f7-1e54"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HrS9%2BxN%2B6LjSGuAj3JJxVKjurrQ7CrOsQZN2RGpeB8Htrq8icm7y0lWiHhmzGgqcVzcmBEHaue8t4H2%2BIlSFodEv9sNcKXE239w04Xu4jGYtwMTC2Iz32pQd%2F5CruyzC7LbBdfLvJINAneL%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface7a584db8-FRA
expires
Thu, 19 Aug 2021 05:04:03 GMT
ntdvn_cay-cau-kien-205x123.jpg
img.ntdvn.com/2021/07/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/07/ntdvn_cay-cau-kien-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
118877f98267b7f0b77a73f3ae24d9a21da2ae725adc3617bbc1c5de2069ad74

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2360887
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6158
last-modified
Thu, 22 Jul 2021 09:13:27 GMT
server
cloudflare
etag
"60f936b7-180e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gELx4klLUzd7gyVJ31S44EMZP%2BqnxXHDPxyR5fcez40lhZeM6AjCrgPL7n%2FqMJXIypXsaYPuQSxiK7mCYD0snd2veOSAPv1F3YjFamAvzBsbk7MDe6CNGu4kGl3As27t0faPaw28EOV58vd"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface7a594db8-FRA
expires
Sat, 21 Aug 2021 10:01:29 GMT
ntdvn_baby-naomi-web-879-1200x720-1-205x123.jpg
img.ntdvn.com/2021/06/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/06/ntdvn_baby-naomi-web-879-1200x720-1-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b38ba34476a59b03523186b174fef5fee66fa70e841b04d2b3e30f68151ae104

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
906781
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6011
last-modified
Fri, 18 Jun 2021 01:41:27 GMT
server
cloudflare
etag
"60cbf9c7-177b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEUl82278o4y3%2FwNy3Vu6YWHENp5GHcr601c0ALULraxYacFgs5VHjzWyf%2FB9MAf%2FtBCAQGk7aIiV80h83DgV8U0njzmxn9fPgR%2FgqyAdAAsVjjmvNraGSO5vqm4otv3Pp8TGH7VqE1zhNSX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface7a5a4db8-FRA
expires
Tue, 07 Sep 2021 05:23:48 GMT
ntdvn_pjimage-1-1-205x123.jpg
img.ntdvn.com/2021/08/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_pjimage-1-1-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54c03fd122c538755a0ba5693489f43c678f528ae52231c46f39757c375d2509

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1338493
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7033
last-modified
Tue, 03 Aug 2021 05:49:04 GMT
server
cloudflare
etag
"6108d8d0-1b79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B99vvHXkA2JT2avZCFvLI8%2BUDwlP%2FdSjsA4K2ctbPm138xt6Wn7qgxiaKAgK5ZH3AHmB0dp%2B9q02z1676LRr4MwlfZq56tKZeLttW87PR2V9mJ8fGf4uSv8%2FiFoV3sD6hDzz74FWwcm2BTfQ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface7a5c4db8-FRA
expires
Thu, 02 Sep 2021 05:55:12 GMT
ntdvn_gettyimages-1171981007-205x123.jpg
img.ntdvn.com/2021/05/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/05/ntdvn_gettyimages-1171981007-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ec9c46d8ae4ec8855206f142ab0bc501b765a5fb254accd3fc65e9553014446

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1222978
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7052
last-modified
Tue, 18 May 2021 09:07:01 GMT
server
cloudflare
etag
"60a383b5-1b8c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhJsOuj51ZQXwqQKKOsKGVXZ%2FK5Qjz8pqj5VLhZVkbu9knqXxafzG3agNZ984BeiHZFyOSpSNdJ1jwKOz1VyyIdq7QMPmTbfX%2BlRlpM2oI7vWrDj89sGzNLy6Jg2kWdSbQVj1%2FIlbGcYHXyg"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface7a5d4db8-FRA
expires
Fri, 03 Sep 2021 13:57:50 GMT
ntdvn_tasha-tudor-205x123.jpg
img.ntdvn.com/2021/07/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/07/ntdvn_tasha-tudor-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29ecdad75d8d33cec7ac13c8b0b764124e8734219f27477e8ffa65505afd24ad

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2202377
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8705
last-modified
Sat, 24 Jul 2021 05:39:03 GMT
server
cloudflare
etag
"60fba777-2201"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5SHSKATiTiCd7dDtIQxCuLL5bzB5g7UsS1x7YdfZ8U8IvxChfCJjIgWjRJFyuDW9ScPx4iHpJkUIay9rkEFD5pPZEH7hrMlFA%2Bz5%2Fkcm00RKMOV8pwFke0YjzS5OpM7I2Xq%2B3YEw1Obg0vKZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface7a5e4db8-FRA
expires
Mon, 23 Aug 2021 05:40:51 GMT
ntdvn_vaccine-205x123.jpg
img.ntdvn.com/2021/07/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/07/ntdvn_vaccine-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
713076d30f8a759e35fed822f1d9c36e5567ca8b3d3a932fb7e5c6cb6ad5bcea

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1010786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6297
last-modified
Thu, 29 Jul 2021 13:54:15 GMT
server
cloudflare
etag
"6102b307-1899"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zV2gmIq99af9V8O5uZ0QbGu6wL9HIyeICgJJQeORpubhZnQpD3MUtzad7lsI20irJdcgy%2Fm5Au%2FVErqUPJ%2Boep%2BaEfnoYNEIhR7EdmHWg9deBFFz0jGav8BRLuniFldtTSul%2F7m0RgaVVY8m"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface7a5f4db8-FRA
expires
Sat, 28 Aug 2021 13:57:27 GMT
ntdvn_cau-be-an-xin-205x123.jpg
img.ntdvn.com/2021/07/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/07/ntdvn_cau-be-an-xin-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac9bd65854317ee11d9b28ee6ea2ab6ae635177f188367808899d8d38e38a0b6

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
536214
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7670
last-modified
Thu, 01 Jul 2021 02:59:47 GMT
server
cloudflare
etag
"60dd2fa3-1df6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0ZRAlU6h5kK8USKXYeFbWTT3mJ4jQQ9e6hOxuAchZmM3%2FKO%2Btad3uOjCEeSlr2kMirnwGavYUBi5nG9bxEuPWJwcKDkfKBFP801U83y6sTLgsOPubxorX3LXRlAVVBKmFkSg4eGTeD8Sxht"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface7a604db8-FRA
expires
Sat, 11 Sep 2021 12:35:20 GMT
ntdvn_pjimage-205x123.jpeg
img.ntdvn.com/2021/08/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_pjimage-205x123.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff3dc3af42534bfdeda0b2f2e1b66b620cbb50f279c600e78f1a547beca60a1a

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1482026
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7687
last-modified
Sun, 01 Aug 2021 13:50:14 GMT
server
cloudflare
etag
"6106a696-1e07"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0T0j5EQntXB8joHmpDPDM52oWvzB12mkO5HV9Gg1VYqp7Wr9tyrRb9Fw8urht9ePMwqxbUVvbQLggGp9CHezT5ZaZgG7dh8v6cpkkb%2FOOeiaq%2Baox36qa2NHpLlaSPTtL7ucJ10HOngesoD"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface7a614db8-FRA
expires
Tue, 31 Aug 2021 13:56:44 GMT
ntdvn_taudienngam-205x123.jpg
img.ntdvn.com/2021/07/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/07/ntdvn_taudienngam-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
688d38333f72c74715eacf2ca4470a5fdd17743acedad2004ec25e30246daed9

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1010786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9516
last-modified
Sat, 24 Jul 2021 02:13:47 GMT
server
cloudflare
etag
"60fb775b-252c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZh%2BQJs7HfZQVADTjiqCclX4OMOXfSwF4zUKAeg3FDOt6Yu3WQEkFyYI9EK%2FSNgQp01l9IBp5UVMJQWxUt7%2FN4N18d55MS6GzzfCO9vaboEXT9NRm4M9vwtBcBVeVoCIDPJvz%2Fk5KnlF8Gre"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface7a634db8-FRA
expires
Mon, 23 Aug 2021 02:42:19 GMT
ntdvn_pasted-image-0-50-205x123.jpg
img.ntdvn.com/2021/07/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/07/ntdvn_pasted-image-0-50-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a8e58a70a333b991a2a6c565505674c1b4f5abb030d0a58f717d5314e5b9f14

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1332484
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9229
last-modified
Wed, 28 Jul 2021 08:55:32 GMT
server
cloudflare
etag
"61011b84-240d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UhDndcLDPMHSn46pj%2FhGgBjfOwazhQVr7bylAfwcRlCShEIqTjI6U3J6DQyCnb9OK3rdxTL4JM2MOIp5Uzw7w1Q40uq8Q5Qtjwvrxpa%2FgKCImCI0Tk8DIPBMBdjb20kvtDgoNd%2F0OsF9Xglb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface7a654db8-FRA
expires
Thu, 02 Sep 2021 07:40:59 GMT
ntdvn_1-24-205x123.jpeg
img.ntdvn.com/2021/08/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_1-24-205x123.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df7c1b67def40a82d34fc516079ad723ecff96c61b89163aec3a8b9ef7532cbf

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
128311
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
29011
last-modified
Tue, 17 Aug 2021 05:57:19 GMT
server
cloudflare
etag
"611b4fbf-7153"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iO5XLzTuGPxAGg6uWLrAVVQoMSauiGHdWUa3ogiMHNl6Cw1HoSpDiGcnb2rJeX00U%2F71611Yr5UWAqs65RdFmgE5xlLxDTY0Thj5qGuz2vOjnhRxZ0AopfdyIuMJMYt%2FyBXFiVIFd6n7vSiM"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface7a664db8-FRA
expires
Thu, 16 Sep 2021 06:07:54 GMT
ntdvn_hai-dia-cuc-205x123.jpg
img.ntdvn.com/2021/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_hai-dia-cuc-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40043e4c57e34f40de98512dac30eca26b1c0bbbff0b4f01c24892cd5936f2ed

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
138407
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4650
last-modified
Mon, 16 Aug 2021 08:13:14 GMT
server
cloudflare
etag
"611a1e1a-122a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOKHWl2Cj1bL7UVVrkSNXR8V0fonFfbDGNrnphggNrdZK%2FQo5H2wBgWfRwr6pFYPyP3ovKlaYN%2F1%2FljXIypwHrc8wdwcVgSu4vOrNoKhFGKpaBl%2FNmN%2F9JEmjjldbWnxkyUPFQVdH4Yy8P24"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface7a674db8-FRA
expires
Thu, 16 Sep 2021 03:05:39 GMT
ntdvn_am-tu-sa-1-205x123.jpg
img.ntdvn.com/2021/08/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_am-tu-sa-1-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f042e284c81166363f919f5d21d97886912bf7c2f6e6cc3cf24b61652118bf2

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
148926
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8513
last-modified
Mon, 16 Aug 2021 07:31:32 GMT
server
cloudflare
etag
"611a1454-2141"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmgEamfM941Bf%2Fimw5583Ohn%2BqYIDbfSKT2snNX8yNd0g%2FttRbkWr9F67uJrq9lw9VAOJtDKv7bqTA4n8iqOrhtvAyiNcDTmRH45ncB0ogKxrjYH3dMZ7bpyWnyJhmHfx2LgXCJ6VGJBcpJI"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface7a754db8-FRA
expires
Wed, 15 Sep 2021 23:36:04 GMT
ntdvn_123-205x123.jpg
img.ntdvn.com/2020/08/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2020/08/ntdvn_123-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1396d061ff29a31491b62aaf41b036f2f8d357c18227ff1e9c138161d54512f2

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
207500
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
11626
last-modified
Mon, 31 Aug 2020 09:25:35 GMT
server
cloudflare
etag
"5f4cc20f-2d6a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gb4g22N9o8P83tz9Fn1L3xy5siLoqJ9R1AAuApepZAYJ5%2Fi2hxMq0NGBYnGVQxhcNEQqzHV6%2BzJCEXv4vQ2FE0jIMk1x1eqAbmtsbcPMK8aOmOnlqFdXLr%2FANrUVoJv%2B1LH65jEkKWZwS4MI"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface7a774db8-FRA
expires
Wed, 15 Sep 2021 08:00:38 GMT
ntdvn_biden-tu-chuc-trong-o-nhuc-205x123.jpg
img.ntdvn.com/2021/08/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_biden-tu-chuc-trong-o-nhuc-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d673ce37e5a9d0f47da19bedbd33c169d7ebd64a6050f08c3302c8940ad61558

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
219485
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6904
last-modified
Mon, 16 Aug 2021 04:34:19 GMT
server
cloudflare
etag
"6119eacb-1af8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhAFNR2AGLru6FHA1cIfncvZJZdgGyERs84Tl%2FONjo658ubdgNLwomIrJ%2BUM9RNDKfjh%2BiVNqAX0Boy8JWHVo0LntRrpZvf2hrU4jrXE8kTxMxWU7P%2BMTydx6gCm8b68piI8QMIIjK3f%2Btt2"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface9a914db8-FRA
expires
Wed, 15 Sep 2021 04:37:04 GMT
ntdvn_nuoi-beo-de-thit-va-do-te-cuoi-cung-ky-3-205x123.jpg
img.ntdvn.com/2021/08/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_nuoi-beo-de-thit-va-do-te-cuoi-cung-ky-3-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32a0d1430bf56cf653f34d12497867635a23bc5b2034ff6b2a32fb3d6cef2fe5

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
221151
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8598
last-modified
Mon, 16 Aug 2021 04:10:15 GMT
server
cloudflare
etag
"6119e527-2196"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clPWbCpxdrOQogqReHAn2ZSrl4FSXjM4bP9V9XhZDU5S3DarUyADdK%2BdCU8rgIYn1erM30%2FnN4k87LvJDcURxFyJTjzyKzyg5qSOXbmntVX0RGP%2F%2FLMBFSNxctDfdaEXp1uBfWiPcSaAr1%2F2"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface9a944db8-FRA
expires
Wed, 15 Sep 2021 04:15:45 GMT
ntdvn_ho-chi-minh-3039579-1280-205x123.jpg
img.ntdvn.com/2021/06/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/06/ntdvn_ho-chi-minh-3039579-1280-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc46af2cad8f20212ab904619ccc77c2ae58d8e5cf2c1971e957c7b2840ece42

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
224560
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6710
last-modified
Thu, 10 Jun 2021 05:16:15 GMT
server
cloudflare
etag
"60c1a01f-1a36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSLy5zCglkod02zmwehUi%2F%2BpGjKlIzW%2FIV5osC4%2FjfzMOkh4JhzCnpd23HBYpCT9LvEs8%2FB%2F%2B6OAOlBP4BC9pqtSme05VqfMw7j4z%2BOtBkYaDy6Jbq%2F5xVtdvnbyb7xhKrKqsTJVlWBWDiyq"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface9a964db8-FRA
expires
Sat, 11 Sep 2021 15:15:31 GMT
ntdvn_anh-3-205x123.jpg
img.ntdvn.com/2021/06/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/06/ntdvn_anh-3-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
298ee57933f8bc6cc69272f7c1ca4b0622fb1081001a0e734d9084436eea8fc3

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
224560
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8093
last-modified
Tue, 29 Jun 2021 04:34:58 GMT
server
cloudflare
etag
"60daa2f2-1f9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Ur8HjUwabn6%2BZQ7XlSmCy%2FysfMl3EPXyCbytR7rRY18NdqZyFmpXt3J2OBQWOT53%2BDP4MPFdsLddg%2FcdZ%2FvCU5pibOl%2FNy9EL5wvJFkOZI5xUwpj29WyHDp0aUHjaT2Sp8tmXp7HL1FSd1s"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface9aa34db8-FRA
expires
Wed, 15 Sep 2021 03:06:05 GMT
ntdvn_monk-5357402-1920-205x123.jpg
img.ntdvn.com/2021/04/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/04/ntdvn_monk-5357402-1920-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9655134b1e55fbac489d5b55aea93fee02bd607d3f057dcf1a0e7a47e73bb7d2

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
230420
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3815
last-modified
Fri, 16 Apr 2021 05:14:54 GMT
server
cloudflare
etag
"60791d4e-ee7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWbf0MeOt%2FK0gtiAPK5vNew4w4qlGRr%2B%2Bu3szJLacPhvKhuTXs6QSQPIxuqccIJ3H04EKVK63ao0URVNNgejNSRC7xgiGOhqQXUpKiO4%2BpJ8RFmNEAexey%2FrEMRClQg7XR6saiLXWXZGDnhH"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface9aa84db8-FRA
expires
Wed, 15 Sep 2021 01:45:41 GMT
ntdvn_1546843460359-550x420-1-205x123.jpeg
img.ntdvn.com/2021/08/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_1546843460359-550x420-1-205x123.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd36ab2617222870a52de4bf76d72dd191f08d19509aba36a0e40be407986470

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
230420
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7065
last-modified
Sun, 15 Aug 2021 03:03:33 GMT
server
cloudflare
etag
"61188405-1b99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ts3NscpmLNOh9RyGBAKsa91IwU6hK81KqMizFFi2K7NjGEp4Z%2FOs4idiiM0Pt38ohlx7gWDWZgSvM0TZCa2qXZbXjfIJ1mx%2FT226C%2F%2BOh7Goy54U93jxIDr3tT2EtwdQDOrPTqEmD%2FLt1wJr"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface9aab4db8-FRA
expires
Wed, 15 Sep 2021 00:36:00 GMT
ntdvn_tam-tinh-doi-1-205x123.jpg
img.ntdvn.com/2021/08/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_tam-tinh-doi-1-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
854a4596aca3c053e6717fb8e4ad6ab4dd88dba7cc8178383455306203bec31f

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
230420
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9128
last-modified
Sun, 15 Aug 2021 03:03:27 GMT
server
cloudflare
etag
"611883ff-23a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EEMWKPupjfuxqJEvTrhR1LnSVunuMX1OvopMtK2W2ByuV57RLLcNVkVDzFBBNffr%2FrVUPfyuUwM1tI9ikUEJpBL2lQvzA5c5javGHzeljWgpzhdnWaYlbBxmp5gBDXlwWsVqqiy8xX2yqq3t"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface9aad4db8-FRA
expires
Wed, 15 Sep 2021 00:25:55 GMT
ntdvn_ezgifcom-gif-maker-2021-08-14t112031090-205x123.jpg
img.ntdvn.com/2021/08/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_ezgifcom-gif-maker-2021-08-14t112031090-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3df3bcc87477129a30c67cd7ce35e10829aa36580982059e68c0bfb771b13f7f

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
267727
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6347
last-modified
Sat, 14 Aug 2021 04:21:12 GMT
server
cloudflare
etag
"611744b8-18cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXGks5AgbdYyR%2BICBJjeoOYqktaGRAN4jYtJ1EbYVlkqJKKfcHb67gKFCLJQHSfFWDLRyKlgg%2B8hBAf043Gmd9V2xKfos2rm4hl9Q5K1jzrvFZq2AxVdtaMHf5nopBJxxRPs1FswIMw7xZlV"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface9ab04db8-FRA
expires
Tue, 14 Sep 2021 15:11:07 GMT
ntdvn_maxresdefault-13-550x330.jpeg
img.ntdvn.com/2021/08/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_maxresdefault-13-550x330.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3535176b949637f0f2d5acdbea936d3cce61f243ac110982926da9fa042ea18

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
955926
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
41984
last-modified
Sat, 07 Aug 2021 13:45:16 GMT
server
cloudflare
etag
"610e8e6c-a400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oyDxUGty7Kb9Ode2jDO9QaaYT%2BuWqb8AxfhzNj1GSeKAvU8vNG0QYk0K99Cy2E73XYGEvmjztLkqi6Xm9aVAInxpE52GmfSuBZb3HTUPg%2B3J%2BhiYD2Psgw866IjxsCNZSRpSMJL28H7vGjVS"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface9ab24db8-FRA
expires
Mon, 06 Sep 2021 13:45:17 GMT
ntdvn_maxresdefault-11-550x330.jpeg
img.ntdvn.com/2021/08/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_maxresdefault-11-550x330.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b8104321aaa7fed4bafbcee5d6bde427452cbe81764061b384f57e97324fb78

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
977232
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
33950
last-modified
Sat, 07 Aug 2021 10:16:09 GMT
server
cloudflare
etag
"610e5d69-849e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z53pIeNdkJSnc2hcf3LBN%2BYxKctIXnBodiCsFYKsxXT3y20ubegdMmYMCWxyLRqwvQPPYSQqj0ULsNDcvImwxL8a1m7C1sNrWoxCdOyTPBqm3d%2FRElFYccd5jCI%2Bp07BEKTjYTU5Ln6HZE1r"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface9ab44db8-FRA
expires
Mon, 06 Sep 2021 10:16:09 GMT
ntdvn_maxresdefault-10-550x330.jpeg
img.ntdvn.com/2021/08/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_maxresdefault-10-550x330.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f71b0d96dc81fde8be7f62a54112d1a893ae4acbadb11136309451a55456de62

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1068364
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
46242
last-modified
Fri, 06 Aug 2021 08:48:50 GMT
server
cloudflare
etag
"610cf772-b4a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EI6AKSAWXmWjAIFSETEwZieJ78qirO4fH%2Fzmh84z%2BJuPsh5tzSaDZm3QP%2BxepY%2F1OO8CRDPH3Mgk05c7GjGYU5xqlPTCCgAO8c0cZNcxfwnB7oxY23Yb4rbnFXIAHXoJObbo%2FNJX4Kn9sPxY"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface9ab74db8-FRA
expires
Sun, 05 Sep 2021 08:48:51 GMT
ntdvn_maxresdefault-9-550x330.jpeg
img.ntdvn.com/2021/08/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_maxresdefault-9-550x330.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
737c7847d238900b00d42f6662200b1276f625c369277a5b4e43c4b177775233

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1137178
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
38912
last-modified
Thu, 05 Aug 2021 13:49:55 GMT
server
cloudflare
etag
"610bec83-9800"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgBT5DLStPrtVsFPTLnMOdFJOrIeFY1rF%2FaKHkvMZmyEzbQTUF%2Bl7sVJqgxMKbe6qcX2GE0YfnvFuxTsZndwNtb40PGa6vEDlYT6%2FlRqjlz604HX8zu6TuQVDQKyw2xvy1ZqbpzgUsROdOOC"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface9ab94db8-FRA
expires
Sat, 04 Sep 2021 13:49:55 GMT
ntdvn_maxresdefault-8-550x330.jpeg
img.ntdvn.com/2021/08/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_maxresdefault-8-550x330.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec12aba0ce096d1f1f29b67ea7fd0556b1cfb5204efec0438c64687eb9fc651e

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1152209
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
42063
last-modified
Thu, 05 Aug 2021 09:40:59 GMT
server
cloudflare
etag
"610bb22b-a44f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cFhKbtT2XKndg60aSz8O83BPDIbA7YEUml3ISm2snX%2FQnkjFHbK%2F0ww7zpWjjxnpJYY7HTe8%2BWkY1PA44ZcMq%2FBU%2FeHeoFMR0lL3E%2B9d15%2BdX9%2FCIRGug47iaqIH5lVVHdwCPexq4ub6%2Bsd"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface9abc4db8-FRA
expires
Sat, 04 Sep 2021 09:41:00 GMT
ntdvn_maxresdefault-7-550x330.jpeg
img.ntdvn.com/2021/08/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_maxresdefault-7-550x330.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
089762a726dbe29f6e31c628006147d47e62795b9bf2286e6f809b19b9d2fe00

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1212417
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
36196
last-modified
Wed, 04 Aug 2021 16:43:52 GMT
server
cloudflare
etag
"610ac3c8-8d64"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CHXZxRalcg68hMggCbWTrLPiJtq7KZQGXIY8x2PK7EC9usjUc%2FKyJIY%2F%2BSMnOQvMpfu7iWxZoRRq%2F5IH4sw14Wp%2Fecyvp%2BhjCEAIb1YxWdlC6FnWdpYmpTy4%2F5S6U9Xgn2Yixjr3MEbqHnt"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface9abe4db8-FRA
expires
Fri, 03 Sep 2021 16:43:53 GMT
ntdvn_maxresdefault-5-550x330.jpeg
img.ntdvn.com/2021/08/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_maxresdefault-5-550x330.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5db063fc152724d1ff031526a2dfb96164cddde29a562b8f3a0661b3ffe724f7

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1230931
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
39819
last-modified
Wed, 04 Aug 2021 11:43:30 GMT
server
cloudflare
etag
"610a7d62-9b8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3nu4jyV0RtvSJvgfCjPcxeCTOyhXzwFBZdvOCkJ7%2FupkEBBk%2BxH5Hvg9SMBQaC7W%2F5XnfpYaJSy7oLhSRC0uCijiEzl0wZVpBSE7FXYJnX9ya2zXf5mioCUxgcW7BFWsGq3t0Y0q7dQ9eLn"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface9ac14db8-FRA
expires
Fri, 03 Sep 2021 11:43:31 GMT
ntdvn_maxresdefault-3-550x330.jpeg
img.ntdvn.com/2021/08/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_maxresdefault-3-550x330.jpeg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97619d82ee3e0bc0bc5ee483abe804faeb6eea8ea9f6e6dd894e96337375ff11

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1255061
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
41791
last-modified
Wed, 04 Aug 2021 03:50:14 GMT
server
cloudflare
etag
"610a0e76-a33f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vY1GiylLhCCzFEq7GQ4RRJq2LLGb05VtJzGo5T3nRE%2Fl1C%2FSiBlU7PqAF%2FyePP4%2Fpm%2FHpw0sbtNdZQ8CkzO2LZWEAxpf%2F5lQy2s0b1KiIuz8w%2FjHuceVT5TCXyi0AMZQGIjGTbyUBoCQu57f"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface9ac24db8-FRA
expires
Fri, 03 Sep 2021 03:50:15 GMT
appstore.webp
static.ntdvn.com/assets/news/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ntdvn.com/assets/news/images/appstore.webp
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ef1b310a2f53613ae44db626e6019858aecd973b7ecb191d01ba5d2b71f8b55

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
access-control-allow-methods
GET, POST, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
397276
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2266
last-modified
Sat, 14 Aug 2021 02:14:04 GMT
server
cloudflare
etag
"611726ec-8da"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ZKTWCBeu8o3tYRyLkxfXU4w%2Fn0hS1a5VMurRHzXlOCd%2BFE9gUo165mY%2FGnhfA956lDTEDBNwxQRoEWyoqa%2FyBCpfxFL2rMHOZT8ZuM6S2g9PiVqYXMMMYCpCKIxsY%2BtO9TF9uATN7G3Tud1OpvT"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface7ef242d5-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Mon, 13 Sep 2021 02:19:42 GMT
googleplay.webp
static.ntdvn.com/assets/news/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ntdvn.com/assets/news/images/googleplay.webp
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3785a2f88b05620ec8b5f9edba998d9534e29f5997808136d58b181b6f606b7f

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
access-control-allow-methods
GET, POST, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
397277
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4190
last-modified
Sat, 14 Aug 2021 02:14:34 GMT
server
cloudflare
etag
"6117270a-105e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLFq51ZGZVD40SmF08GAv6tROIgJ9rFK5SDrZRUwWGl2bhEtRTj0WtzEp54aeqCSAIkLI7juI3mFi8O2PejrR%2FSlkitxVaRp%2FJ%2BycOARAPuEYX4Q5L9Gc4o4O3OyXa9OcstVJ2q9atfg6djMNB%2Fe"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cface9adf4db8-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Mon, 13 Sep 2021 02:19:42 GMT
jquery-all.min.js
static.ntdvn.com/assets/news/js/ 		333 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ntdvn.com/assets/news/js/jquery-all.min.js?v=0.2.88
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa29c85929d723b2df611a589c69d7097ae1b275b90e10c2335d43cf40c7bc6

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
450095
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 15 Oct 2019 13:11:27 GMT
server
cloudflare
etag
W/"5da5c57f-532a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKhJD9BD2e%2BYss3%2Fd1XESGSoVLiCA82d7fAtV4GeYQTZt51qRtl5cupY%2Fyx8ucC1B1XGePOGLnNyX611p%2FQlLZEGkFX25L0Tu%2FE5S73bkJeGJ8uGkxhmEjq80pUNreNy5%2B497%2B6W7Oww6kodE8U1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000
cf-ray
680cface9ad14db8-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Sun, 12 Sep 2021 12:34:03 GMT
slick.js
static.ntdvn.com/assets/news/js/ 		82 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ntdvn.com/assets/news/js/slick.js?v=0.2.88
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
430f384b0fc496d9650c747cca458a7eae062530c718aa7a896d99031fbbae8d

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
450096
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 03 Oct 2019 15:38:41 GMT
server
cloudflare
etag
W/"5d961601-14929"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xxRCxg76UbfR124X%2F0nNISLZyUNVAjoGSAPOd7IL22DQlhx0LB9t8UniH8zPD0DPmvcgJ9VRlNiUhp0yyveJ7szXa%2FYF2BW44Q34Lvkj4t3qTRfKNfiDxGvP21byYK2WhPB%2FfDz4cC2lDSqKXvM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000
cf-ray
680cface9ad44db8-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Sun, 12 Sep 2021 12:34:02 GMT
bottom.js
static.ntdvn.com/assets/news/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ntdvn.com/assets/news/js/bottom.js?v=0.2.88
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2baaccba2384df8456290558b99703916b6c71a277f637ed10f974d41f71c4d0

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
450095
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Sun, 29 Mar 2020 05:54:40 GMT
server
cloudflare
etag
W/"5e803820-51b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRMuJQ5m7uQSdWoPSeyB6EYkP1JXIbnAYOALxQ15kSVCOy1gSgOF5WwXTR%2B1Wavuql7xTl8%2FlZshA%2F7AoHU854nqsZwKrsvy1y72IRdJkGhHgLgZQpR0IBbBa9lssR4ERvrtL10FqKJy6OCYErLC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000
cf-ray
680cface9ad54db8-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Sun, 12 Sep 2021 12:34:02 GMT
infinite-scroll.pkgd.min.js
static.ntdvn.com/assets/news/js/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ntdvn.com/assets/news/js/infinite-scroll.pkgd.min.js?v=0.2.88
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3bb8b08d88d8c2aecdcc22d44304bb5011631ed25f7b92ef36e834392cd227b

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
450095
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 25 Jul 2019 11:18:41 GMT
server
cloudflare
etag
W/"5d399011-64db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GiY6X4fiEr7XAwcBuCbkbONrbbZYNtWJPy%2FPurBa8Pqgo%2FQM9em5bDbtl7MlDSwhFM58a4DSdrUuMKbKe1Ouf79zo5cRNG60lamPIAZ5muw1zZhG4DjE3wJHAVCCD886O1tJZeS%2BcbI3GqcV5SLU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000
cf-ray
680cface9ada4db8-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Sun, 12 Sep 2021 12:34:02 GMT
bootstrap.min.js
static.ntdvn.com/assets/bootstrap/js/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ntdvn.com/assets/bootstrap/js/bootstrap.min.js?v=0.2.88
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
450700
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 13 Feb 2019 09:22:50 GMT
server
cloudflare
etag
W/"5c63e1ea-9b00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXEIYgp4%2FGOHkaEuvz4%2FLSO535Jz%2Bew7257JJHHngwEMOAf7SuSavuYKvXnaFTaUKcaRJvGxe9uZNTyEDhMw41e3BIjHwDJ5%2FpFSWqGOLkEBYXKtZQnlgdtpKfzsesaELSV8%2BDDzuAlZ8wQYed7A"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000
cf-ray
680cface9adb4db8-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Sun, 12 Sep 2021 12:34:08 GMT
jquery.slimscroll.min.js
static.ntdvn.com/assets/news/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ntdvn.com/assets/news/js/jquery.slimscroll.min.js?v=0.2.88
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a84ffabdd498cd0bbd960a2c2b1845a65113bd6bea00096602e47ec8f87fd122

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
450700
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Fri, 10 Jun 2016 19:19:14 GMT
server
cloudflare
etag
W/"575b12b2-1274"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSw8WjXk8ztICRMLpzjC9Yf7Q3ndUqnAMgxnLcbIA%2BnU0bTNmiL%2Fd62OnBmAw1CrrxNYXAMxGDKKf75AjOXMcEK7TfLBV2FzByhn%2Fso8joOv3e5%2ByA%2FNRRuB60XHIMmQ8Q0LmdUbyvl%2FpptdRjvS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000
cf-ray
680cface9add4db8-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Sun, 12 Sep 2021 12:35:21 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ 		252 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2450194731637417&plah=www.ntdvn.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
137bdadd875cc13a2fd1fedba8caafe72fb14e7fa3418504763bba06bf27f500
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95569
x-xss-protection
0
server
cafe
etag
15041329415598805064
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 18 Aug 2021 17:49:36 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/ Frame 5D7C 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210812/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ntdvn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ntdvn.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 17 Aug 2021 20:11:15 GMT
expires
Tue, 31 Aug 2021 20:11:15 GMT
content-type
text/html; charset=UTF-8
etag
8999110079160743657
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4576
x-xss-protection
0
age
77901
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		199 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.ntdvn.com&callback=_gfp_s_&client=ca-pub-2450194731637417
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2450194731637417&plah=www.ntdvn.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
0d8a97d71bef6a726403c106e01edb04ab21a2736a571dc99e21ed42659d1c8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
190
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ntdvn.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2450194731637417&plah=www.ntdvn.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Aug 2021 17:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ntdvn.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2450194731637417&plah=www.ntdvn.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Aug 2021 17:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9076 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&adk=1812271804&adf=3025194257&lmt=1629307174&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.ntdvn.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308976427&bpp=10&bdt=108&idt=160&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=529550808947&frm=20&pv=2&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=197
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2450194731637417&plah=www.ntdvn.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2450194731637417&output=html&adk=1812271804&adf=3025194257&lmt=1629307174&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.ntdvn.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308976427&bpp=10&bdt=108&idt=160&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=529550808947&frm=20&pv=2&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=197
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ntdvn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ntdvn.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 18 Aug 2021 17:49:36 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 18-Aug-2021 18:04:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 18 Aug 2021 17:49:36 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2450194731637417&plah=www.ntdvn.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61fe4436f1d882b3acd98fb2763984bacd382664582f4918647b89894f46b871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629113446242536"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27733
x-xss-protection
0
expires
Wed, 18 Aug 2021 17:49:36 GMT
Roboto-Regular.ttf
static.ntdvn.com/assets/mobile/fonts/ 		159 KB
160 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ntdvn.com/assets/mobile/fonts/Roboto-Regular.ttf
Requested by
Host: static.ntdvn.com
URL: https://static.ntdvn.com/assets/news/css/global.css?v=0.2.88
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Origin
https://www.ntdvn.com
Referer
https://static.ntdvn.com/assets/news/css/global.css?v=0.2.88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
access-control-allow-methods
GET, POST, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2369127
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
162876
last-modified
Fri, 09 Feb 2018 09:20:45 GMT
server
cloudflare
etag
"5a7d67ed-27c3c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8cbjz0PgLlbQchoJdGc8VGLowd74iKwhFMXLtWidWC7ttmA%2FCMKdT3ISGJ%2FR9C2dGWbEgGNOSArUQQWzBvJWFuFkfKfRon9DmCwooIQae5nFxpCLR7FWjfamjuAHMINw9EXHweeTd%2FkwSuJd7AuU"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cfad1983b4ee0-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Sat, 14 Aug 2021 04:45:00 GMT
logo_leftDec.png
static.ntdvn.com/assets/news/images/ 		142 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ntdvn.com/assets/news/images/logo_leftDec.png
Requested by
Host: static.ntdvn.com
URL: https://static.ntdvn.com/assets/news/css/global.css?v=0.2.88
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a650e09c50002fcbae447daea53469f4af6736af40e8af75ea4bcdb904c987f

Request headers

Referer
https://static.ntdvn.com/assets/news/css/global.css?v=0.2.88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
access-control-allow-methods
GET, POST, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2370986
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
142
last-modified
Sat, 07 Mar 2020 21:30:09 GMT
server
cloudflare
etag
"5e641261-8e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKpZw6wZytRAEDeOrPFUnrX%2BD9MTXTekB79wOBL9hfUI0b8qYvF%2Fi5lr02gsQJvq0gRKQBH1U61%2Bk1Z%2B9hB1gKG%2B7i3DxTtqsOsZrweh6H0UlooQhi%2F%2B2WCp3%2FnBSl8%2FYurYn2xsWrXpzhIGnMPO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cfad189ea4db8-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 05 Aug 2021 14:32:44 GMT
logo_rightDec.png
static.ntdvn.com/assets/news/images/ 		139 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ntdvn.com/assets/news/images/logo_rightDec.png
Requested by
Host: static.ntdvn.com
URL: https://static.ntdvn.com/assets/news/css/global.css?v=0.2.88
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84bf8bc9293fab7f4618f6270c2f7d082a6a58c23babbbca2a976dca2774e6ee

Request headers

Referer
https://static.ntdvn.com/assets/news/css/global.css?v=0.2.88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
access-control-allow-methods
GET, POST, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1010788
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
139
last-modified
Sat, 07 Mar 2020 21:30:06 GMT
server
cloudflare
etag
"5e64125e-8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtzxOSwotjX6xjozrFUIl27j6LnMKKu4LeMKL1N%2FPZ1buG2zxTmVVXi3pnmCcX417hFjUX9GDQAFNG42pf5TzUyFdo5FAAyraACW0q5HjmepRvsdBdNUolvjCprWQaGbIHTpyUqbnpuQyRzCEVFT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cfad189ec4db8-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Sun, 05 Sep 2021 04:28:37 GMT
Roboto-Bold.ttf
static.ntdvn.com/assets/mobile/fonts/ 		159 KB
159 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ntdvn.com/assets/mobile/fonts/Roboto-Bold.ttf
Requested by
Host: static.ntdvn.com
URL: https://static.ntdvn.com/assets/news/css/global.css?v=0.2.88
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Origin
https://www.ntdvn.com
Referer
https://static.ntdvn.com/assets/news/css/global.css?v=0.2.88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
access-control-allow-methods
GET, POST, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2369126
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
162464
last-modified
Fri, 09 Feb 2018 09:20:45 GMT
server
cloudflare
etag
"5a7d67ed-27aa0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvYmlrNSHFfn5i6lT9dsuMi1wXMrRC%2FGyRT9OOqCB%2FHF9yt9nYoPxBnLfnJ9%2BklaoL6v%2BwUa%2FOvtQlhVDqvvNzzCsC9ZuofXF%2BrPWbg6KXi%2F9llPzEce6NBn%2BIy1FUjaNM3JRHQzRpuZ7V8FJHYo"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cfad198394ee0-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Sun, 15 Aug 2021 22:24:50 GMT
truncated
/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66dc2800e35dfcdd4e20458476f16689fa825ae01ebacda8377c092d6960d8c7

Request headers

Origin
https://www.ntdvn.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ntdvn.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2450194731637417&plah=www.ntdvn.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Aug 2021 17:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ntdvn.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2450194731637417&plah=www.ntdvn.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Aug 2021 17:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4BD0 		22 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=1115549311&adk=2052768845&adf=854766408&pi=t.ma~as.1115549311&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308976878&bpp=26&bdt=559&idt=26&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7jQPvRl46h&p=https%3A//www.ntdvn.com&dtd=32
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2450194731637417&plah=www.ntdvn.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daefa16bd864b625800710e62bc89acfc1021c805d09eb668e90153da2ac0485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=1115549311&adk=2052768845&adf=854766408&pi=t.ma~as.1115549311&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308976878&bpp=26&bdt=559&idt=26&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7jQPvRl46h&p=https%3A//www.ntdvn.com&dtd=32
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ntdvn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ntdvn.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 18 Aug 2021 17:49:37 GMT
server
cafe
content-length
10853
x-xss-protection
0
set-cookie
IDE=AHWqTUk3lYNWvUqh7ggv7Crzerlm1Q7jM28zcCOBtW77GUc1QMbxSa1f4d7r5H0hF64; expires=Mon, 12-Sep-2022 17:49:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 18 Aug 2021 17:49:37 GMT
cache-control
private
oN1euF-DvBQ
www.youtube.com/embed/ Frame 53F1 		50 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/oN1euF-DvBQ
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
810f57211b038d5b7e224c5ce7689684a91844e2e53456fe6a7161a898a5aa46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/oN1euF-DvBQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ntdvn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ntdvn.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 18 Aug 2021 17:49:36 GMT
strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime
2592000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=cIPjd_jqveE; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=ww6yaUSY838; Domain=.youtube.com; Expires=Mon, 14-Feb-2022 17:49:36 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+311; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ntd_play_button_big.svg
static.ntdvn.com/assets/news/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ntdvn.com/assets/news/images/ntd_play_button_big.svg
Requested by
Host: static.ntdvn.com
URL: https://static.ntdvn.com/assets/news/css/global.css?v=0.2.88
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
179a3ca9e79ab3b1870f06abbbd744a25905568b7bc0a5969b564f257ef9bca0

Request headers

Referer
https://static.ntdvn.com/assets/news/css/global.css?v=0.2.88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2367430
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 03 Oct 2019 15:38:41 GMT
server
cloudflare
etag
W/"5d961601-764"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IpNWKYvEuqZw2SJq4x1TNlntihjtycgCHLx2Td0Kipd93QZs6%2B9yY1u8ZAeUSQvda0Efa%2FR7LJGv82%2BvynxxZY8biraofB0J8OnEntQA4xPoPFyTyG6b39AuTWG7PfFOdM8LuwkGpKvupTJmGDug"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000
cf-ray
680cfad1da854db8-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Sat, 21 Aug 2021 08:12:26 GMT
backtotop.svg
static.ntdvn.com/assets/news/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ntdvn.com/assets/news/images/backtotop.svg
Requested by
Host: static.ntdvn.com
URL: https://static.ntdvn.com/assets/news/css/global.css?v=0.2.88
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8da32af77026023e902dd9fe5612041380d371b1703ca79f49fadd43091f28d5

Request headers

Referer
https://static.ntdvn.com/assets/news/css/global.css?v=0.2.88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2377445
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 03 Oct 2019 15:38:41 GMT
server
cloudflare
etag
W/"5d961601-498"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypvez%2BW2TRzQ2f6ZShucB8cCCNSVpLKmFV8WtTA99UQQGJmkra73NvJPpxgaDoxOrfnq1o2doLLug5ARBt7JmD7AfXjAosgAwdz%2BLTNyaNO5GIaOmxJepbmU6BCDzRpmm%2FCGoaU6ITf5PRylxU%2Fl"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000
cf-ray
680cfad2cd0c4db8-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Fri, 20 Aug 2021 18:51:25 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
783
date
Wed, 18 Aug 2021 17:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 18 Aug 2021 19:36:34 GMT
ntdvn_thay-do-day-hoc-nau-550x330.jpg
img.ntdvn.com/2021/07/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/07/ntdvn_thay-do-day-hoc-nau-550x330.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c28b311a74e98d05b835faecbb68784dc415e2c8120d50e08da6b5d2b81e5243

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204228
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
39337
last-modified
Wed, 14 Jul 2021 03:26:31 GMT
server
cloudflare
etag
"60ee5967-99a9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cw0sbb7NKgCqZgmkudLnNZqopfMhiTX8f1%2FRX8wg0Et2WPCUQaaQGRIqgTlUYHucOZV%2B00lOkFAEQ4ePHAKeWMuaxKrV6bR%2BbosrRm7sW6hn85yvLH7dr2QJOVO7ivRZeJEMXolA%2F7b4%2BDK8"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cfad36e764db8-FRA
expires
Sun, 12 Sep 2021 10:29:32 GMT
ntdvn_nuoi-beo-de-thit-va-do-te-cuoi-cung-ky-3-550x330.jpg
img.ntdvn.com/2021/08/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_nuoi-beo-de-thit-va-do-te-cuoi-cung-ky-3-550x330.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8480d50f193623028d83907e2155ef3913646ac9ee2216dfdbb55f89f4889b49

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
219486
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
43289
last-modified
Mon, 16 Aug 2021 04:10:14 GMT
server
cloudflare
etag
"6119e526-a919"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpGj7gwmCq%2BZJlngAulLuJcowEyi%2BOrsMKKi%2FDbw9W5dFPH579BUG8E7beAT8jLrKOn1WZ1SHsQu9Hn%2BLle9Z5UbfKqrdRGRgY6gG6EWK4Yl%2B2L6NHDt6iuQ2X7YyP4GGjkFfous6os4CbpP"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cfad36e7a4db8-FRA
expires
Wed, 15 Sep 2021 04:10:16 GMT
ntdvn_screen-shot-2021-08-13-at-101005-550x330.jpg
img.ntdvn.com/2021/08/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_screen-shot-2021-08-13-at-101005-550x330.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cb30902d33189d5797695ed5411955640bee296a0e0aa9b1fd8568226e8edf6

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
477363
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
63763
last-modified
Fri, 13 Aug 2021 03:14:58 GMT
server
cloudflare
etag
"6115e3b2-f913"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdqMsvghb9JwEPW1EiWXBQmGYz87g7VL%2FTFiUIYbcPmfX2vE3pZyigFSejRm%2FjpX51FDrAvhSBw9CmMhbdHTJhk7d7yfvwtSW7kh6fcPW7nNqdhM3AZN9haApaUS5ENh%2B8ZBFh7NcJ1S7Eth"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cfad36e7b4db8-FRA
expires
Sun, 12 Sep 2021 03:15:36 GMT
A%CC%89nh-chu%CC%A3p-Ma%CC%80n-hi%CC%80nh-2020-02-04-lu%CC%81c-1.08.47-CH-550x330.jpg
img.ntdvn.com/2020/02/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2020/02/A%CC%89nh-chu%CC%A3p-Ma%CC%80n-hi%CC%80nh-2020-02-04-lu%CC%81c-1.08.47-CH-550x330.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49706eaca3db2b8722fc2d501b2eafc8d59fffff33ea917e9f160183027d1021

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1011738
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
40463
last-modified
Sat, 07 Mar 2020 21:37:39 GMT
server
cloudflare
etag
"5e641423-9e0f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucBu2aGXiUWdXjvMKG8zLJMIuzH9iu%2B1RoOIFA5ulGz48fTiMCDemDhZq%2BScngxBCrnZYYNCwKXnGIhu23PV4c%2B9yo2%2B2xAVmtlTkfbtBbExKgvle8mzHVnEyS5YZyJK3qUJ8uLMOBlB06li"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cfad36e7f4db8-FRA
expires
Sun, 05 Sep 2021 23:36:28 GMT
ntdvn_shutterstock-288024989-550x330.jpg
img.ntdvn.com/2020/04/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2020/04/ntdvn_shutterstock-288024989-550x330.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13d4bfdaaeb04ee183e6abe5d7e4af7b0f7f89b2590776b08b5a6478f90f5dc2

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1611464
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
28513
last-modified
Sat, 04 Apr 2020 16:25:15 GMT
server
cloudflare
etag
"5e88b4eb-6f61"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJ%2BC8A6bqUQMIEREevwKc7G9VYopNeLkBD%2BSnStdicT51ElwrCQtZz0Smok39J56et0BiHIwtlcXCeOWveF90QzH9If7yG0yxwWokGlGzbA6euXEq00nXLMrpYkDyvtpQq0QQL%2FjwvvoY8Aa"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cfad36e804db8-FRA
expires
Mon, 30 Aug 2021 02:05:38 GMT
ntdvn_lam-sao-nhan-ra-550x330.jpg
img.ntdvn.com/2020/08/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2020/08/ntdvn_lam-sao-nhan-ra-550x330.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
783f32f52abe645f5419caeb601acbe0fa1b180303a6e0ce4114090653a84e50

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1870177
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
47899
last-modified
Tue, 18 Aug 2020 10:34:23 GMT
server
cloudflare
etag
"5f3baeaf-bb1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8R4jqdjGmC7MELc45DU9qaiDx6gLuBErijUPtKXlNxJfHBLe4eARUro%2BHdsZszwR%2BzYxa1BiTc6I0rLwmxxu2A6vTSC3%2BgjGN430IdWMKwAzboOFiwmwGH1onzWG5fxpVJBkatakgRE%2Baczw"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cfad36e854db8-FRA
expires
Fri, 27 Aug 2021 02:19:52 GMT
ntdvn_du-ngon-trong-lich-su-550x330.jpg
img.ntdvn.com/2021/07/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/07/ntdvn_du-ngon-trong-lich-su-550x330.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f80702372c2da962b71706e7c228a6d7c5c54a364d92b775eea1aa272ecc13d5

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1874230
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
15863
last-modified
Tue, 27 Jul 2021 09:51:48 GMT
server
cloudflare
etag
"60ffd734-3df7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYFVAtQYyTQs7pTp1h%2FV5sw7PoL0sFaYMlzRCLFVRuKx8d1Gchr12E25BoyHsw%2FY9v1P8D5lbYeCv244ZGAcIxff297shc0Hf7bhmngR3tELBAUG%2BlvtkIL3XclWCpDTyIGuzPO%2FbmJeoziL"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cfad36e864db8-FRA
expires
Fri, 27 Aug 2021 00:54:01 GMT
ntdvn_image-550x330.jpg
img.ntdvn.com/2021/02/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/02/ntdvn_image-550x330.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04b7f240ef7f9207e214045ea495614c67da8395a03067c1d35655b3d52de965

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1509
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
29514
last-modified
Mon, 19 Jul 2021 16:39:18 GMT
server
cloudflare
etag
"60f5aab6-734a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fu%2B2xpj%2BSx9Kh82WZ1cZamyVnXmoFxlU%2FxML1sVrLElWfzvM3outU35ksf3MVayPqiuMQeEhs9VfaEbkMeL7QO3c5HxrtmEZt0WntLJlyabsJgdGj67cUHhJfTuvtPaV1g4CKBFbWnil0zCl"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cfad36e874db8-FRA
expires
Thu, 16 Sep 2021 19:02:11 GMT
ntdvn_israel-3-1-550x330.jpg
img.ntdvn.com/2021/05/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/05/ntdvn_israel-3-1-550x330.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a2bb200626b2805b3892dd121444578e6750a242b8ebe2d08f0a755b2a5a47d

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
735372
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
59824
last-modified
Sun, 23 May 2021 04:47:03 GMT
server
cloudflare
etag
"60a9de47-e9b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94nN4eSz14%2BNL8lHTzE44rUPQa%2BZngo1vIvtbcXtQ%2Be9IhG8DWm%2B8S4kEPZJzZX3uUnN21rfA9t%2B0A0JZNB6caN97kCPa9OxK4vO%2BbpKCLPIdvKQoCxIUdK%2BDpF7z18gwLIeweF%2FQbZU%2Bloa"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cfad36e8a4db8-FRA
expires
Tue, 07 Sep 2021 16:05:23 GMT
ntdvn_210817-e02-205x123.jpg
img.ntdvn.com/2021/08/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_210817-e02-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
657dde2ad22867d13a9fc2cd3bed88fe896960c1bcc2a645800d54e5934f7ad6

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103644
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7375
last-modified
Tue, 17 Aug 2021 11:04:58 GMT
server
cloudflare
etag
"611b97da-1ccf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMy3F2yoyp8nxI94ffXO1YwmrHpKnNNaa71d5Z%2FmR8yBQQCms1imLDSGwrG0Azu49nLaezVKypttzqzZNlLCp5lFK%2FreUvjhQXXTgFCtJ%2BYY2SW7CO1XNOsRAuF0p%2F8LmtOz4%2BvRb3PNCUWZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cfad36e8b4db8-FRA
expires
Thu, 16 Sep 2021 13:00:29 GMT
ntdvn_gettyimages-1234711006-205x123.jpg
img.ntdvn.com/2021/08/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntdvn.com/2021/08/ntdvn_gettyimages-1234711006-205x123.jpg
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4891090ac1abac97790ab9bbca0f6b9c17741e2f7120aafc7ea6abe49ed3f840

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
189716
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6401
last-modified
Mon, 16 Aug 2021 12:25:18 GMT
server
cloudflare
etag
"611a592e-1901"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkLtmY50z%2BRtypEkHH%2FUqGUL6%2Bi6X0HG%2F4Wtg7bcRKRaLP4NRxA%2B4AWfcPVVIrSbrkdVh12JXHNgiRaaxJi8ivathmvC1GKSFTj0LT15ldZIznOXxlrU5jf8OJWjUEjW2UXwDMH0S2ma9gb0"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680cfad36e8c4db8-FRA
expires
Wed, 15 Sep 2021 12:57:35 GMT
www-player-webp.css
www.youtube.com/s/player/50e823fc/ Frame 53F1 		328 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/50e823fc/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oN1euF-DvBQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9995890adfe6c6d117c0774fa1a895fc5588115ff7712b1838e059aaf6f5953
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/oN1euF-DvBQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 19:22:59 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 12 Aug 2021 00:18:48 GMT
server
sffe
age
167198
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46094
x-xss-protection
0
expires
Tue, 16 Aug 2022 19:22:59 GMT
www-embed-player.js
www.youtube.com/s/player/50e823fc/www-embed-player.vflset/ Frame 53F1 		193 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/50e823fc/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oN1euF-DvBQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd45d78a8d809985739cee4bd27276157a2b7e7dc4068156a22fa922b6ee00bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/oN1euF-DvBQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:05:25 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 12 Aug 2021 00:18:48 GMT
server
sffe
age
2652
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65204
x-xss-protection
0
expires
Thu, 18 Aug 2022 17:05:25 GMT
base.js
www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/ Frame 53F1 		2 MB
494 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oN1euF-DvBQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091d0d2297eafd7c4f3cf2a5b009e3ac9830ea24780ac19b6be083176c6e870a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/oN1euF-DvBQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 11:53:35 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 12 Aug 2021 00:18:48 GMT
server
sffe
age
21362
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
505743
x-xss-protection
0
expires
Thu, 18 Aug 2022 11:53:35 GMT
fetch-polyfill.js
www.youtube.com/s/player/50e823fc/fetch-polyfill.vflset/ Frame 53F1 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/50e823fc/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oN1euF-DvBQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/oN1euF-DvBQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 11:07:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 12 Aug 2021 00:18:48 GMT
server
sffe
age
24147
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Thu, 18 Aug 2022 11:07:10 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 53F1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oN1euF-DvBQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 21:27:21 GMT
x-content-type-options
nosniff
age
159736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Aug 2022 21:27:21 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ntdvn.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2450194731637417&plah=www.ntdvn.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Aug 2021 17:49:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ntdvn.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2450194731637417&plah=www.ntdvn.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Aug 2021 17:49:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D3DE 		21 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=9873621138&adk=2281485201&adf=3067511433&pi=t.ma~as.9873621138&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977040&bpp=35&bdt=720&idt=35&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=y4cE9Wk1Ls&p=https%3A//www.ntdvn.com&dtd=171
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2450194731637417&plah=www.ntdvn.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d65c2a0b803f372f0293d0a7250751580d8f49f3184b96c48a7d43818d3620d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=9873621138&adk=2281485201&adf=3067511433&pi=t.ma~as.9873621138&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977040&bpp=35&bdt=720&idt=35&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=y4cE9Wk1Ls&p=https%3A//www.ntdvn.com&dtd=171
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ntdvn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ntdvn.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 18 Aug 2021 17:49:37 GMT
server
cafe
content-length
10081
x-xss-protection
0
set-cookie
IDE=AHWqTUmaM7txij5K1rj9HoxAHyoQmoEN1bW6Xg2lrV9s8aJjTjY5vh2EvLX8uJX0gWA; expires=Mon, 12-Sep-2022 17:49:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 18 Aug 2021 17:49:37 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 0311 		75 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=2378274494&adk=2079447546&adf=3857485786&pi=t.ma~as.2378274494&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977004&bpp=13&bdt=684&idt=13&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1OqnSWorlA&p=https%3A//www.ntdvn.com&dtd=213
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2450194731637417&plah=www.ntdvn.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9febddc29c41bc2f862933b50d382791188679e3f1ee91ca624283cc3824e65c
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM6ZxfaQu_ICFcW23godorgIwQ&gqi=MUgdYY3jDfSslQei4qyoDA&layout=/sadbundle/%24csp%253Der3%24/17626451119355985920/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=2378274494&adk=2079447546&adf=3857485786&pi=t.ma~as.2378274494&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977004&bpp=13&bdt=684&idt=13&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1OqnSWorlA&p=https%3A//www.ntdvn.com&dtd=213
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ntdvn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ntdvn.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM6ZxfaQu_ICFcW23godorgIwQ&gqi=MUgdYY3jDfSslQei4qyoDA&layout=/sadbundle/%24csp%253Der3%24/17626451119355985920/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 18 Aug 2021 17:49:37 GMT
server
cafe
content-length
26360
x-xss-protection
0
set-cookie
IDE=AHWqTUlJwGlyXMFsseeS1HtLRamEB-C7LR08pr0xJs1Lr1KdIhJNsX6ZZFzABlK8LOc; expires=Mon, 12-Sep-2022 17:49:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 18 Aug 2021 17:49:37 GMT
cache-control
private
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1251411925&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ntdvn.com%2F&ul=en-us&de=UTF-8&dt=Tin%20t%E1%BB%A9c%20trung%20th%E1%BB%B1c%20v%C3%A0%20truy%E1%BB%81n%20th%E1%BB%91ng%2C%20tin%20Vi%E1%BB%87t%20nam%2C%20Trung%20qu%E1%BB%91c%2C%20th%E1%BA%BF%20gi%E1%BB%9Bi%20m%E1%BB%9Bi%20nh%E1%BA%A5t%20%7C%20NTD%20Vi%E1%BB%87t%20Nam%20(T%C3%A2n%20%C4%90%C6%B0%E1%BB%9Dng%20Nh%C3%A2n)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=84881720&gjid=2144555944&cid=737564294.1629308977&tid=UA-151963102-1&_gid=548797216.1629308977&_r=1&_slc=1&z=1383925558
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 17:49:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ntdvn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
84 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-151963102-1&cid=737564294.1629308977&jid=84881720&gjid=2144555944&_gid=548797216.1629308977&_u=IAhAAEAAAAAAAC~&z=1765804326
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 18 Aug 2021 17:49:37 GMT
content-type
text/plain
access-control-allow-origin
https://www.ntdvn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 53F1 		113 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f00ae9265e9a74813be89c212e21eb3c2a661e6520f6717ae1ecf5429596e3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 53F1 		29 B
523 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:40:36 GMT
x-content-type-options
nosniff
age
541
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-media
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 17:55:36 GMT
qoe
www.youtube.com/api/stats/ Frame 53F1 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?event=streamingstats&cpn=kkp68c0zCJe8svGI&el=embedded&docid=oN1euF-DvBQ&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24053866%2C24065682%2C24071157%2C24071956%2C24079702%2C24080738%2C24082662%2C24084071%2C24084858&cl=390128873&seq=1&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210811.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth:0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/oN1euF-DvBQ
X-YouTube-Client-Version
1.20210811.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-YouTube-Ad-Signals
dt=1629308977326&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C804%2C400&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 17:49:37 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.js
www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/ Frame 53F1 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb0d709906ae03ee405aa0270235921ba881289489b042c0ec25365fc03e83a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/oN1euF-DvBQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 14:48:20 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 12 Aug 2021 00:18:48 GMT
server
sffe
age
529277
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7489
x-xss-protection
0
expires
Fri, 12 Aug 2022 14:48:20 GMT
truncated
/ Frame 53F1 		306 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ddc61750d03a0364ca8c12fd03fe150dc85f21a4a1d34570f80a6b44e5530192

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame D3DE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=9873621138&adk=2281485201&adf=3067511433&pi=t.ma~as.9873621138&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977040&bpp=35&bdt=720&idt=35&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=y4cE9Wk1Ls&p=https%3A//www.ntdvn.com&dtd=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:43:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 17:43:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D3DE 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=9873621138&adk=2281485201&adf=3067511433&pi=t.ma~as.9873621138&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977040&bpp=35&bdt=720&idt=35&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=y4cE9Wk1Ls&p=https%3A//www.ntdvn.com&dtd=171
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ea26b93c08451c3b36edf3aeed10447fcff13d7cd7fab7a8b9284d6af53185
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:37 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629113426487594"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38194
x-xss-protection
0
expires
Wed, 18 Aug 2021 17:49:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame D3DE 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=9873621138&adk=2281485201&adf=3067511433&pi=t.ma~as.9873621138&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977040&bpp=35&bdt=720&idt=35&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=y4cE9Wk1Ls&p=https%3A//www.ntdvn.com&dtd=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 17:49:00 GMT
l
www.google.com/ads/measurement/ Frame D3DE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSD9ioWlnnUeAktu23B180R08hrHbLsrmm9H53v0DVClFSbmRDruDSiIZOek3fmWF8Cwf7LX47SzIZhxVmfyUe2ZjCHug
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=9873621138&adk=2281485201&adf=3067511433&pi=t.ma~as.9873621138&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977040&bpp=35&bdt=720&idt=35&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=y4cE9Wk1Ls&p=https%3A//www.ntdvn.com&dtd=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame D3DE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CNnuoMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgS_AU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rhFBrVl44YQIbXcdfTaZzR8CxgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yNDUwMTk0NzMxNjM3NDE3GAA&sigh=GVvTQzke6YQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=9873621138&adk=2281485201&adf=3067511433&pi=t.ma~as.9873621138&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977040&bpp=35&bdt=720&idt=35&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=y4cE9Wk1Ls&p=https%3A//www.ntdvn.com&dtd=171
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=9873621138&adk=2281485201&adf=3067511433&pi=t.ma~as.9873621138&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977040&bpp=35&bdt=720&idt=35&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=y4cE9Wk1Ls&p=https%3A//www.ntdvn.com&dtd=171
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 18 Aug 2021 17:49:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame D3DE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1j21tqzxzfyapz7mxpdnjs0xg5hm5tnrvpnrx83efk4pvf3q34fwg0pxgwt4359sjpw9pq6yfk0qpp29q0s8m15sz8ererfjmb2py89ekf11nvxxc11c4fffqqzgv18822m1je0wfv2qp3tpngv8rhnnxg35ygn2r9hdxxr2eqghxmbb8qgp480v6mec3pe25g09eye2m9m6dajqezdert1pb4sqpz2nepx9zy8vex4gchbtn345xm9gbv10cb0wqwmxwy5ahq01vxt92f8gbyy8n3j3dxmkj5n7zd1nr6939g5pkwrkw3b5vp12ch229qa6aykx9ng4dxhvvrysv3852w0fn8p3kx4kf4gytb4rbkch73985vmds8m6xvz2tdgw685h10&b=YR1IMQADm8cK3rhBAAhOGY65ymQxawnnzvbfLg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=9873621138&adk=2281485201&adf=3067511433&pi=t.ma~as.9873621138&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977040&bpp=35&bdt=720&idt=35&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=y4cE9Wk1Ls&p=https%3A//www.ntdvn.com&dtd=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 18 Aug 2021 17:49:37 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
ad4m.at/ad/ Frame D5B7 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dr?ed=1hf9qpz6pshhmzkdawh91vbxea3zapmrr156dz9n92sd6w26xa46gsjfvje31f4mxvc58v18c8bwex07pc0tk6jbx05hjmyv1ev7xvnsd9wryky2jms7vyyne79abrhsymff9gqp6ca5d0g35p0wdya5afzfjdwez8zakqs61bsdrdrk9azfef65rhkt7z9rr9hwva6cy9ayhee99ek99vw7z8c5mbr9nsf52pf784dmvwdcsa4xrsasf4e4z5dkma4ct9j0qxtkss8h21c9nm39ghcddwqf0etbk2d4zmt3vvh463f6kada4zvkw244a2aw5ktxh96rgzd9q8g27m1817fj5vkg87npvqaarhyh9d1dpgayfgghvgj50&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%26client%3Dca-pub-2450194731637417%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=9873621138&adk=2281485201&adf=3067511433&pi=t.ma~as.9873621138&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977040&bpp=35&bdt=720&idt=35&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=y4cE9Wk1Ls&p=https%3A//www.ntdvn.com&dtd=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c052 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d615eb5efe257347c31a3ce6d849b0327041794db2bb673e19c3114e60dc45f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dr?ed=1hf9qpz6pshhmzkdawh91vbxea3zapmrr156dz9n92sd6w26xa46gsjfvje31f4mxvc58v18c8bwex07pc0tk6jbx05hjmyv1ev7xvnsd9wryky2jms7vyyne79abrhsymff9gqp6ca5d0g35p0wdya5afzfjdwez8zakqs61bsdrdrk9azfef65rhkt7z9rr9hwva6cy9ayhee99ek99vw7z8c5mbr9nsf52pf784dmvwdcsa4xrsasf4e4z5dkma4ct9j0qxtkss8h21c9nm39ghcddwqf0etbk2d4zmt3vvh463f6kada4zvkw244a2aw5ktxh96rgzd9q8g27m1817fj5vkg87npvqaarhyh9d1dpgayfgghvgj50&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%26client%3Dca-pub-2450194731637417%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Wed, 18 Aug 2021 17:49:37 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7b12
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
680cfad56de2c2d6-FRA
content-encoding
br
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5211 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=9873621138&adk=2281485201&adf=3067511433&pi=t.ma~as.9873621138&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977040&bpp=35&bdt=720&idt=35&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=y4cE9Wk1Ls&p=https%3A//www.ntdvn.com&dtd=171
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 18 Aug 2021 11:56:19 GMT
expires
Thu, 19 Aug 2021 11:56:19 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
21198
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dpixel
cms.quantserve.com/ Frame 5211 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDkITUtT55FNYH93zlH4inQ&google_cver=1&google_push=AYg5qPLL_3-ls-dHkxDtYGHV8ZdB_mrkoscxVr5k3sfIOD0M6tW_Ax_JbxS1KLCM0SI_xfGEzJq-POXIP25QiXVssh0PZUw5sluw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=9873621138&adk=2281485201&adf=3067511433&pi=t.ma~as.9873621138&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977040&bpp=35&bdt=720&idt=35&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=y4cE9Wk1Ls&p=https%3A//www.ntdvn.com&dtd=171
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 17:49:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5211
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJL86tp7chqkd4khMHquE-ODQjy-EqY65YQFXz...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVIxSU1RQUFBSHBHZWlmdg&google_push=AYg5qPJL86tp7chqkd4khMHquE-ODQjy-EqY65YQFXzbudDfc_pkx9QdMB5eCP3kOPmIBJzHys-TQex2cFLSsTuOjbuJ2qF3oqLh
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVIxSU1RQUFBSHBHZWlmdg&google_push=AYg5qPJL86tp7chqkd4khMHquE-ODQjy-EqY65YQFXzbudDfc_pkx9QdMB5eCP3kOPmIBJzHys-TQex2cFLSsTuOjbuJ2qF3oqLh
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 17:49:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVIxSU1RQUFBSHBHZWlmdg&google_push=AYg5qPJL86tp7chqkd4khMHquE-ODQjy-EqY65YQFXzbudDfc_pkx9QdMB5eCP3kOPmIBJzHys-TQex2cFLSsTuOjbuJ2qF3oqLh
Date
Wed, 18 Aug 2021 17:49:37 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
sync
odr.mookie1.com/t/v2/ Frame 5211 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEDnCTPpRqesIagQ2youTj6s&google_push=AYg5qPK-bjtqX3tM53q6mQUIdM3VvjLgmpfhMA1cYfDTChp4oLWphymZUoZJ3p1XRa3nfOjLxAkhBFSKje06_Bwjsl-3C2ySBQ7D&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=9873621138&adk=2281485201&adf=3067511433&pi=t.ma~as.9873621138&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977040&bpp=35&bdt=720&idt=35&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=y4cE9Wk1Ls&p=https%3A//www.ntdvn.com&dtd=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 17:49:37 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5211
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOkSiQIPDNLHNt755uZV1JM&google_cver=1&google_push=AYg5qPK1Z50EdJ8iA-QZUd89X1YJgOFOHNij9Q2LAHSCmyIBAT24a3QHQEhnF_GwY1qmuWPOxzcWWFvJHUCEm_fnvDfbRHQwpX-R
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOkSiQIPDNLHNt755uZV1JM&google_cver=1&google_push=AYg5qPK1Z50EdJ8iA-QZUd89X1YJgOFOHNij9Q2LAHSCmyIBAT24a3QHQEhnF_GwY1qmuWPOxzcWWFvJHUCEm_fnvDfbRHQwpX-R&...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK1Z50EdJ8iA-QZUd89X1YJgOFOHNij9Q2LAHSCmyIBAT24a3QHQEhnF_GwY1qmuWPOxzcWWFvJHUCEm_fnvDfbRHQwpX-R&google_hm=rJi2nOj5ypcGNtyQdJf5zA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK1Z50EdJ8iA-QZUd89X1YJgOFOHNij9Q2LAHSCmyIBAT24a3QHQEhnF_GwY1qmuWPOxzcWWFvJHUCEm_fnvDfbRHQwpX-R&google_hm=rJi2nOj5ypcGNtyQdJf5zA==
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 17:49:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Aug 2021 17:49:36 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK1Z50EdJ8iA-QZUd89X1YJgOFOHNij9Q2LAHSCmyIBAT24a3QHQEhnF_GwY1qmuWPOxzcWWFvJHUCEm_fnvDfbRHQwpX-R&google_hm=rJi2nOj5ypcGNtyQdJf5zA==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
v0jcs9i8vpn6jsptb2183k0ncit4bb54
pixel
cm.g.doubleclick.net/ Frame 5211
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf...
0
0
pixel
cm.g.doubleclick.net/ Frame 5211
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPcCT46ZDD3YdKfiGeme_Ys&google_cver=1&google_push=AYg5qPIQlRkBe9uBM8gUr3HM...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIQlRkBe9uBM8gUr3HM0vHYpeMBA6sVRwoPHaP36URdQsz5ZLgOmx84YWWPnRI3ORWB2VunxZXoAcYe1gi_A_QXxbVFNrhuGA&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIQlRkBe9uBM8gUr3HM0vHYpeMBA6sVRwoPHaP36URdQsz5ZLgOmx84YWWPnRI3ORWB2VunxZXoAcYe1gi_A_QXxbVFNrhuGA&google_hm=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=9873621138&adk=2281485201&adf=3067511433&pi=t.ma~as.9873621138&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977040&bpp=35&bdt=720&idt=35&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=y4cE9Wk1Ls&p=https%3A//www.ntdvn.com&dtd=171
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 17:49:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Aug 2021 17:49:37 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIQlRkBe9uBM8gUr3HM0vHYpeMBA6sVRwoPHaP36URdQsz5ZLgOmx84YWWPnRI3ORWB2VunxZXoAcYe1gi_A_QXxbVFNrhuGA&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Tue, 17 Aug 2021 17:49:37 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 5211 		0
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LBi1eIO4iMy2h2S_cnWRYyUaL5D4ctPYcsu20sI4opvgfYEsw0t8ZJVEXbd7Jhvk4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=9873621138&adk=2281485201&adf=3067511433&pi=t.ma~as.9873621138&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977040&bpp=35&bdt=720&idt=35&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=y4cE9Wk1Ls&p=https%3A//www.ntdvn.com&dtd=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame D3DE 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9af61391a1f855f30858a3cc954c1f3829f8d00a0f068718681ec4e6019ce7a6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame D5B7 		58 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1hf9qpz6pshhmzkdawh91vbxea3zapmrr156dz9n92sd6w26xa46gsjfvje31f4mxvc58v18c8bwex07pc0tk6jbx05hjmyv1ev7xvnsd9wryky2jms7vyyne79abrhsymff9gqp6ca5d0g35p0wdya5afzfjdwez8zakqs61bsdrdrk9azfef65rhkt7z9rr9hwva6cy9ayhee99ek99vw7z8c5mbr9nsf52pf784dmvwdcsa4xrsasf4e4z5dkma4ct9j0qxtkss8h21c9nm39ghcddwqf0etbk2d4zmt3vvh463f6kada4zvkw244a2aw5ktxh96rgzd9q8g27m1817fj5vkg87npvqaarhyh9d1dpgayfgghvgj50&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%26client%3Dca-pub-2450194731637417%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c052 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer
https://ad4m.at/ad/dr?ed=1hf9qpz6pshhmzkdawh91vbxea3zapmrr156dz9n92sd6w26xa46gsjfvje31f4mxvc58v18c8bwex07pc0tk6jbx05hjmyv1ev7xvnsd9wryky2jms7vyyne79abrhsymff9gqp6ca5d0g35p0wdya5afzfjdwez8zakqs61bsdrdrk9azfef65rhkt7z9rr9hwva6cy9ayhee99ek99vw7z8c5mbr9nsf52pf784dmvwdcsa4xrsasf4e4z5dkma4ct9j0qxtkss8h21c9nm39ghcddwqf0etbk2d4zmt3vvh463f6kada4zvkw244a2aw5ktxh96rgzd9q8g27m1817fj5vkg87npvqaarhyh9d1dpgayfgghvgj50&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%26client%3Dca-pub-2450194731637417%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date
Wed, 18 Aug 2021 17:49:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4432639
cf-polished
origSize=59196
x-guploader-uploadid
ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
58969
last-modified
Mon, 28 Jun 2021 10:31:59 GMT
server
cloudflare
etag
"89accb82b2c3f55efa96d3f2495f234d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DjQktU9tpTOsodo8fLY1T0VZbJk41HtyDr8U%2Boy2sGIH%2FvN%2BUVI5iIxieAhTVjWbKM6rhDqKuQUZz8a4UiLIDiqtdoUz119GpAHqVgrqnCK5IcpiO5ML68RdZhHalmSa7JBsAAs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1624876319573767
content-type
text/css
expires
Tue, 28 Jun 2022 10:32:18 GMT
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
6688
accept-ranges
bytes
cf-ray
680cfad5fc0f4303-FRA
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame D5B7 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1hf9qpz6pshhmzkdawh91vbxea3zapmrr156dz9n92sd6w26xa46gsjfvje31f4mxvc58v18c8bwex07pc0tk6jbx05hjmyv1ev7xvnsd9wryky2jms7vyyne79abrhsymff9gqp6ca5d0g35p0wdya5afzfjdwez8zakqs61bsdrdrk9azfef65rhkt7z9rr9hwva6cy9ayhee99ek99vw7z8c5mbr9nsf52pf784dmvwdcsa4xrsasf4e4z5dkma4ct9j0qxtkss8h21c9nm39ghcddwqf0etbk2d4zmt3vvh463f6kada4zvkw244a2aw5ktxh96rgzd9q8g27m1817fj5vkg87npvqaarhyh9d1dpgayfgghvgj50&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%26client%3Dca-pub-2450194731637417%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c052 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Referer
https://ad4m.at/ad/dr?ed=1hf9qpz6pshhmzkdawh91vbxea3zapmrr156dz9n92sd6w26xa46gsjfvje31f4mxvc58v18c8bwex07pc0tk6jbx05hjmyv1ev7xvnsd9wryky2jms7vyyne79abrhsymff9gqp6ca5d0g35p0wdya5afzfjdwez8zakqs61bsdrdrk9azfef65rhkt7z9rr9hwva6cy9ayhee99ek99vw7z8c5mbr9nsf52pf784dmvwdcsa4xrsasf4e4z5dkma4ct9j0qxtkss8h21c9nm39ghcddwqf0etbk2d4zmt3vvh463f6kada4zvkw244a2aw5ktxh96rgzd9q8g27m1817fj5vkg87npvqaarhyh9d1dpgayfgghvgj50&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%26client%3Dca-pub-2450194731637417%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date
Wed, 18 Aug 2021 17:49:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37582
x-guploader-uploadid
ADPycdtbm5HZ6tZ2a49vLW4oHo5Y2VTbyNWKulUbx6169BTxjkLd7GvsJmKrHg2B3vcV0e4J7QXZdq3OJPPym_ks9w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 10 Aug 2021 10:08:16 GMT
server
cloudflare
etag
W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNYjLhJymTTefFMphktNF74Hn87wBX1R1g8G%2FF2egEzKr9O%2FLKLXTIO02VsSCIGlbjWDlh96S4A0VwO0pOu39MDK41aB04we8nnSMc9GyIzw6yI7nG1vdiY%2BHyP5UyVx%2B7H3KOs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1628590096242097
content-type
application/javascript; charset=utf-8
expires
Wed, 18 Aug 2021 07:23:15 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
680cfad5fc144303-FRA
cf-bgj
minify
js
tags.mathtag.com/notify/ Frame 4BD0 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTldRME1ETmtNVEV0TXpnNFl5MW1ZMkppTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM4ODIxMTczODU1OTU1NjA1MDMvNjYyMjMzMi80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGN0RHQVQ0T2d5QlhuZWRtenpVUEI5ay8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zODgyMTE3Mzg1NTk1NTYwNTAzL3pyaC8wLzM0NC84Mi85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYyOTMwODk3Ny8xNjI5MzIxNTc3LzQvcHViLTI0NTAxOTQ3MzE2Mzc0MTcv/j5IIsn9FMqmjfwDmiNMowdRfbBI&nodeid=1621&group=eu&auctionid=3882117385595560503&shardkey=3882117385595560503&sid=4562306&cid=6622332&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.170&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_pfpMEgdYZftOMm5gAfvho_YCM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN8gBCagDAaoEvAFP0HFfwVDgEmoioTuCusMOHwU5XIuZDwvcpP1u0y2D0lD0n3OYgqBhR0cv9VU-TrZ_KVEB8fCTx_oraArJbhradtldNkBB24hI623GDpTwKYcst52MWMlEIuMPn9V-Q3PyXGQ7x-o5Ay40trnAnA2rLtSjsuoZ4DYM2lgb2iAaS2ZdWynGfTUBBC4b3Rc6lxOS7m4XcmFjoP-d0BsYE8zDIUa7fy0FgfscfuZItEfQOjRZP_SHD6xBQqiY2IAGyuvp0O6wg6qJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0jTLpz776qCxlYfLivBJ7Ou8WcqQ%26client%3Dca-pub-2450194731637417%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=1115549311&adk=2052768845&adf=854766408&pi=t.ma~as.1115549311&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308976878&bpp=26&bdt=559&idt=26&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7jQPvRl46h&p=https%3A//www.ntdvn.com&dtd=32
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.203.0 /
Resource Hash
59f8f2d8fbfcb1d251c9bd87c0430adc01adb58653fdfeebe21f80306078702f

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 17:49:37 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1629308977
Last-Modified
Wed, 18 Aug 2021 17:49:37 GMT
Server
MMBD/3.203.0
x-mm-latency
3 (1)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
zrh-router-x41, zrh-bidder-x132
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Wed, 18 Aug 2021 17:49:36 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 4BD0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=1115549311&adk=2052768845&adf=854766408&pi=t.ma~as.1115549311&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308976878&bpp=26&bdt=559&idt=26&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7jQPvRl46h&p=https%3A//www.ntdvn.com&dtd=32
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:43:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 17:43:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4BD0 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=1115549311&adk=2052768845&adf=854766408&pi=t.ma~as.1115549311&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308976878&bpp=26&bdt=559&idt=26&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7jQPvRl46h&p=https%3A//www.ntdvn.com&dtd=32
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ea26b93c08451c3b36edf3aeed10447fcff13d7cd7fab7a8b9284d6af53185
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:37 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629113426487594"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38194
x-xss-protection
0
expires
Wed, 18 Aug 2021 17:49:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 4BD0 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=1115549311&adk=2052768845&adf=854766408&pi=t.ma~as.1115549311&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308976878&bpp=26&bdt=559&idt=26&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7jQPvRl46h&p=https%3A//www.ntdvn.com&dtd=32
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 17:49:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4BD0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CUQR8MEgdYZftOMm5gAfvho_YCM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN8gBCagDAaoEuQFP0HFfwVDgEmoioTuCusMOHwU5XIuZDwvcpP1u0y2D0lD0n3OYgqBhR0cv9VU-TrZ_KVEB8fCTx_oraArJbhradtldNkBB24hI623GDpTwKYcst52MWMlEIuMPn9V-Q3PyXGQ7x-o5Ay40trnAnA2rLtSjsuoZ4DYM2lgb2iAaS2ZdWynGfTUBBC4b3Rc6lxOS7m4XcmFjoP-d0BsYE8zDIUa7fy0Fgbkec3TkJOPXt5ARlCzHoFxcVoAGyuvp0O6wg6qJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI0NTAxOTQ3MzE2Mzc0MTcYAA&sigh=TaKS4Abi0xM&tpd=AGWhJms0hK-nFuHOub4eNfVgcdGF_EHN4jGo_wCO00t4RlJ0ZRv2QfqTNG3rPSLlBZVqmmtbm-4ECxRgMhjLr9GUAH0sSeCC91roVoaY4qIOsNUpSMNucRDpmigUWtd8ctQqLCW_4hoFMPfsLyAINbcmmzMUQaW61XVr_B7cRStzN3EZSNysf4MnQkSbtRqB6fTichp9nZACYU0qvrkiasLksBPIMFlOcY60ib7sdVpTYguiTeCfMHO7u9ToGZEGwEGoD1qcyPXIvxBsRJbw9vkqIiQYcdGp05xu8snoLkq6X35KZeyjHf4fGhn6IAtpnw43DlMlnYgIZ02NQbvJBNmFxZWp9pogFsNg1QiNa2cVHrUbGB3VhxWNJ17nk5O5H2X9JMJXlF7L0CS9T4Z8X3FderCm3CHFTLfmXsQpXo-IA1xJVs-AvTeokW8ohtcWFg_IZcga01P0tJLyAuuuFZ3F6mrNXhls9PFxMHxT_L0HYisncWXbzVFjQNFdLbgcRZnoHjAKlwbbWyKkw6sdIURtzLUooymlOZmtXn119pLU2M7RVIDymDoUQ9vfkLTlJy9r8Mqekb4bYbJ6m_HGdVXeFIeTE0S0WaJI0ap7eYbpFYin6z9fcdaeEd1E33D5x-vkgVj2upxD-Yi5wE-WXnqXVxymbiJIeS4uLez7wzoUtCACzhQCFiMwavWUOIsmm-e37XbhSIcK2_c9J-QS29F8Jx8aAOnOHu57-I8Qlnf6zZSuXbQVlaZ4fru_OPV1d4gcuXn-3spmMIGz5I2go64mHDrfnSlGOHvg7v3PembFRH3Ip3uj1i2aAPe4n-gIUrbds-Nqy3SeW8YwCev3nJjMaSZ29SFEdNuIJg7QkS_QhabqG-d4W1uVzcAb7fLueNrgVWtAoiLdce_S3UrOIep8GN_5tl8ZWibaAQgqb7WDlfDwz8IBQ9po2s714uuQChWsO-GXz-BRLWXZSgj8ueLsX3e6MGiPiCN2OoSEX0zixny8GXOT_jgJGeoPWbCRnFZgZZ-Q2PKHnSwsbSsxyyWU3GrdA1qTqrU925tMBNQbk-Uh87Ufk-AP7DNEqzX3kK2dWNw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=1115549311&adk=2052768845&adf=854766408&pi=t.ma~as.1115549311&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308976878&bpp=26&bdt=559&idt=26&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7jQPvRl46h&p=https%3A//www.ntdvn.com&dtd=32
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=1115549311&adk=2052768845&adf=854766408&pi=t.ma~as.1115549311&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308976878&bpp=26&bdt=559&idt=26&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7jQPvRl46h&p=https%3A//www.ntdvn.com&dtd=32
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 18 Aug 2021 17:49:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame D5B7 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer
https://ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Wed, 18 Aug 2021 17:49:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6066595
x-guploader-uploadid
ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbFBmMMeb3hGRN7B6YISacnWeHVNsxm36Cp1XgBAqyGp%2Fpbh2uf9%2FVyoJpurt9sVVJWby1ecWXqw%2BqXvsZPxI7RN%2FZkhATxWLSyFitqhWD9Hgg0FBUN1LpS6cdqLUQZdwAa7zghViGVg6lbduhYQaI07yA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
680cfad65a7c4ec2-FRA
expires
Thu, 09 Jun 2022 12:39:42 GMT
frame.html
ad4m.at/ Frame 2424 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c052 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad4m.at/ad/dr?ed=1hf9qpz6pshhmzkdawh91vbxea3zapmrr156dz9n92sd6w26xa46gsjfvje31f4mxvc58v18c8bwex07pc0tk6jbx05hjmyv1ev7xvnsd9wryky2jms7vyyne79abrhsymff9gqp6ca5d0g35p0wdya5afzfjdwez8zakqs61bsdrdrk9azfef65rhkt7z9rr9hwva6cy9ayhee99ek99vw7z8c5mbr9nsf52pf784dmvwdcsa4xrsasf4e4z5dkma4ct9j0qxtkss8h21c9nm39ghcddwqf0etbk2d4zmt3vvh463f6kada4zvkw244a2aw5ktxh96rgzd9q8g27m1817fj5vkg87npvqaarhyh9d1dpgayfgghvgj50&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%26client%3Dca-pub-2450194731637417%26adurl%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad4m.at/ad/dr?ed=1hf9qpz6pshhmzkdawh91vbxea3zapmrr156dz9n92sd6w26xa46gsjfvje31f4mxvc58v18c8bwex07pc0tk6jbx05hjmyv1ev7xvnsd9wryky2jms7vyyne79abrhsymff9gqp6ca5d0g35p0wdya5afzfjdwez8zakqs61bsdrdrk9azfef65rhkt7z9rr9hwva6cy9ayhee99ek99vw7z8c5mbr9nsf52pf784dmvwdcsa4xrsasf4e4z5dkma4ct9j0qxtkss8h21c9nm39ghcddwqf0etbk2d4zmt3vvh463f6kada4zvkw244a2aw5ktxh96rgzd9q8g27m1817fj5vkg87npvqaarhyh9d1dpgayfgghvgj50&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%26client%3Dca-pub-2450194731637417%26adurl%3D

Response headers

date
Wed, 18 Aug 2021 17:49:37 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Wed, 18 Aug 2021 18:49:37 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2148819
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9eL%2FtnE7swZ4G2dZ1VbCQQ%2BkGo2tjv9ECFtCbtOk6Y2bdhsXWfKpldG1HpBgu8O8S4cHCu%2Fej8Ar%2FQ5%2FZeuksG0besmvUPdjSaUTqg8ILYLvNUN69KG8PfDDyY778MNLFHBP%2BQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
680cfad64ce84303-FRA
content-encoding
br
rs
ad4m.at/ Frame D5B7 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c052 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa96bf72169c55036ea055601417a034f10ea6512932a5c31a7a98dfd278b1b2

Request headers

Referer
https://ad4m.at/ad/dr?ed=1hf9qpz6pshhmzkdawh91vbxea3zapmrr156dz9n92sd6w26xa46gsjfvje31f4mxvc58v18c8bwex07pc0tk6jbx05hjmyv1ev7xvnsd9wryky2jms7vyyne79abrhsymff9gqp6ca5d0g35p0wdya5afzfjdwez8zakqs61bsdrdrk9azfef65rhkt7z9rr9hwva6cy9ayhee99ek99vw7z8c5mbr9nsf52pf784dmvwdcsa4xrsasf4e4z5dkma4ct9j0qxtkss8h21c9nm39ghcddwqf0etbk2d4zmt3vvh463f6kada4zvkw244a2aw5ktxh96rgzd9q8g27m1817fj5vkg87npvqaarhyh9d1dpgayfgghvgj50&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%26client%3Dca-pub-2450194731637417%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
680cfad66d654303-FRA
date
Wed, 18 Aug 2021 17:49:37 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vEtEvRLU%2BFnkFu0bTwCg8esNg2ji4OnE%2BoDXmUZn32XrixbT6x%2FO0590yXVYRFEMaU5iO8NFjz9RfL3raVyI8C3y4ZjZEYv3kstLsuIVjnZ6dMj%2FyvBVkz7kAxVSmPEJxLRY0dE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://ad4m.at
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
rs-hn3r
rar
as.ad4m.at/ad/ Frame 57B5 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=&g=ad2df44b07958fec611aba2b30e7b8a0%2F18093339099196989498&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629308977679&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20r36s8n83r9jqqymt1n73s4v344je4d5zjmxx6b8xmvw1cmz3f40zfh498amz7qhjz7w6q1qncwb99q5386phvscnx926ap1842e0pxde1gy8yznm8y5wvv7kmc09cxbh5r5h2ygd280q0spf8mnpvm80f7h1245b586a1e720p2d2emg46638hccqseaf9t9af16thghm2pdd5rkkexcfkcxnkdteb3dd6chkjqx3mwjn527a5bwfxn5r1tkr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%2526client%253Dca-pub-2450194731637417%2526adurl%253D&y=0&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c052 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cdc13e4625ce72c544c572eceb03909a63e2bf3ed42bc7bd6e535db7ea070ad
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=&g=ad2df44b07958fec611aba2b30e7b8a0%2F18093339099196989498&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629308977679&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20r36s8n83r9jqqymt1n73s4v344je4d5zjmxx6b8xmvw1cmz3f40zfh498amz7qhjz7w6q1qncwb99q5386phvscnx926ap1842e0pxde1gy8yznm8y5wvv7kmc09cxbh5r5h2ygd280q0spf8mnpvm80f7h1245b586a1e720p2d2emg46638hccqseaf9t9af16thghm2pdd5rkkexcfkcxnkdteb3dd6chkjqx3mwjn527a5bwfxn5r1tkr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%2526client%253Dca-pub-2450194731637417%2526adurl%253D&y=0&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:37 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
680cfad6a83ac2d6-FRA
content-encoding
br
default.css
as.ad4m.at/ad/style/0.1.8/one-ad/ Frame 57B5 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=&g=ad2df44b07958fec611aba2b30e7b8a0%2F18093339099196989498&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629308977679&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20r36s8n83r9jqqymt1n73s4v344je4d5zjmxx6b8xmvw1cmz3f40zfh498amz7qhjz7w6q1qncwb99q5386phvscnx926ap1842e0pxde1gy8yznm8y5wvv7kmc09cxbh5r5h2ygd280q0spf8mnpvm80f7h1245b586a1e720p2d2emg46638hccqseaf9t9af16thghm2pdd5rkkexcfkcxnkdteb3dd6chkjqx3mwjn527a5bwfxn5r1tkr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%2526client%253Dca-pub-2450194731637417%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c052 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=&g=ad2df44b07958fec611aba2b30e7b8a0%2F18093339099196989498&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629308977679&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20r36s8n83r9jqqymt1n73s4v344je4d5zjmxx6b8xmvw1cmz3f40zfh498amz7qhjz7w6q1qncwb99q5386phvscnx926ap1842e0pxde1gy8yznm8y5wvv7kmc09cxbh5r5h2ygd280q0spf8mnpvm80f7h1245b586a1e720p2d2emg46638hccqseaf9t9af16thghm2pdd5rkkexcfkcxnkdteb3dd6chkjqx3mwjn527a5bwfxn5r1tkr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%2526client%253Dca-pub-2450194731637417%2526adurl%253D&y=0&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:37 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
7139
cf-polished
origSize=65497
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
680cfad6eebc4303-FRA
expires
0
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 57B5 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=&g=ad2df44b07958fec611aba2b30e7b8a0%2F18093339099196989498&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629308977679&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20r36s8n83r9jqqymt1n73s4v344je4d5zjmxx6b8xmvw1cmz3f40zfh498amz7qhjz7w6q1qncwb99q5386phvscnx926ap1842e0pxde1gy8yznm8y5wvv7kmc09cxbh5r5h2ygd280q0spf8mnpvm80f7h1245b586a1e720p2d2emg46638hccqseaf9t9af16thghm2pdd5rkkexcfkcxnkdteb3dd6chkjqx3mwjn527a5bwfxn5r1tkr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%2526client%253Dca-pub-2450194731637417%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c052 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Wed, 18 Aug 2021 17:49:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1019151
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ADPycdu8yFNSVixOkzyVy-xS6S5hRAwVn-9Oz6_PXiPiU9sxlRPRwyMKBYIwy26hEHJe9l1jbKPrU_cl315Z4yjT_iCtb-iZ7g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
18872
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FA9EqhtbFO9ovqJ8CH%2FAmJY0l4JI0ZsnFz58wY%2FTyeHcdJehumFag%2B7WyCdAAT7jNs2jiM4Faf07vK0OnsliVbhg9W1q5GpfH4JUlIKgyGoTQHfVTw4w0yWhz0NxvXESve4ajEL52k62IgoM"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589805029334103
content-type
image/webp
expires
Thu, 19 Aug 2021 17:49:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
680cfad6e8bec2d6-FRA
cf-bgj
imgq:85,h2pri
A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 57B5 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=&g=ad2df44b07958fec611aba2b30e7b8a0%2F18093339099196989498&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629308977679&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20r36s8n83r9jqqymt1n73s4v344je4d5zjmxx6b8xmvw1cmz3f40zfh498amz7qhjz7w6q1qncwb99q5386phvscnx926ap1842e0pxde1gy8yznm8y5wvv7kmc09cxbh5r5h2ygd280q0spf8mnpvm80f7h1245b586a1e720p2d2emg46638hccqseaf9t9af16thghm2pdd5rkkexcfkcxnkdteb3dd6chkjqx3mwjn527a5bwfxn5r1tkr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%2526client%253Dca-pub-2450194731637417%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c052 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date
Wed, 18 Aug 2021 17:49:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
439915
cf-polished
origFmt=png, origSize=4031
x-guploader-uploadid
ADPycdtQ4jeKY8sLPiWjVJTUwFnbYCLm6B0tmmx49bCaKsEH0AqAmcOOsH9s-nWMC5gR9JVGMV7JupvfQVoNrIgX8Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1598
last-modified
Wed, 20 Jan 2021 17:03:56 GMT
server
cloudflare
etag
"7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LGGqulYDuXBy%2Fp7ZI%2B%2BxsLXtAXhJ1LLO9ErczurNOs1Ydbstx0ds2lMEuTQ%2F2jZ3WJTp%2F%2B4NF2KZspDQJO%2Bf0JOIfUMeZ7pFUHie97KW6W7LBic%2BHPbYp17AayiLqRvgW9NnqLivcWUq%2BXiM"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1611162235947637
content-type
image/webp
expires
Thu, 19 Aug 2021 17:49:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
4031
accept-ranges
bytes
cf-ray
680cfad6e8c2c2d6-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 57B5 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Joneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=&g=ad2df44b07958fec611aba2b30e7b8a0%2F18093339099196989498&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629308977679&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20r36s8n83r9jqqymt1n73s4v344je4d5zjmxx6b8xmvw1cmz3f40zfh498amz7qhjz7w6q1qncwb99q5386phvscnx926ap1842e0pxde1gy8yznm8y5wvv7kmc09cxbh5r5h2ygd280q0spf8mnpvm80f7h1245b586a1e720p2d2emg46638hccqseaf9t9af16thghm2pdd5rkkexcfkcxnkdteb3dd6chkjqx3mwjn527a5bwfxn5r1tkr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%2526client%253Dca-pub-2450194731637417%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Aug 2021 17:49:37 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 57B5 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=&g=ad2df44b07958fec611aba2b30e7b8a0%2F18093339099196989498&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629308977679&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20r36s8n83r9jqqymt1n73s4v344je4d5zjmxx6b8xmvw1cmz3f40zfh498amz7qhjz7w6q1qncwb99q5386phvscnx926ap1842e0pxde1gy8yznm8y5wvv7kmc09cxbh5r5h2ygd280q0spf8mnpvm80f7h1245b586a1e720p2d2emg46638hccqseaf9t9af16thghm2pdd5rkkexcfkcxnkdteb3dd6chkjqx3mwjn527a5bwfxn5r1tkr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%2526client%253Dca-pub-2450194731637417%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c052 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date
Wed, 18 Aug 2021 17:49:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
404734
cf-polished
origFmt=png, origSize=44613
x-guploader-uploadid
ADPycdtBFoOXl0DgvcLsrwDY2OH8h9Hpqvp4cn5FQalt_RjVy00YKIoYtXnJd3ZVDSi54i2j9YZAm1_RWaFEGJgDASR0imFG0w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
39202
last-modified
Wed, 22 Jan 2020 13:11:41 GMT
server
cloudflare
etag
"c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDWtxymNrGaCghR68TmhzquSxe3XVqPAEjTFoCHkOuIkB0F8tvVcmfAeSU0YqpZA0kHXKHzraaey4aZD64qLSYFcmRL3Gmk9DrH17VsNBj1osJvCbhr1miavEHpX%2BDN7DZjTD9og1ph6B6Ad"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698701189315
content-type
image/webp
expires
Thu, 19 Aug 2021 17:49:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
44613
accept-ranges
bytes
cf-ray
680cfad6e8c4c2d6-FRA
cf-bgj
imgq:85,h2pri
69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 57B5 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=&g=ad2df44b07958fec611aba2b30e7b8a0%2F18093339099196989498&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629308977679&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20r36s8n83r9jqqymt1n73s4v344je4d5zjmxx6b8xmvw1cmz3f40zfh498amz7qhjz7w6q1qncwb99q5386phvscnx926ap1842e0pxde1gy8yznm8y5wvv7kmc09cxbh5r5h2ygd280q0spf8mnpvm80f7h1245b586a1e720p2d2emg46638hccqseaf9t9af16thghm2pdd5rkkexcfkcxnkdteb3dd6chkjqx3mwjn527a5bwfxn5r1tkr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%2526client%253Dca-pub-2450194731637417%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c052 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date
Wed, 18 Aug 2021 17:49:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
583551
cf-polished
origFmt=png, origSize=136328
x-guploader-uploadid
ADPycdtIzq_vJ5nFb2W5tssU-MDbTl1QbIm93RCyJfrmPzu-97-yWEwMzhk-34f3i-RKCXR0otX6ULdnrF6ohpilzg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
115268
last-modified
Tue, 29 Oct 2019 09:42:57 GMT
server
cloudflare
etag
"0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3CRUjZUL6S8k2FrUVxofmqvP9g2gMWldOMHQHegq64uDKg82rjeCEHYBUBA0AHKN8gZySYYqujoaXPE7kbkWD%2B2DBCyHSnelrMqjWELG3e51Lq0c7FLbALVgNtjPbrl1LiSgKQT%2BuavmrFQ"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1572342177666668
content-type
image/webp
expires
Thu, 19 Aug 2021 17:49:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136328
accept-ranges
bytes
cf-ray
680cfad6e8c6c2d6-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 57B5 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Joneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=&g=ad2df44b07958fec611aba2b30e7b8a0%2F18093339099196989498&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629308977679&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20r36s8n83r9jqqymt1n73s4v344je4d5zjmxx6b8xmvw1cmz3f40zfh498amz7qhjz7w6q1qncwb99q5386phvscnx926ap1842e0pxde1gy8yznm8y5wvv7kmc09cxbh5r5h2ygd280q0spf8mnpvm80f7h1245b586a1e720p2d2emg46638hccqseaf9t9af16thghm2pdd5rkkexcfkcxnkdteb3dd6chkjqx3mwjn527a5bwfxn5r1tkr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%2526client%253Dca-pub-2450194731637417%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Aug 2021 17:49:37 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 57B5 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=&g=ad2df44b07958fec611aba2b30e7b8a0%2F18093339099196989498&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629308977679&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20r36s8n83r9jqqymt1n73s4v344je4d5zjmxx6b8xmvw1cmz3f40zfh498amz7qhjz7w6q1qncwb99q5386phvscnx926ap1842e0pxde1gy8yznm8y5wvv7kmc09cxbh5r5h2ygd280q0spf8mnpvm80f7h1245b586a1e720p2d2emg46638hccqseaf9t9af16thghm2pdd5rkkexcfkcxnkdteb3dd6chkjqx3mwjn527a5bwfxn5r1tkr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%2526client%253Dca-pub-2450194731637417%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c052 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date
Wed, 18 Aug 2021 17:49:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
359384
cf-polished
qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid
ADPycdtxzSVIJa5wj3PhN0y8BU0kW3aZvFumakmQJSXhWlpBfaVvoT0Dj1OBDv_OZQFr8a89Gelq79MufLskX2eTfA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8354
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rDlKEUS79WJ%2FzGJ5eeIORh6tu6SQXfcbmCPIExzjGczjMRNP6cyitbgn%2FLlIWyWarPI52c4PS65%2FW3lIZseQN0NZ%2B2bkKwBSnbNXUax0fJkdmWrIoMgwpgbOeAc9xjL%2B8kQJ7hkV8vLQL2C"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698787150900
content-type
image/webp
expires
Thu, 19 Aug 2021 17:49:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
16723
accept-ranges
bytes
cf-ray
680cfad6e8c8c2d6-FRA
cf-bgj
imgq:85,h2pri
F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
assets.ad4m.at/ Frame 57B5 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=&g=ad2df44b07958fec611aba2b30e7b8a0%2F18093339099196989498&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629308977679&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20r36s8n83r9jqqymt1n73s4v344je4d5zjmxx6b8xmvw1cmz3f40zfh498amz7qhjz7w6q1qncwb99q5386phvscnx926ap1842e0pxde1gy8yznm8y5wvv7kmc09cxbh5r5h2ygd280q0spf8mnpvm80f7h1245b586a1e720p2d2emg46638hccqseaf9t9af16thghm2pdd5rkkexcfkcxnkdteb3dd6chkjqx3mwjn527a5bwfxn5r1tkr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%2526client%253Dca-pub-2450194731637417%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c052 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=DWwdxw==, md5=nrQF3oFd2dnh8eRzIt323A==
date
Wed, 18 Aug 2021 17:49:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
582360
cf-polished
qual=85, origFmt=jpeg, origSize=40264
x-guploader-uploadid
ADPycdvvB6uzlBf85gejyOnLrDvuwZhKKXK1VpRUY0xBynHYzO5RBpdKXBT98Jm2FqkCYGe3d9ZkzSmbZtG7j1wbF8ydhTdT7A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
35504
last-modified
Wed, 19 Feb 2020 17:37:15 GMT
server
cloudflare
etag
"9eb405de815dd9d9e1f1e47322ddf6dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0AkGJwaoV2NcHmg1M96oo04JwOZz4yNX9zkR5OE7B8H7XvdgrzNoRvzNfBjj8muIQemF0dBTDE0kU%2BkbFNb78ivOSx2157RszAvt9hjI5bz%2BMFFQ9pFdeynDctoHBZLVGxDNpQ50rZ2KcDv"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1582133835673152
content-type
image/webp
expires
Thu, 19 Aug 2021 17:49:37 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
40264
accept-ranges
bytes
cf-ray
680cfad6e8c9c2d6-FRA
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame 57B5
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CI-X6_aQu_ICFQU14AodCVEOtw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629308978_a82d7a70-004c-11ec-bfe3-692d0dec5663
0
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629308978_a82d7a70-004c-11ec-bfe3-692d0dec5663
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=&g=ad2df44b07958fec611aba2b30e7b8a0%2F18093339099196989498&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629308977679&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20r36s8n83r9jqqymt1n73s4v344je4d5zjmxx6b8xmvw1cmz3f40zfh498amz7qhjz7w6q1qncwb99q5386phvscnx926ap1842e0pxde1gy8yznm8y5wvv7kmc09cxbh5r5h2ygd280q0spf8mnpvm80f7h1245b586a1e720p2d2emg46638hccqseaf9t9af16thghm2pdd5rkkexcfkcxnkdteb3dd6chkjqx3mwjn527a5bwfxn5r1tkr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqk5KMUgdYce3DsHw-gaZnKGwBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN6ABwq7o3QPIAQmpAqia_ovzqbM-qAMBqgTCAU_QrLOZwOiwy3eoE77xP70PIvY3i-PGgB5i5PUemkMni0ykNafGf-iHEYyL7nQZwCAtjO5yU-Qg6ksBut6-rcyxD6uh_SkuyZ5Y5fCVn5EaVTduAlQOM8NFjkrYBMPEDTBUfPmv3TaMQCk_DE9q_XfC7KrJJiDKLH60VhxljhL64cl9HaNhAIjW9zp_d8KcgPMF3t94RkyRvCuS6XJwKfipoJ90uofU8vSDup5rxlJmxInt5kLT2o_Jl-_htfmlRNH0gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XsSUiaCsgDC4zEVFVgtbGH6gTfw%2526client%253Dca-pub-2450194731637417%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.139.251.148.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Aug 2021 17:49:37 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Wed, 18 Aug 2021 17:49:38 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629308978_a82d7a70-004c-11ec-bfe3-692d0dec5663
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
ajk4xlebn4mw
hal9000.redintelligence.net/zone/ Frame 4BD0 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&rnd=3882117385595560503&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3882117385595560503%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddd67611d-4831-4301-8a99-b726e8e6aa4b%26mt_cid%3Ddd67611d-4831-4301-8a99-b726e8e6aa4b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_pfpMEgdYZftOMm5gAfvho_YCM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN8gBCagDAaoEvAFP0HFfwVDgEmoioTuCusMOHwU5XIuZDwvcpP1u0y2D0lD0n3OYgqBhR0cv9VU-TrZ_KVEB8fCTx_oraArJbhradtldNkBB24hI623GDpTwKYcst52MWMlEIuMPn9V-Q3PyXGQ7x-o5Ay40trnAnA2rLtSjsuoZ4DYM2lgb2iAaS2ZdWynGfTUBBC4b3Rc6lxOS7m4XcmFjoP-d0BsYE8zDIUa7fy0FgfscfuZItEfQOjRZP_SHD6xBQqiY2IAGyuvp0O6wg6qJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0jTLpz776qCxlYfLivBJ7Ou8WcqQ%2526client%253Dca-pub-2450194731637417%2526adurl%253D%26redirect%3D
Requested by
Host: www.ntdvn.com
URL: https://www.ntdvn.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
8410e5474988d7826c0fd7f5d1fdaff540a3a4d010131081816b08173dab2e3d

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 17:49:37 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3411
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 4BD0 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=3882117385595560503&node_id=1621&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTldRME1ETmtNVEV0TXpnNFl5MW1ZMkppTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM4ODIxMTczODU1OTU1NjA1MDMvNjYyMjMzMi80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGN0RHQVQ0T2d5QlhuZWRtenpVUEI5ay8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zODgyMTE3Mzg1NTk1NTYwNTAzL3pyaC8wLzM0NC84Mi85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYyOTMwODk3Ny8xNjI5MzIxNTc3LzQvcHViLTI0NTAxOTQ3MzE2Mzc0MTcv/j5IIsn9FMqmjfwDmiNMowdRfbBI&nodeid=1621&group=eu&auctionid=3882117385595560503&shardkey=3882117385595560503&sid=4562306&cid=6622332&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.170&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_pfpMEgdYZftOMm5gAfvho_YCM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN8gBCagDAaoEvAFP0HFfwVDgEmoioTuCusMOHwU5XIuZDwvcpP1u0y2D0lD0n3OYgqBhR0cv9VU-TrZ_KVEB8fCTx_oraArJbhradtldNkBB24hI623GDpTwKYcst52MWMlEIuMPn9V-Q3PyXGQ7x-o5Ay40trnAnA2rLtSjsuoZ4DYM2lgb2iAaS2ZdWynGfTUBBC4b3Rc6lxOS7m4XcmFjoP-d0BsYE8zDIUa7fy0FgfscfuZItEfQOjRZP_SHD6xBQqiY2IAGyuvp0O6wg6qJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0jTLpz776qCxlYfLivBJ7Ou8WcqQ%26client%3Dca-pub-2450194731637417%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.203.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 17:49:37 GMT
Server
MMBD/3.203.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x65, zrh-bidder-x132
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Wed, 18 Aug 2021 17:49:36 GMT
analytics.js
s.update.mediamathtag.com/2/619621/ Frame 4BD0 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.ntdvn.com&ui=5d403d11-388c-fcbb-0000-000000000000&ap=&ti=3882117385595560503&pv=e078d641-5679-4654-9245-b48316e6304d&pp=pub-2450194731637417&sr=4&de=43003&si=1007617995&dm=728x90&ac=651871&cr=6622332&ai=216536&c1=4562306&r1=2a01:4f8:192::&r2=&r3=
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTldRME1ETmtNVEV0TXpnNFl5MW1ZMkppTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM4ODIxMTczODU1OTU1NjA1MDMvNjYyMjMzMi80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGN0RHQVQ0T2d5QlhuZWRtenpVUEI5ay8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zODgyMTE3Mzg1NTk1NTYwNTAzL3pyaC8wLzM0NC84Mi85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYyOTMwODk3Ny8xNjI5MzIxNTc3LzQvcHViLTI0NTAxOTQ3MzE2Mzc0MTcv/j5IIsn9FMqmjfwDmiNMowdRfbBI&nodeid=1621&group=eu&auctionid=3882117385595560503&shardkey=3882117385595560503&sid=4562306&cid=6622332&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.170&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_pfpMEgdYZftOMm5gAfvho_YCM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN8gBCagDAaoEvAFP0HFfwVDgEmoioTuCusMOHwU5XIuZDwvcpP1u0y2D0lD0n3OYgqBhR0cv9VU-TrZ_KVEB8fCTx_oraArJbhradtldNkBB24hI623GDpTwKYcst52MWMlEIuMPn9V-Q3PyXGQ7x-o5Ay40trnAnA2rLtSjsuoZ4DYM2lgb2iAaS2ZdWynGfTUBBC4b3Rc6lxOS7m4XcmFjoP-d0BsYE8zDIUa7fy0FgfscfuZItEfQOjRZP_SHD6xBQqiY2IAGyuvp0O6wg6qJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0jTLpz776qCxlYfLivBJ7Ou8WcqQ%26client%3Dca-pub-2450194731637417%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
87fe739c2ae823f9102cd70cc980a8f68f9a4cc48561299a4129040f12cd203c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Aug 2021 17:49:37 GMT
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
3269
Expires
0
img
pixel.mathtag.com/event/ Frame 4BD0 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=3882117385595560503&v3=651871&v4=4562306&v5=6622332&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTldRME1ETmtNVEV0TXpnNFl5MW1ZMkppTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM4ODIxMTczODU1OTU1NjA1MDMvNjYyMjMzMi80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGN0RHQVQ0T2d5QlhuZWRtenpVUEI5ay8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zODgyMTE3Mzg1NTk1NTYwNTAzL3pyaC8wLzM0NC84Mi85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYyOTMwODk3Ny8xNjI5MzIxNTc3LzQvcHViLTI0NTAxOTQ3MzE2Mzc0MTcv/j5IIsn9FMqmjfwDmiNMowdRfbBI&nodeid=1621&group=eu&auctionid=3882117385595560503&shardkey=3882117385595560503&sid=4562306&cid=6622332&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.170&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_pfpMEgdYZftOMm5gAfvho_YCM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN8gBCagDAaoEvAFP0HFfwVDgEmoioTuCusMOHwU5XIuZDwvcpP1u0y2D0lD0n3OYgqBhR0cv9VU-TrZ_KVEB8fCTx_oraArJbhradtldNkBB24hI623GDpTwKYcst52MWMlEIuMPn9V-Q3PyXGQ7x-o5Ay40trnAnA2rLtSjsuoZ4DYM2lgb2iAaS2ZdWynGfTUBBC4b3Rc6lxOS7m4XcmFjoP-d0BsYE8zDIUa7fy0FgfscfuZItEfQOjRZP_SHD6xBQqiY2IAGyuvp0O6wg6qJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0jTLpz776qCxlYfLivBJ7Ou8WcqQ%26client%3Dca-pub-2450194731637417%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3842 1127766 master cdg-pixel-x11 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 17:49:37 GMT
Server
MT3 3842 1127766 master cdg-pixel-x11
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 18 Aug 2021 17:52:17 GMT
img
tags.mathtag.com/event/ Frame 4BD0 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=3882117385595560503&st=4562306&time=1629308977&nodeid=1621
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTldRME1ETmtNVEV0TXpnNFl5MW1ZMkppTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM4ODIxMTczODU1OTU1NjA1MDMvNjYyMjMzMi80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGN0RHQVQ0T2d5QlhuZWRtenpVUEI5ay8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zODgyMTE3Mzg1NTk1NTYwNTAzL3pyaC8wLzM0NC84Mi85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYyOTMwODk3Ny8xNjI5MzIxNTc3LzQvcHViLTI0NTAxOTQ3MzE2Mzc0MTcv/j5IIsn9FMqmjfwDmiNMowdRfbBI&nodeid=1621&group=eu&auctionid=3882117385595560503&shardkey=3882117385595560503&sid=4562306&cid=6622332&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.170&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_pfpMEgdYZftOMm5gAfvho_YCM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN8gBCagDAaoEvAFP0HFfwVDgEmoioTuCusMOHwU5XIuZDwvcpP1u0y2D0lD0n3OYgqBhR0cv9VU-TrZ_KVEB8fCTx_oraArJbhradtldNkBB24hI623GDpTwKYcst52MWMlEIuMPn9V-Q3PyXGQ7x-o5Ay40trnAnA2rLtSjsuoZ4DYM2lgb2iAaS2ZdWynGfTUBBC4b3Rc6lxOS7m4XcmFjoP-d0BsYE8zDIUa7fy0FgfscfuZItEfQOjRZP_SHD6xBQqiY2IAGyuvp0O6wg6qJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0jTLpz776qCxlYfLivBJ7Ou8WcqQ%26client%3Dca-pub-2450194731637417%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.203.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 17:49:37 GMT
Server
MMBD/3.203.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x33, zrh-bidder-x132
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Wed, 18 Aug 2021 17:49:36 GMT
request.php
hal90004.redintelligence.net/ Frame 4BD0
Redirect Chain
  • https://hal90004.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=86fbe980d7&subid=&uid=38590b8443ee5fa0&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90004.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=86fbe980d7&subid=&uid=38590b8443ee5fa0&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
610 B
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=86fbe980d7&subid=&uid=38590b8443ee5fa0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3882117385595560503%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddd67611d-4831-4301-8a99-b726e8e6aa4b%26mt_cid%3Ddd67611d-4831-4301-8a99-b726e8e6aa4b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_pfpMEgdYZftOMm5gAfvho_YCM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN8gBCagDAaoEvAFP0HFfwVDgEmoioTuCusMOHwU5XIuZDwvcpP1u0y2D0lD0n3OYgqBhR0cv9VU-TrZ_KVEB8fCTx_oraArJbhradtldNkBB24hI623GDpTwKYcst52MWMlEIuMPn9V-Q3PyXGQ7x-o5Ay40trnAnA2rLtSjsuoZ4DYM2lgb2iAaS2ZdWynGfTUBBC4b3Rc6lxOS7m4XcmFjoP-d0BsYE8zDIUa7fy0FgfscfuZItEfQOjRZP_SHD6xBQqiY2IAGyuvp0O6wg6qJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0jTLpz776qCxlYfLivBJ7Ou8WcqQ%2526client%253Dca-pub-2450194731637417%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.ntdvn.com%2F&ancestorOrigins=https%3A%2F%2Fwww.ntdvn.com&random=1413839515566&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=1115549311&adk=2052768845&adf=854766408&pi=t.ma~as.1115549311&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308976878&bpp=26&bdt=559&idt=26&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7jQPvRl46h&p=https%3A//www.ntdvn.com&dtd=32
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
dc6fabbe945cb8c2f8b177dd5be4db4942d036f4c4ecf0e8f1cf6e561249296f

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Aug 2021 17:49:38 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
48948700138744800951389011690004
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
329
Expires
Wed, 18 Aug 2021 18:49:38 +0200

Redirect headers

Pragma
no-cache
Date
Wed, 18 Aug 2021 17:49:38 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=86fbe980d7&subid=&uid=38590b8443ee5fa0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3882117385595560503%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddd67611d-4831-4301-8a99-b726e8e6aa4b%26mt_cid%3Ddd67611d-4831-4301-8a99-b726e8e6aa4b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_pfpMEgdYZftOMm5gAfvho_YCM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN8gBCagDAaoEvAFP0HFfwVDgEmoioTuCusMOHwU5XIuZDwvcpP1u0y2D0lD0n3OYgqBhR0cv9VU-TrZ_KVEB8fCTx_oraArJbhradtldNkBB24hI623GDpTwKYcst52MWMlEIuMPn9V-Q3PyXGQ7x-o5Ay40trnAnA2rLtSjsuoZ4DYM2lgb2iAaS2ZdWynGfTUBBC4b3Rc6lxOS7m4XcmFjoP-d0BsYE8zDIUa7fy0FgfscfuZItEfQOjRZP_SHD6xBQqiY2IAGyuvp0O6wg6qJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0jTLpz776qCxlYfLivBJ7Ou8WcqQ%2526client%253Dca-pub-2450194731637417%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.ntdvn.com%2F&ancestorOrigins=https%3A%2F%2Fwww.ntdvn.com&random=1413839515566&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Wed, 18 Aug 2021 18:49:38 +0200
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 0311 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=2378274494&adk=2079447546&adf=3857485786&pi=t.ma~as.2378274494&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977004&bpp=13&bdt=684&idt=13&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1OqnSWorlA&p=https%3A//www.ntdvn.com&dtd=213
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:43:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 17:43:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0311 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=2378274494&adk=2079447546&adf=3857485786&pi=t.ma~as.2378274494&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977004&bpp=13&bdt=684&idt=13&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1OqnSWorlA&p=https%3A//www.ntdvn.com&dtd=213
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ea26b93c08451c3b36edf3aeed10447fcff13d7cd7fab7a8b9284d6af53185
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:37 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629113426487594"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38194
x-xss-protection
0
expires
Wed, 18 Aug 2021 17:49:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 0311 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=2378274494&adk=2079447546&adf=3857485786&pi=t.ma~as.2378274494&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977004&bpp=13&bdt=684&idt=13&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1OqnSWorlA&p=https%3A//www.ntdvn.com&dtd=213
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 17:49:00 GMT
l
www.google.com/ads/measurement/ Frame 0311 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGXNlJJnYNOklBEwSFWH-ukea1xiy9sDL7aCWn0joxQPHONamwmo7VBecgmJnEgTNpxp47x4StCqZj4PbYrWveUlz0IA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=2378274494&adk=2079447546&adf=3857485786&pi=t.ma~as.2378274494&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977004&bpp=13&bdt=684&idt=13&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1OqnSWorlA&p=https%3A//www.ntdvn.com&dtd=213
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 2E92 		223 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=2378274494&adk=2079447546&adf=3857485786&pi=t.ma~as.2378274494&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977004&bpp=13&bdt=684&idt=13&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1OqnSWorlA&p=https%3A//www.ntdvn.com&dtd=213
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7bf67883867f93d08cbf4eeac0485e641cb9e5b123e18bef046b7c706cffd28
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/17626451119355985920/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Wed, 11 Aug 2021 19:09:32 GMT
expires
Thu, 11 Aug 2022 19:09:32 GMT
last-modified
Mon, 03 May 2021 14:21:52 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
38330
age
600005
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 0311 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=COhkeMUgdYY69DsXt-gai8aKIDPPE9Pxj_8r3gfYN3NkeEAEg_dPxfGCVAqABlc_o8QPIAQmpAqia_ovzqbM-qAMByAMCqgTIAU_Q3HhaVFhxNz3c5tLW7vsqwrWIJ7Wj_hnu3tPykn1_irj-SdBthboIVlONv5xFF-mHg7DGpSgft4eYXUJEScwHGLby7RzNE2xQtHf-EEgXdyqTfiY-Bx5hMOWVTaXgs4HFgls-4PEcneFHRjCLfoJtxcKTULQxTYMrRQcTDvPQ4ZU3UO0Dj5slM17tdWh41WX_7wlZXi67ADr4V0bsOTeu78Ssr5jbzaVoHiH8G5RyJyhmgsHV3u9FAwJJVkWy-Y1qIwwhrhgPwATarIXYywOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGXYAH07CXDqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDcgAXSCAkIgOGAEBABGB-ACgHICwHYEw2IFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMjQ1MDE5NDczMTYzNzQxNxgA&sigh=NYwPovPtf_U
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=2378274494&adk=2079447546&adf=3857485786&pi=t.ma~as.2378274494&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977004&bpp=13&bdt=684&idt=13&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1OqnSWorlA&p=https%3A//www.ntdvn.com&dtd=213
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=2378274494&adk=2079447546&adf=3857485786&pi=t.ma~as.2378274494&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977004&bpp=13&bdt=684&idt=13&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1OqnSWorlA&p=https%3A//www.ntdvn.com&dtd=213
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 18 Aug 2021 17:49:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2387 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=2378274494&adk=2079447546&adf=3857485786&pi=t.ma~as.2378274494&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977004&bpp=13&bdt=684&idt=13&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1OqnSWorlA&p=https%3A//www.ntdvn.com&dtd=213
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=2378274494&adk=2079447546&adf=3857485786&pi=t.ma~as.2378274494&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977004&bpp=13&bdt=684&idt=13&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1OqnSWorlA&p=https%3A//www.ntdvn.com&dtd=213
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlJwGlyXMFsseeS1HtLRamEB-C7LR08pr0xJs1Lr1KdIhJNsX6ZZFzABlK8LOc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=2378274494&adk=2079447546&adf=3857485786&pi=t.ma~as.2378274494&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977004&bpp=13&bdt=684&idt=13&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1OqnSWorlA&p=https%3A//www.ntdvn.com&dtd=213

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 18 Aug 2021 17:16:33 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1984
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 0311 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM6ZxfaQu_ICFcW23godorgIwQ&gqi=MUgdYY3jDfSslQei4qyoDA&layout=/sadbundle/%24csp%253Der3%24/17626451119355985920/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=2378274494&adk=2079447546&adf=3857485786&pi=t.ma~as.2378274494&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977004&bpp=13&bdt=684&idt=13&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1OqnSWorlA&p=https%3A//www.ntdvn.com&dtd=213
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 17:49:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 2E92 		2 KB
594 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
379587f0cc0fe0137ff92ac3ee3671dd1f90119e17e269e26a807a9a668642a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 17:11:23 GMT
server
ESF
date
Wed, 18 Aug 2021 17:49:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Aug 2021 17:49:37 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2E92 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 18:13:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84950
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 18 Aug 2021 18:13:47 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2E92 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 12:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18724
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 19 Aug 2021 12:37:33 GMT
truncated
/ Frame 0311 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c86f91ddf9d37a4ab61979b84a3e482f36650c3cef93955b65f0d0aa189b798c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ Frame 2E92 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:32:51 GMT
x-content-type-options
nosniff
age
148607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:32:51 GMT
N0bU2SZBIuF2PU_0DXR1.woff2
fonts.gstatic.com/s/bungee/v6/ Frame 2E92 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bungee/v6/N0bU2SZBIuF2PU_0DXR1.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b00176dbbd9e4c77629b36fae58d076c8c3b55754e7c2dd3a6e4986e7ec9c37b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 04:58:03 GMT
x-content-type-options
nosniff
age
132695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17268
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 03:47:49 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 04:58:03 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ Frame 2E92 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:32:52 GMT
x-content-type-options
nosniff
age
148606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:32:52 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2387
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=2378274494&adk=2079447546&adf=3857485786&pi=t.ma~as.2378274494&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977004&bpp=13&bdt=684&idt=13&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1OqnSWorlA&p=https%3A//www.ntdvn.com&dtd=213
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlJwGlyXMFsseeS1HtLRamEB-C7LR08pr0xJs1Lr1KdIhJNsX6ZZFzABlK8LOc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 18 Aug 2021 17:49:38 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 18-Aug-2021 18:49:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 18 Aug 2021 17:49:38 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 18 Aug 2021 17:49:38 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
null-leasing-logo-final_white_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 2E92 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/null-leasing-logo-final_white_1.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=2378274494&adk=2079447546&adf=3857485786&pi=t.ma~as.2378274494&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977004&bpp=13&bdt=684&idt=13&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1OqnSWorlA&p=https%3A//www.ntdvn.com&dtd=213
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62cdccf1ab4b4215586295612a4a2ef96fa490250fa96dbccc565f659cab86ab
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
140989
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1738
x-xss-protection
0
last-modified
Mon, 03 May 2021 14:21:52 GMT
server
sffe
date
Tue, 17 Aug 2021 02:39:49 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 02:39:49 GMT
autos_licht_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 2E92 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/autos_licht_1.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=2378274494&adk=2079447546&adf=3857485786&pi=t.ma~as.2378274494&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977004&bpp=13&bdt=684&idt=13&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1OqnSWorlA&p=https%3A//www.ntdvn.com&dtd=213
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a87352099e9b3946d71f4f73c69f9217ef99278088a177d5eef09df78c11e4ae
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
69177
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5867
x-xss-protection
0
last-modified
Mon, 03 May 2021 14:21:52 GMT
server
sffe
date
Tue, 17 Aug 2021 22:36:41 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 22:36:41 GMT
autos.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 2E92 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/autos.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=2378274494&adk=2079447546&adf=3857485786&pi=t.ma~as.2378274494&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977004&bpp=13&bdt=684&idt=13&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1OqnSWorlA&p=https%3A//www.ntdvn.com&dtd=213
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c45bfa2dc80f54eb8564aa778a0929a00811168617ee6340cc59f0af48e5cca
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
108451
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49113
x-xss-protection
0
last-modified
Mon, 03 May 2021 14:21:52 GMT
server
sffe
date
Tue, 17 Aug 2021 11:42:07 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 11:42:07 GMT
hintergrund_plain.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 2E92 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/hintergrund_plain.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=2378274494&adk=2079447546&adf=3857485786&pi=t.ma~as.2378274494&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308977004&bpp=13&bdt=684&idt=13&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1OqnSWorlA&p=https%3A//www.ntdvn.com&dtd=213
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
969231fe165a93933d6908d45bfa09c364b66de37160efea47d87d18d7d37bd8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
106353
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30604
x-xss-protection
0
last-modified
Mon, 03 May 2021 14:21:52 GMT
server
sffe
date
Tue, 17 Aug 2021 12:17:05 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:17:05 GMT
request_content.php
hal90004.redintelligence.net/ Frame D71C 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/request_content.php?s=48948700138744800951389011690004&a=53aff7f4
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=86fbe980d7&subid=&uid=38590b8443ee5fa0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3882117385595560503%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddd67611d-4831-4301-8a99-b726e8e6aa4b%26mt_cid%3Ddd67611d-4831-4301-8a99-b726e8e6aa4b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_pfpMEgdYZftOMm5gAfvho_YCM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjQ1MDE5NDczMTYzNzQxN8gBCagDAaoEvAFP0HFfwVDgEmoioTuCusMOHwU5XIuZDwvcpP1u0y2D0lD0n3OYgqBhR0cv9VU-TrZ_KVEB8fCTx_oraArJbhradtldNkBB24hI623GDpTwKYcst52MWMlEIuMPn9V-Q3PyXGQ7x-o5Ay40trnAnA2rLtSjsuoZ4DYM2lgb2iAaS2ZdWynGfTUBBC4b3Rc6lxOS7m4XcmFjoP-d0BsYE8zDIUa7fy0FgfscfuZItEfQOjRZP_SHD6xBQqiY2IAGyuvp0O6wg6qJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0jTLpz776qCxlYfLivBJ7Ou8WcqQ%2526client%253Dca-pub-2450194731637417%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.ntdvn.com%2F&ancestorOrigins=https%3A%2F%2Fwww.ntdvn.com&random=1413839515566&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
53f05baa07bd23ca5b8dc83bd2bc53279a065c8e87d4494762da0f4d84689bd2

Request headers

Host
hal90004.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=8d391c003638a09c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

Date
Wed, 18 Aug 2021 17:49:38 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Wed, 18 Aug 2021 18:49:38 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1498
Connection
close
Content-Type
text/html; charset=utf-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 385B 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=1115549311&adk=2052768845&adf=854766408&pi=t.ma~as.1115549311&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308976878&bpp=26&bdt=559&idt=26&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7jQPvRl46h&p=https%3A//www.ntdvn.com&dtd=32
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 18 Aug 2021 11:56:19 GMT
expires
Thu, 19 Aug 2021 11:56:19 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
21199
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4BD0 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d587b6f30cd43b25852b6b71d76313e52fbf1555b320b97666c8f99d2ac0d386

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
postback
s.update.mediamathtag.com/2/2.22.0/619621/ALlDB4oJEPLXw0uG/ Frame 4BD0 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.22.0/619621/ALlDB4oJEPLXw0uG/postback?oz_pl=1&ac=651871&ai=216536&dt=6196211556140246740000&si=1007617995&dm=728x90&pv=e078d641-5679-4654-9245-b48316e6304d&de=43003&r1=2a01%3A4f8%3A192%3A%3A&r2=&pd=avt&ap=&ti=3882117385595560503&r3=&sr=4&cr=6622332&c1=4562306&ci=619621&di=https%3A%2F%2Fwww.ntdvn.com&ui=5d403d11-388c-fcbb-0000-000000000000&pp=pub-2450194731637417&_x=1
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.ntdvn.com&ui=5d403d11-388c-fcbb-0000-000000000000&ap=&ti=3882117385595560503&pv=e078d641-5679-4654-9245-b48316e6304d&pp=pub-2450194731637417&sr=4&de=43003&si=1007617995&dm=728x90&ac=651871&cr=6622332&ai=216536&c1=4562306&r1=2a01:4f8:192::&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 18 Aug 2021 17:49:38 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.update.mediamathtag.com/2/2.22.0/ Frame 4BD0 		144 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.22.0/main.js
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.ntdvn.com&ui=5d403d11-388c-fcbb-0000-000000000000&ap=&ti=3882117385595560503&pv=e078d641-5679-4654-9245-b48316e6304d&pp=pub-2450194731637417&sr=4&de=43003&si=1007617995&dm=728x90&ac=651871&cr=6622332&ai=216536&c1=4562306&r1=2a01:4f8:192::&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
02d4e512fcea3f328df5ca0b8afb1bfb4db2dad5287a2cdf2898d3e212955710
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 17:49:37 GMT
Content-Encoding
br
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, no-transform, immutable, max-age=999999999
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
45017
Expires
Sat, 26 Apr 2053 05:15:40 GMT
pixel
cm.g.doubleclick.net/ Frame 385B
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEI5WsSWt1QRKnPcqnj4wMJI&google_cver=1&google_push=AYg5qPKQmNN0fOrOz-aW2iWE0OYpeeakpI6o8uMP1gU-vYgOF_wIp938w1...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKQmNN0fOrOz-aW2iWE0OYpeeakpI6o8uMP1gU-vYgOF_wIp938w1Muv90qGMhfWVp-oSIfFuHKy8tkTiODbLgZShkezII6&google_hm=Rv6Pyh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKQmNN0fOrOz-aW2iWE0OYpeeakpI6o8uMP1gU-vYgOF_wIp938w1Muv90qGMhfWVp-oSIfFuHKy8tkTiODbLgZShkezII6&google_hm=Rv6PyhcCAsMn_9JTgrOZ2g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=1115549311&adk=2052768845&adf=854766408&pi=t.ma~as.1115549311&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308976878&bpp=26&bdt=559&idt=26&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7jQPvRl46h&p=https%3A//www.ntdvn.com&dtd=32
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 17:49:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKQmNN0fOrOz-aW2iWE0OYpeeakpI6o8uMP1gU-vYgOF_wIp938w1Muv90qGMhfWVp-oSIfFuHKy8tkTiODbLgZShkezII6&google_hm=Rv6PyhcCAsMn_9JTgrOZ2g
pragma
no-cache
date
Wed, 18 Aug 2021 17:49:38 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 385B
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJODq2OCmQkoj_sYoZoYucn9qqqFLGExxvTYO2G8cw4I8oGIVU_0ZvaPhcyhx9wnaWCA9lzrjoOU5A52OOuqvxD8V1H1dVZ&google_gid=CAESEDOLISQvot4B2zQWhj2hC0c&goo...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLKQ9YgGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBKT0RxMk9DbVFrb2pfc1lvWm9ZdWNuOXFxcUZMR0V4eHZUWU8yRzhjdzRJOG9HSVZVXzBadmFQaGN5aHg5d25hV0NBOWx6cmpvT1U1QTUyT0...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcweGtvOURPcTVvUHhlVkFPUG00alFZQjJrZl9HVmRyNmQtVlZDVm5yYmliSQ==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcweGtvOURPcTVvUHhlVkFPUG00alFZQjJrZl9HVmRyNmQtVlZDVm5yYmliSQ==&google_push
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=1115549311&adk=2052768845&adf=854766408&pi=t.ma~as.1115549311&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308976878&bpp=26&bdt=559&idt=26&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7jQPvRl46h&p=https%3A//www.ntdvn.com&dtd=32
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 17:49:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 18 Aug 2021 17:49:38 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcweGtvOURPcTVvUHhlVkFPUG00alFZQjJrZl9HVmRyNmQtVlZDVm5yYmliSQ==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 385B
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEAEwyafJlzDC2S24NGsJQOY&google_cver=1&google_push=AYg5qPKpqaIUe26OYhu3F-jvgUIeja6SP2OxBGWotLVwYhIVq_-M2sfXuSgTXGM2werzP8XUWcmLs_tCcwyMtT8tPfztxTjgO0n8
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKpqaIUe26OYhu3F-jvgUIeja6SP2OxBGWotLVwYhIVq_-M2sfXuSgTXGM2werzP8XUWcmLs_tCcwyMtT8tPfztxTjgO0n8&google_hm=rJi2nOj5ypcGNtyQdJf5zA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKpqaIUe26OYhu3F-jvgUIeja6SP2OxBGWotLVwYhIVq_-M2sfXuSgTXGM2werzP8XUWcmLs_tCcwyMtT8tPfztxTjgO0n8&google_hm=rJi2nOj5ypcGNtyQdJf5zA==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=1115549311&adk=2052768845&adf=854766408&pi=t.ma~as.1115549311&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308976878&bpp=26&bdt=559&idt=26&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7jQPvRl46h&p=https%3A//www.ntdvn.com&dtd=32
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 17:49:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Aug 2021 17:49:37 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKpqaIUe26OYhu3F-jvgUIeja6SP2OxBGWotLVwYhIVq_-M2sfXuSgTXGM2werzP8XUWcmLs_tCcwyMtT8tPfztxTjgO0n8&google_hm=rJi2nOj5ypcGNtyQdJf5zA==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
4061rkdntqofubc4eg5or6ej1l1ckjnv
pixel
cm.g.doubleclick.net/ Frame 385B
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Cub7QvVXQ1OXo0FUTKD2nw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Cub7QvVXQ1OXo0FUTKD2nw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ88A_d3vUzfNgGfDfQNhps1ogm75qGBu8LXw62y_U_-wig0mSQ0TiBTe7FfeIzIwG-mvWmRmP1j-QQpom0zJ_BNiJRZhjI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=1115549311&adk=2052768845&adf=854766408&pi=t.ma~as.1115549311&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308976878&bpp=26&bdt=559&idt=26&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7jQPvRl46h&p=https%3A//www.ntdvn.com&dtd=32
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 17:49:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Cub7QvVXQ1OXo0FUTKD2nw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ88A_d3vUzfNgGfDfQNhps1ogm75qGBu8LXw62y_U_-wig0mSQ0TiBTe7FfeIzIwG-mvWmRmP1j-QQpom0zJ_BNiJRZhjI
date
Wed, 18 Aug 2021 17:49:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 385B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOxOgYWRhcaCc4pXKqRELEE&google_cver=1&google_push=AYg5qPIyTfncfFTb2akC3--2WRnl4pX2_-T2tAWGXF9EpBSM75aFAtCSODz6gJw0lp8Tb05nILh...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NIU0hYVDEtMjAtTExTQw==&google_push=AYg5qPIyTfncfFTb2akC3--2WRnl4pX2_-T2tAWGXF9EpBSM75aFAtCSODz6gJw0lp8Tb05nILhzscpqJFfUj4rNuVUXHekXOFU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NIU0hYVDEtMjAtTExTQw==&google_push=AYg5qPIyTfncfFTb2akC3--2WRnl4pX2_-T2tAWGXF9EpBSM75aFAtCSODz6gJw0lp8Tb05nILhzscpqJFfUj4rNuVUXHekXOFU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=1115549311&adk=2052768845&adf=854766408&pi=t.ma~as.1115549311&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308976878&bpp=26&bdt=559&idt=26&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7jQPvRl46h&p=https%3A//www.ntdvn.com&dtd=32
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 17:49:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NIU0hYVDEtMjAtTExTQw==&google_push=AYg5qPIyTfncfFTb2akC3--2WRnl4pX2_-T2tAWGXF9EpBSM75aFAtCSODz6gJw0lp8Tb05nILhzscpqJFfUj4rNuVUXHekXOFU
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
pixel
cm.g.doubleclick.net/ Frame 385B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGeBsOnuHfb_7813MYsYUfg&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWG...
0
0
pixel
cm.g.doubleclick.net/ Frame 385B
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJYLa2k8Qmxb8MEqjszETQ4&google_cver=1&google_push=AYg5qPLdN-3A8FX3EIWS17f-...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLdN-3A8FX3EIWS17f-YiZ8TWWGbG3-EHgIvrYaAn2OWRCFsWWRj6N7eU1geyHPWCMptTolfArhz8BBXNjlN2iw2SbDcleh9A&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLdN-3A8FX3EIWS17f-YiZ8TWWGbG3-EHgIvrYaAn2OWRCFsWWRj6N7eU1geyHPWCMptTolfArhz8BBXNjlN2iw2SbDcleh9A&google_hm=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=1115549311&adk=2052768845&adf=854766408&pi=t.ma~as.1115549311&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308976878&bpp=26&bdt=559&idt=26&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7jQPvRl46h&p=https%3A//www.ntdvn.com&dtd=32
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 17:49:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Aug 2021 17:49:38 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLdN-3A8FX3EIWS17f-YiZ8TWWGbG3-EHgIvrYaAn2OWRCFsWWRj6N7eU1geyHPWCMptTolfArhz8BBXNjlN2iw2SbDcleh9A&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Tue, 17 Aug 2021 17:49:38 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 385B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lml5CK093qOqI02aqd7maomVNukbWZVIVgAGNJMbM3Cibvqve9eZvbIkthhxlSJMr9re7O8Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2450194731637417&output=html&h=90&slotname=1115549311&adk=2052768845&adf=854766408&pi=t.ma~as.1115549311&w=728&lmt=1629307174&psa=0&format=728x90&url=https%3A%2F%2Fwww.ntdvn.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629308976878&bpp=26&bdt=559&idt=26&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24dafd9aa490dd19-221c48eea4c800b2%3AT%3D1629308976%3ART%3D1629308976%3AS%3DALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA&prev_fmts=0x0&nras=1&correlator=529550808947&frm=20&pv=1&ga_vid=737564294.1629308977&ga_sid=1629308977&ga_hid=1251411925&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C44748388%2C31062297%2C31062093&oid=3&pvsid=4391913966110409&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7jQPvRl46h&p=https%3A//www.ntdvn.com&dtd=32
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
S-728x90.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame D71C 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/DE/S-728x90.gif
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=48948700138744800951389011690004&a=53aff7f4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.65.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
7c67dc1e9ecce0d3757d97792fd606effaa6fe799ebe7423aff81e26e07900a1

Request headers

Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 17:49:38 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:29 GMT
Server
nginx
ETag
"5b55f201-5f90"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
24464
viewability
hal90004.redintelligence.net/ Frame D71C 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/viewability?s=48948700138744800951389011690004&a=26cd87bf&vb=m
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=48948700138744800951389011690004&a=53aff7f4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal90004.redintelligence.net/request_content.php?s=48948700138744800951389011690004&a=53aff7f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 17:49:38 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame D71C 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
addDoubleBorder.js
cdn.contentspread.net/24i/tools/js/ Frame D71C 		851 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=48948700138744800951389011690004&a=53aff7f4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.65.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 17:49:38 GMT
Last-Modified
Tue, 03 May 2016 20:54:50 GMT
Server
nginx
ETag
"5729101a-353"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
851
postback
s.update.mediamathtag.com/2/2.22.0/619621/ALlDB4oJEPLXw0uG/ Frame 4BD0 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.22.0/619621/ALlDB4oJEPLXw0uG/postback?oz_pl=1&ac=651871&ai=216536&dt=6196211556140246740000&si=1007617995&dm=728x90&pv=e078d641-5679-4654-9245-b48316e6304d&de=43003&r1=2a01%3A4f8%3A192%3A%3A&r2=&pd=avt&ap=&ti=3882117385595560503&r3=&sr=4&cr=6622332&c1=4562306&ci=619621&di=https%3A%2F%2Fwww.ntdvn.com&ui=5d403d11-388c-fcbb-0000-000000000000&pp=pub-2450194731637417&_x=1
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.ntdvn.com&ui=5d403d11-388c-fcbb-0000-000000000000&ap=&ti=3882117385595560503&pv=e078d641-5679-4654-9245-b48316e6304d&pp=pub-2450194731637417&sr=4&de=43003&si=1007617995&dm=728x90&ac=651871&cr=6622332&ai=216536&c1=4562306&r1=2a01:4f8:192::&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 18 Aug 2021 17:49:38 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.mediamathtag.com/2/2.22.0/619621/ALlDB4oJEPLXw0uG/ Frame 4BD0 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.22.0/619621/ALlDB4oJEPLXw0uG/postback?ac=651871&ai=216536&dt=6196211556140246740000&si=1007617995&dm=728x90&pv=e078d641-5679-4654-9245-b48316e6304d&de=43003&r1=2a01%3A4f8%3A192%3A%3A&r2=&pd=avt&ap=&ti=3882117385595560503&r3=&sr=4&cr=6622332&c1=4562306&ci=619621&di=https%3A%2F%2Fwww.ntdvn.com&ui=5d403d11-388c-fcbb-0000-000000000000&pp=pub-2450194731637417&sid=ALlDB4oJEPLXw0uG&oz_sc=7e12c8ecaeaba0ddb17f3d96&oz_df=1629308978533&oz_l=1196&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.22.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 18 Aug 2021 17:49:38 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210812&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2450194731637417&plah=www.ntdvn.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3bcc91717e19bca3c731a25f245b1c944546ef6bd3add866ce5bb562cab16e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Aug 2021 17:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8448
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2450194731637417&plah=www.ntdvn.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Wed, 18 Aug 2021 17:49:38 GMT
postback
s.update.mediamathtag.com/2/2.22.0/619621/ALlDB4oJEPLXw0uG/ Frame 4BD0 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.22.0/619621/ALlDB4oJEPLXw0uG/postback?ac=651871&ai=216536&dt=6196211556140246740000&si=1007617995&dm=728x90&pv=e078d641-5679-4654-9245-b48316e6304d&de=43003&r1=2a01%3A4f8%3A192%3A%3A&r2=&pd=avt&ap=&ti=3882117385595560503&r3=&sr=4&cr=6622332&c1=4562306&ci=619621&di=https%3A%2F%2Fwww.ntdvn.com&ui=5d403d11-388c-fcbb-0000-000000000000&pp=pub-2450194731637417&sid=ALlDB4oJEPLXw0uG&oz_sc=7e12c8ecaeaba0ddb17f3d96&oz_df=1629308978730&oz_l=12227&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.22.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 18 Aug 2021 17:49:38 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
truncated
/ Frame 2C8B 		13 B
13 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/html;charset=utf-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 21E6 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ntdvn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ntdvn.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Wed, 18 Aug 2021 17:27:31 GMT
expires
Thu, 18 Aug 2022 17:27:31 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1327
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 470A 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3ce997e9c3230b5354ed1e9b282351f8c62b131ed221b88efd53c7893518bc74
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ndnzj227LWg96GInrjJhAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ntdvn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ntdvn.com/

Response headers

expires
Wed, 18 Aug 2021 17:49:38 GMT
date
Wed, 18 Aug 2021 17:49:38 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Ndnzj227LWg96GInrjJhAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
pagead2.googlesyndication.com/bg/ Frame 21E6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 08:47:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
118902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Aug 2022 08:47:56 GMT
postback
s.update.mediamathtag.com/2/2.22.0/619621/ALlDB4oJEPLXw0uG/ Frame 4BD0 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.22.0/619621/ALlDB4oJEPLXw0uG/postback?ac=651871&ai=216536&dt=6196211556140246740000&si=1007617995&dm=728x90&pv=e078d641-5679-4654-9245-b48316e6304d&de=43003&r1=2a01%3A4f8%3A192%3A%3A&r2=&pd=avt&ap=&ti=3882117385595560503&r3=&sr=4&cr=6622332&c1=4562306&ci=619621&di=https%3A%2F%2Fwww.ntdvn.com&ui=5d403d11-388c-fcbb-0000-000000000000&pp=pub-2450194731637417&sid=ALlDB4oJEPLXw0uG&oz_sc=7e12c8ecaeaba0ddb17f3d96&oz_df=1629308978888&oz_l=87&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.22.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 18 Aug 2021 17:49:38 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210812&jk=4391913966110409&bg=!zM-lz4vNAAZvV8FTb1c7ACkAdvg8WtRmvx3nYXKn6aL5rrqFAyNkXVgdPCB9uSA026l0hbuQB6II7QIAAACEUgAAAAxoAQcKAGULBn-rRLEgDqw_oW9XxzCUqpb73ETbXpIzCcG18IUuOTnvTRp2xwLx3NZ4gCq31q6rzEVqqsBPMgsgtTRPnqkN4F4YcCe2YkYnH6LBhY6-szmNacfhTKBu_kcuJIUg7ZZRPRKHFZkCdAAksYWpGEorT5wBO6-bvYVAt4uVSByDpcC2OxM_3_QPRVsiRgX_W2N5RXaMWWwpvoxD-7wTChLVbq0XT5tRGT49X7az5QPUQREzKNXoCRiU06q3bjTBo0-IVp1wDThhWRLv9hmS3mKCFNePgs5TjfQSGd_19u68IkM9Mlp8S4zSya0hQjTGEpDoo_XKVw7BpiKfxlc3Wtd7z2s05_sdx_ONJnciJpOjyJu6BBJDioItq5KXBoxO61ergGO4A8Kd6oemTP0QHE9SDk5Ix1HUWKdM0FI_goqri2o9XCVFMSDChVwWh5p_3_3ELQWYInAB5AjFmC0YClm3z9KMj-n4GvNbynhBP8UJCbuXYnRfay6OSnZ7sT9Mxl8olDTklt898I_f519e8l2EeqV1BZHdO4AL9Ec7iMBUbe4ZWxXvmtqAySPAGU1MEc8wS4D5PPHxENIgM-62QtfStMQQdutRtM_lKlNohm0Ep1X4UWygMmcxrUdSF_ONH5iVoiseG9h-1xqPynnU_ntzBI_6X7GL9TKGu-2jmfa-k31Uu3yPq7CqNiu20K1VReB5NNTnneKX-jiUVaa2MzhVED6eLE7RnngKUF55Mm2FwjQsifVZ17RO3kfYFvuBia-ePq-kPz1-BZHHYD9sKYIk7t3TbAPi51UyjT6M1XdV-q9jIqjJ6yhNvLYD7IveEahrG-CWpiYdSOWoRDPXBjrDyaWBNWcK5ZEbz4ixonh485-LXOvIQp9HSzY4ZxFRbFTqJFh5DIbSCUZ45k2y_9COkkOybEZOjfnvIWYoDddhTpzT6bd_L7khnfm3JBtp93-k6Cz85uSgQY7MzTM
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ntdvn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 17:49:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.update.mediamathtag.com/2/2.22.0/619621/ALlDB4oJEPLXw0uG/ Frame 4BD0 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.22.0/619621/ALlDB4oJEPLXw0uG/postback?ac=651871&ai=216536&dt=6196211556140246740000&si=1007617995&dm=728x90&pv=e078d641-5679-4654-9245-b48316e6304d&de=43003&r1=2a01%3A4f8%3A192%3A%3A&r2=&pd=avt&ap=&ti=3882117385595560503&r3=&sr=4&cr=6622332&c1=4562306&ci=619621&di=https%3A%2F%2Fwww.ntdvn.com&ui=5d403d11-388c-fcbb-0000-000000000000&pp=pub-2450194731637417&sid=ALlDB4oJEPLXw0uG&oz_sc=7e12c8ecaeaba0ddb17f3d96&oz_df=1629308979086&oz_l=1155&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.22.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 18 Aug 2021 17:49:38 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.mediamathtag.com/2/2.22.0/619621/ALlDB4oJEPLXw0uG/ Frame 4BD0 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.22.0/619621/ALlDB4oJEPLXw0uG/postback?ac=651871&ai=216536&dt=6196211556140246740000&si=1007617995&dm=728x90&pv=e078d641-5679-4654-9245-b48316e6304d&de=43003&r1=2a01%3A4f8%3A192%3A%3A&r2=&pd=avt&ap=&ti=3882117385595560503&r3=&sr=4&cr=6622332&c1=4562306&ci=619621&di=https%3A%2F%2Fwww.ntdvn.com&ui=5d403d11-388c-fcbb-0000-000000000000&pp=pub-2450194731637417&sid=ALlDB4oJEPLXw0uG&oz_sc=7e12c8ecaeaba0ddb17f3d96&oz_df=1629308979259&oz_l=2509&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.22.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 18 Aug 2021 17:49:38 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame 4BD0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstD0kPGM8d7uNAdRnyilT-ZAaH_A76toF7lmHcrh8Bq1fkNjSq9MjJnYs7B8yJjlAg658O-KPWp5kHWh2-HorT8o6SBmvvP9g&sig=Cg0ArKJSzPJl6GESbu56EAE&cid=CAASF-RoE8kDRcX7u67wiOS_GVaEFLtNV5xj&id=lidar2&mcvt=1000&p=178,436,268,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210816&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2052768845&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629308976911&dlt=657&rpt=1446&msd=0&r=v&speed=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 17:49:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.update.mediamathtag.com/2/2.22.0/619621/ALlDB4oJEPLXw0uG/ Frame 4BD0 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.22.0/619621/ALlDB4oJEPLXw0uG/postback?ac=651871&ai=216536&dt=6196211556140246740000&si=1007617995&dm=728x90&pv=e078d641-5679-4654-9245-b48316e6304d&de=43003&r1=2a01%3A4f8%3A192%3A%3A&r2=&pd=avt&ap=&ti=3882117385595560503&r3=&sr=4&cr=6622332&c1=4562306&ci=619621&di=https%3A%2F%2Fwww.ntdvn.com&ui=5d403d11-388c-fcbb-0000-000000000000&pp=pub-2450194731637417&sid=ALlDB4oJEPLXw0uG&oz_sc=7e12c8ecaeaba0ddb17f3d96&oz_df=1629308979411&oz_l=1219&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.22.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 18 Aug 2021 17:49:39 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
log_event
www.youtube.com/youtubei/v1/ Frame 53F1 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/oN1euF-DvBQ
X-YouTube-Client-Version
1.20210811.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
Cgt3dzZ5YVVTWTgzOCiwkPWIBg%3D%3D
X-YouTube-Ad-Signals
dt=1629308977272&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C804%2C400&vis=1&wgl=true&ca_type=image&bid=ANyPxKpy0lRWipiyB69efzqpa1me3d-8LOGg54UNbzpJefS1iy12D798ZX0JbpufLy4EvyAcYhMJAeUOMDoIRvmtZsySe26ZuQ

Response headers

date
Wed, 18 Aug 2021 17:49:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Wed, 18 Aug 2021 17:49:39 GMT
viewability
hal90004.redintelligence.net/ Frame D71C 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/viewability?s=48948700138744800951389011690004&a=26cd87bf&vb=v
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=48948700138744800951389011690004&a=53aff7f4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal90004.redintelligence.net/request_content.php?s=48948700138744800951389011690004&a=53aff7f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 17:49:39 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
postback
s.update.mediamathtag.com/2/2.22.0/619621/ALlDB4oJEPLXw0uG/ Frame 4BD0 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.22.0/619621/ALlDB4oJEPLXw0uG/postback?ac=651871&ai=216536&dt=6196211556140246740000&si=1007617995&dm=728x90&pv=e078d641-5679-4654-9245-b48316e6304d&de=43003&r1=2a01%3A4f8%3A192%3A%3A&r2=&pd=avt&ap=&ti=3882117385595560503&r3=&sr=4&cr=6622332&c1=4562306&ci=619621&di=https%3A%2F%2Fwww.ntdvn.com&ui=5d403d11-388c-fcbb-0000-000000000000&pp=pub-2450194731637417&sid=ALlDB4oJEPLXw0uG&oz_sc=7e12c8ecaeaba0ddb17f3d96&oz_df=1629308983789&oz_l=128&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.22.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 18 Aug 2021 17:49:43 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.mediamathtag.com/2/2.22.0/619621/ALlDB4oJEPLXw0uG/ Frame 4BD0 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.22.0/619621/ALlDB4oJEPLXw0uG/postback?ac=651871&ai=216536&dt=6196211556140246740000&si=1007617995&dm=728x90&pv=e078d641-5679-4654-9245-b48316e6304d&de=43003&r1=2a01%3A4f8%3A192%3A%3A&r2=&pd=avt&ap=&ti=3882117385595560503&r3=&sr=4&cr=6622332&c1=4562306&ci=619621&di=https%3A%2F%2Fwww.ntdvn.com&ui=5d403d11-388c-fcbb-0000-000000000000&pp=pub-2450194731637417&sid=ALlDB4oJEPLXw0uG&oz_sc=7e12c8ecaeaba0ddb17f3d96&oz_df=1629308985473&oz_l=324&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.22.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 18 Aug 2021 17:49:45 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_gid=CAESEItheCkMj-U2NnWvliJ-LWQ&google_cver=1&google_push=AYg5qPJnCVJNbKcebLERg3ek8w6PqJqik9oZf2HDa-SQEwJvySfWqGbFxsYtLnxiqeIxY6Ng-H5f2x-6Lz8grlERrYJylnwyD7po
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR1IMYnQqpAynOvC9Vq_xQAABJIAAAAB&google_cver=1&google_push=AYg5qPKbRloGU63CgaizFLaXPNpQfQxTeTy2qhsCwtr81RJHpYP3ajiI19omzJw8Jo6_050MbIWGt3xEZGImdG14-7lAs976-t8&google_gid=CAESEGeBsOnuHfb_7813MYsYUfg

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb number| google_lpabyc undefined| ntd_primary_category undefined| ntd_user_id undefined| ntd_cat_ids undefined| ntd_term_ids undefined| ntd_all_term_ids string| ntd_cat_names undefined| ntd_ads_term_ids undefined| ntd_post_id undefined| ntd_author_nicename undefined| ntd_author_name undefined| ntd_primary_category_name undefined| ntd_tags undefined| ntd_tags_slugs undefined| ntd_publish_date undefined| ntd_last_updated_date undefined| ntd_word_count string| ntd_language_active string| ntd_page_type function| $ function| jQuery object| pending_sections number| section_threshold number| timerStart boolean| more_loading function| ns_is_bot function| load_mailmunch function| check_sections_on_scroll function| add_lazy_load_section boolean| didScroll function| eet_back_to_top function| ednBidders function| epochGUID boolean| windows_focused function| eet_entirepage_cover function| eet_remove_entirepage_cover object| jQuery111305970295000177797 function| jQueryBridget function| EvEmitter function| matchesSelector object| fizzyUIUtils function| InfiniteScroll function| imagesLoaded function| loadVideo string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaData object| googletag object| GoogleGcLKhOms object| google_image_requests

9 Cookies

Domain/Path Name / Value
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 8d391c003638a09c
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: ww6yaUSY838
.doubleclick.net/ Name: DSID
Value: NO_DATA
.youtube.com/ Name: YSC
Value: cIPjd_jqveE
.doubleclick.net/ Name: IDE
Value: AHWqTUlJwGlyXMFsseeS1HtLRamEB-C7LR08pr0xJs1Lr1KdIhJNsX6ZZFzABlK8LOc
.ntdvn.com/ Name: _gat
Value: 1
.ntdvn.com/ Name: _gid
Value: GA1.2.548797216.1629308977
.ntdvn.com/ Name: _ga
Value: GA1.2.737564294.1629308977
.ntdvn.com/ Name: __gads
Value: ID=24dafd9aa490dd19-221c48eea4c800b2:T=1629308976:RT=1629308976:S=ALNI_MbCEsNfIDznq246bAY8Pid7YGwdgA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
adservice.google.com
adservice.google.de
as.ad4m.at
assets.ad4m.at
banner.congstar.de
cdn.contentspread.net
cm.g.doubleclick.net
cms.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hal9000.redintelligence.net
hal90004.redintelligence.net
id.rlcdn.com
image6.pubmatic.com
img.ntdvn.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.mathtag.com
pixel.rubiconproject.com
prod-rtb.ad4mat.net
rtb.openx.net
s.update.mediamathtag.com
static-de.ad4mat.net
static.doubleclick.net
static.ntdvn.com
stats.g.doubleclick.net
tags.mathtag.com
tnews.to
tpc.googlesyndication.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.ntdvn.com
www.youtube.com
cm.g.doubleclick.net
104.111.239.217
138.201.63.116
138.201.84.244
142.250.181.226
142.250.185.230
142.250.185.66
148.251.139.77
185.29.132.246
185.64.189.115
2.18.233.201
2600:1901:0:76b9::
2606:4700:3031::6815:1b05
2606:4700:3032::ac43:aa7a
2606:4700:3033::ac43:8bce
2606:4700:3034::ac43:c7b9
2606:4700:3039::6815:c052
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:800::2002
2a00:1450:4001:808::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2006
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c04::9d
34.243.93.43
34.98.67.61
35.186.253.211
35.244.174.68
69.173.144.165
79.137.68.187
88.99.65.215
99.80.199.35
02b2a2588c1b746015dc476bb9f03e95f484cf5d04c08da91aacc5d93ed3445d
02d4e512fcea3f328df5ca0b8afb1bfb4db2dad5287a2cdf2898d3e212955710
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
04b7f240ef7f9207e214045ea495614c67da8395a03067c1d35655b3d52de965
0648f74bbabb9eb458c13abc289fc92ac8403b0608ffef65ee10c962bb1a9aa0
089762a726dbe29f6e31c628006147d47e62795b9bf2286e6f809b19b9d2fe00
091d0d2297eafd7c4f3cf2a5b009e3ac9830ea24780ac19b6be083176c6e870a
09c92cef10bdc1690b2323e472ba8987568a95e8a5e7443c80de18ea03948167
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d615eb5efe257347c31a3ce6d849b0327041794db2bb673e19c3114e60dc45f
0d8a97d71bef6a726403c106e01edb04ab21a2736a571dc99e21ed42659d1c8a
0f00ae9265e9a74813be89c212e21eb3c2a661e6520f6717ae1ecf5429596e3e
118877f98267b7f0b77a73f3ae24d9a21da2ae725adc3617bbc1c5de2069ad74
12449dc369d5084b5b444ee02cf9b8db456acb6533597241f08479cda054c44a
1301c8f30023f371f477ce1fa04baa572e040af5cdf123b9b7a59ae7536e2a26
137bdadd875cc13a2fd1fedba8caafe72fb14e7fa3418504763bba06bf27f500
1396d061ff29a31491b62aaf41b036f2f8d357c18227ff1e9c138161d54512f2
13d4bfdaaeb04ee183e6abe5d7e4af7b0f7f89b2590776b08b5a6478f90f5dc2
15986027efbcc2bc0d5c0962cfa6180c5484223ba4398a347f8c9bd1180c5376
15cbbed1745f6608abd3b19784d7204f5309de11fc4a0ad57d8f297b61d7ce6b
177db823d550ebd17c6fb84fa40866d99a5ae072a5074671562b9a5ccbe936a5
179a3ca9e79ab3b1870f06abbbd744a25905568b7bc0a5969b564f257ef9bca0
17f288547da69e9bb62ad55c183d04ea58d4e09bd0c1112af6a05ccbe21138fe
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c45bfa2dc80f54eb8564aa778a0929a00811168617ee6340cc59f0af48e5cca
1cb30902d33189d5797695ed5411955640bee296a0e0aa9b1fd8568226e8edf6
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d4bd2b568f7e3e1cf697e49f4ffb3c32d6a397b0e913dc8d15d91a30fd0c3de
1da22ba07444d4be9e1573e45347baca9d8276b75e401ca5d6e2942111e208dc
1ec9c46d8ae4ec8855206f142ab0bc501b765a5fb254accd3fc65e9553014446
228e124c882a829bd3011cf1e3a2c4df69ed58ab5568135903870f3363a0b382
27ee9a3aebbb8539c143c7b20f348c542f70b9776c612d31dc056c36bd464d8f
298ee57933f8bc6cc69272f7c1ca4b0622fb1081001a0e734d9084436eea8fc3
29ecdad75d8d33cec7ac13c8b0b764124e8734219f27477e8ffa65505afd24ad
2baaccba2384df8456290558b99703916b6c71a277f637ed10f974d41f71c4d0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ee2f22b84a7ea04898e65db094c2d9974c855eea2bde9007e52a418bf69a884
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30b84c65a0d153a7ae68397ddac7a1693ab840b5195cc072df86e70124845c8a
314eef6eac81bc65ab4191f7600268b8f30e50b1bfbc984086fc6125b3a1a0db
32a0d1430bf56cf653f34d12497867635a23bc5b2034ff6b2a32fb3d6cef2fe5
3785a2f88b05620ec8b5f9edba998d9534e29f5997808136d58b181b6f606b7f
379587f0cc0fe0137ff92ac3ee3671dd1f90119e17e269e26a807a9a668642a9
3a8e58a70a333b991a2a6c565505674c1b4f5abb030d0a58f717d5314e5b9f14
3ce997e9c3230b5354ed1e9b282351f8c62b131ed221b88efd53c7893518bc74
3df3bcc87477129a30c67cd7ce35e10829aa36580982059e68c0bfb771b13f7f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ef1b310a2f53613ae44db626e6019858aecd973b7ecb191d01ba5d2b71f8b55
40043e4c57e34f40de98512dac30eca26b1c0bbbff0b4f01c24892cd5936f2ed
4236b6cc84920f8d5cf223c9134b9aed1c77e0c6711c5086a3a35ea65a05394a
430f384b0fc496d9650c747cca458a7eae062530c718aa7a896d99031fbbae8d
47f5942b0ec08063b475986bfbb1f3d17c985de9d2c1ea89fcf7804f37d2b62c
4891090ac1abac97790ab9bbca0f6b9c17741e2f7120aafc7ea6abe49ed3f840
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880
49706eaca3db2b8722fc2d501b2eafc8d59fffff33ea917e9f160183027d1021
4a650e09c50002fcbae447daea53469f4af6736af40e8af75ea4bcdb904c987f
4ea95d1c32d3a592e1a42a640a117feb51856b48d83ac51a8457733ba3209cee
4ee648f805dc6115914008e36842d9f7267a561b2f25148b93424facc3a5d579
4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
53f05baa07bd23ca5b8dc83bd2bc53279a065c8e87d4494762da0f4d84689bd2
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54c03fd122c538755a0ba5693489f43c678f528ae52231c46f39757c375d2509
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55b6e8b439d9c4b41a763b791e79e1556943a0f5bdb4181ed704841c8fc043ff
59f8f2d8fbfcb1d251c9bd87c0430adc01adb58653fdfeebe21f80306078702f
5a2bb200626b2805b3892dd121444578e6750a242b8ebe2d08f0a755b2a5a47d
5db063fc152724d1ff031526a2dfb96164cddde29a562b8f3a0661b3ffe724f7
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5fa29c85929d723b2df611a589c69d7097ae1b275b90e10c2335d43cf40c7bc6
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
61fe4436f1d882b3acd98fb2763984bacd382664582f4918647b89894f46b871
62cdccf1ab4b4215586295612a4a2ef96fa490250fa96dbccc565f659cab86ab
6432ce6596eeb892678c4bec3178fb62726458c66f9d848017aa0210a83641dc
657dde2ad22867d13a9fc2cd3bed88fe896960c1bcc2a645800d54e5934f7ad6
66dc2800e35dfcdd4e20458476f16689fa825ae01ebacda8377c092d6960d8c7
688d38333f72c74715eacf2ca4470a5fdd17743acedad2004ec25e30246daed9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c96cfa757ad3995a799857326d1dce5d543f8e26f50bfdf49d714b964ff04dc
6f042e284c81166363f919f5d21d97886912bf7c2f6e6cc3cf24b61652118bf2
7086c8fbde393aff09aeef281df4a157761dcd1bab02fca0f7cb640858476e08
709463cfc4344dbc844afbe0c08d73f543703e481503c0e9ce1cee5c9cee5834
713076d30f8a759e35fed822f1d9c36e5567ca8b3d3a932fb7e5c6cb6ad5bcea
727167c795391944b3531c55ded2b13305306079ebf4f463fb16dc51effa8639
737c7847d238900b00d42f6662200b1276f625c369277a5b4e43c4b177775233
741878724ddd1e1f8b39d14ff10e85f508fab71efe4152eb665da7854f060e06
783f32f52abe645f5419caeb601acbe0fa1b180303a6e0ce4114090653a84e50
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7c111ea9d271dc5fde24b92f119e38b125fbff7318628b3b73333bf13339b312
7c67dc1e9ecce0d3757d97792fd606effaa6fe799ebe7423aff81e26e07900a1
7cdc13e4625ce72c544c572eceb03909a63e2bf3ed42bc7bd6e535db7ea070ad
801130e576fff3b06e0ca9ddc010bab5903c3ca4398a2c50e0f37a81e42ad4af
8011ab6a5dee450379c6aebe54988321ddee435d63026846cbbce702ee317d6e
810f57211b038d5b7e224c5ce7689684a91844e2e53456fe6a7161a898a5aa46
821f43bfadb01bd1e170bff82048fa32f254717d9a13972a91430084a009f38f
8410e5474988d7826c0fd7f5d1fdaff540a3a4d010131081816b08173dab2e3d
8480d50f193623028d83907e2155ef3913646ac9ee2216dfdbb55f89f4889b49
84bf8bc9293fab7f4618f6270c2f7d082a6a58c23babbbca2a976dca2774e6ee
854a4596aca3c053e6717fb8e4ad6ab4dd88dba7cc8178383455306203bec31f
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
8754747636ade2217fed2f96eda7fbba464c91f5eb3eaf8a83376186247212ed
87fe739c2ae823f9102cd70cc980a8f68f9a4cc48561299a4129040f12cd203c
8a90813295a103e36ba72680ba5ef5723cd633457c3213ba1967d4493fc7af45
8b8104321aaa7fed4bafbcee5d6bde427452cbe81764061b384f57e97324fb78
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8da32af77026023e902dd9fe5612041380d371b1703ca79f49fadd43091f28d5
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
9655134b1e55fbac489d5b55aea93fee02bd607d3f057dcf1a0e7a47e73bb7d2
969231fe165a93933d6908d45bfa09c364b66de37160efea47d87d18d7d37bd8
97184116fd01e7e2c8545e8509fa9a9c4553ac12fd3afb066422fb184f6a056f
97619d82ee3e0bc0bc5ee483abe804faeb6eea8ea9f6e6dd894e96337375ff11
97e63fb87792cc65dbf0677d7e1c40f8d74bb006ce712cec587ed09e48a3ba1e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af61391a1f855f30858a3cc954c1f3829f8d00a0f068718681ec4e6019ce7a6
9d184e59f58a5364c407b375318c9ee794d4ab5ff8bd4768f28e60f7c7c2b5cb
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
9f6f0d796ca706140d25f4564c32a28623f666560a7f047a3aa0639ccf32ef9d
9febddc29c41bc2f862933b50d382791188679e3f1ee91ca624283cc3824e65c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a10ba41e037808267a5baa01e798106fcf61b55467377160511b7126ac14b5ba
a313c78a8bd0809b168e8a4968d71fb46814051510b5b140edabaf5ec25749e9
a433847bde5e554fce0a610ec8e3c4c4b8ab505cd3cb6823975bb976abdf801e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a57ea97ad579429d53379a7524d7605380d9f65596bccec1ef2143418e879ed8
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a7bf67883867f93d08cbf4eeac0485e641cb9e5b123e18bef046b7c706cffd28
a7cd3032aa557a1215138c9bc5e35f6e2cc3024f6d5d2a4c095d745efc36d103
a84ffabdd498cd0bbd960a2c2b1845a65113bd6bea00096602e47ec8f87fd122
a87352099e9b3946d71f4f73c69f9217ef99278088a177d5eef09df78c11e4ae
a96330ab20f65b17d2c15f9299b3ae0519a750931decbd6fec658d7d95aab266
a9995890adfe6c6d117c0774fa1a895fc5588115ff7712b1838e059aaf6f5953
aa2ad03382ac1deeb0563daff928186221ad31b8b18973707002086012050ac1
aa96bf72169c55036ea055601417a034f10ea6512932a5c31a7a98dfd278b1b2
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
ac9bd65854317ee11d9b28ee6ea2ab6ae635177f188367808899d8d38e38a0b6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b00176dbbd9e4c77629b36fae58d076c8c3b55754e7c2dd3a6e4986e7ec9c37b
b0bbb51565e7cd478b237452e01ba0ee1325cf0c6c3b27e3df149a446ce3d8e7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15ebc0f5948f3292fd29ad83470b58b086212573f3b8a0f850170178c60ab8c
b3535176b949637f0f2d5acdbea936d3cce61f243ac110982926da9fa042ea18
b36fadd1ad89a073e345baae2a7a4732f3a37739b7e711b8baf7b81ba93c0a60
b38ba34476a59b03523186b174fef5fee66fa70e841b04d2b3e30f68151ae104
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b983b4c2913575f2bbc339eeeb07fe0d318a6dc77a6dd08844f27b2740b3ef73
b9f810990ae9c4ccaf7d64b6897d11ab5911736c9b8c77a12e5b5d47c88661ed
ba074a4b6f4560c725b2b2bba85ffdcd116d12743dd443686b6ea3a4747fa397
ba22e6bca589196ae649c773967e97e99a580bf8f5166db28d4bb90393b50d8d
bac4ae4a0f2fb1f7c2d113a2a0e5f4a11fe716ec872fabd173090e155533bb37
bb6f911e211ba9bc3e2b0d874a252037e11ad2733fa853af437b0061fe99771c
bc4198cf4a08877bf2535ce9b8cfeab7c965904e326756706b4be8b46354e010
bd36ab2617222870a52de4bf76d72dd191f08d19509aba36a0e40be407986470
c08cd4ce86222eed6272d4caf54b02daad63167f7ab25f05564e7025a225b69b
c1c58703ed5414b6cfacddb4762b447d1f7c821ed8a31c7cf1272d15c4d75e44
c23716521f1d0e826bcffd331feb2e401d2cc71727e423eea02b675d6507d12a
c285512007ce35f8c6bc683cc8e1675e3fae79854e5c5a28bd533750678e5c5e
c28b311a74e98d05b835faecbb68784dc415e2c8120d50e08da6b5d2b81e5243
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c83e3f88a307d4a148d50afdce2d3d7027183e737ffac14416572ba0c221ca51
c86f91ddf9d37a4ab61979b84a3e482f36650c3cef93955b65f0d0aa189b798c
c96d1a7cc3982d5c4bbcf5f9936ebad3c57471711a6986edc9ceb2449074ef45
ca2f57158fbd16a031dbea5c9a7df58c8691f57ff5c6e398cffcf91b2a2a47e2
cb0d709906ae03ee405aa0270235921ba881289489b042c0ec25365fc03e83a4
cbe86c301b83fdd8d6b89b2d2e99992d20d0cd4612f07e15b50fc7b3d2c6f784
cd5bf490f3a19c613028d3f94b4523a1eb4dabf65ea755ba57ded84c5276e7eb
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d14cb04a1c972e433dfbcf95a767ff96cc242162a867ef6f5ec371f0f335b5f1
d587b6f30cd43b25852b6b71d76313e52fbf1555b320b97666c8f99d2ac0d386
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d65c2a0b803f372f0293d0a7250751580d8f49f3184b96c48a7d43818d3620d3
d673ce37e5a9d0f47da19bedbd33c169d7ebd64a6050f08c3302c8940ad61558
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7ea26b93c08451c3b36edf3aeed10447fcff13d7cd7fab7a8b9284d6af53185
d7eb3c01aa21ee3b3405187b680091d440a1130874fc283585ad3709d9a9e35a
d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86
daefa16bd864b625800710e62bc89acfc1021c805d09eb668e90153da2ac0485
dc6fabbe945cb8c2f8b177dd5be4db4942d036f4c4ecf0e8f1cf6e561249296f
dd45d78a8d809985739cee4bd27276157a2b7e7dc4068156a22fa922b6ee00bd
ddc61750d03a0364ca8c12fd03fe150dc85f21a4a1d34570f80a6b44e5530192
dded4819704325eafba1a1a2c3bd001f904398471ec56b12acab0529f7d5c05b
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df5891167d980572dafa9a467f80a71e939cc7c0ba128e0faa7d839bd918df62
df7c1b67def40a82d34fc516079ad723ecff96c61b89163aec3a8b9ef7532cbf
dfde80c9ab95f03320ba0435e800f93f7e29c065f6e2a743b1fbec99499df542
e00413cff2499688479afcde77e7d7d7618ff3829973ee1c9326073a4223d3a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51d6c3e2b21860845aa23c313e630413983972bdfda350f16b4899f695572ee
e55902772df84c01a942989eb2f7b55e417d68d23d85bf29ab8857e2aafd8718
e57fb58599f44e7dfca947ae1d6477e46c693a14ef57e9fc12f00db0ef5df9bb
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e90bafa11e4fee5a8207325b1182d2ac132ba89b0e9c23f04445b782e11e6a83
ec12aba0ce096d1f1f29b67ea7fd0556b1cfb5204efec0438c64687eb9fc651e
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eedf3921b6e248fbebcea1cd6528b321788dc87c8d45cd24be5bd6ae0481780f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1
ef2acd8e005986f8882db5b12c6cc0f7975a8838c65e3c109f9ea0e9ce04a134
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54
f3bb8b08d88d8c2aecdcc22d44304bb5011631ed25f7b92ef36e834392cd227b
f3bcc91717e19bca3c731a25f245b1c944546ef6bd3add866ce5bb562cab16e7
f4055e1f9d2f611fb064dec3039bb11a6355683a1c61b9865edb8a7f8d70b715
f71b0d96dc81fde8be7f62a54112d1a893ae4acbadb11136309451a55456de62
f80702372c2da962b71706e7c228a6d7c5c54a364d92b775eea1aa272ecc13d5
f89c155ac1552683b32e9c77a658e8790e44432477c69a60c0a89e19d2b2abe4
fc46af2cad8f20212ab904619ccc77c2ae58d8e5cf2c1971e957c7b2840ece42
fc7fc1275d37139ed32c3fc4cf9e51fe9e528bcda979017ef6d76e6263780285
fc93e38bc18f1e34d552ab84de1c13ef1f081ef7dc5a981e2d140f721f07d5f8
ff3dc3af42534bfdeda0b2f2e1b66b620cbb50f279c600e78f1a547beca60a1a
ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75